Trojaner-Board - Trojaner: fehlende verknüpfungen, leeres startmenü

ich danke dir!

hab es so gemacht mit der 32er version (danke für den hinweis wie ich das rausbekomme, hätte ich nicht gewusst).

und hier sind die files. hoffe meine verknüpfungen lassen sich wieder herstellen.....

first.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-08-2013

Ran by Giannina (administrator) on 10-08-2013 12:04:19

Running from C:\Users\Giannina\Desktop

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Empolis GmbH) c:\program files\common files\gnab\service\servicecontroller.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

(Entriq, Inc.) D:\ax\DCBin\DCService.exe

(Crawler.com) D:\Spyware Terminator\sp_rsser.exe

(Buhl Data Service GmbH) C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe

(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

() C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

() C:\Program Files\Launch Manager\LaunchAp.exe

(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe

() C:\Program Files\Launch Manager\WButton.exe

(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe

(ODSoft multimedia) C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe

(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe

(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe

(Team H2O) C:\Program Files\Syncrosoft\POS\H2O\cledx.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Geek Software GmbH) C:\Program Files\pdf24\pdf24.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() C:\Program Files\DivX\DivX Update\DivXUpdate.exe

(Mischel Internet Security) C:\Program Files\TrojanHunter 5.5\THGuard.exe

(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe

() D:\ax\DCBin\DCTrayApp.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\ipmGui.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4390912 2007-02-15] (Realtek Semiconductor)

HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-02-15] (Synaptics, Inc.)

HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-11-15] (Intel Corporation)

HKLM\...\Run: [LaunchAp] - C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()

HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2006-12-14] (Wistron)

HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [86016 2006-11-09] ()

HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185632 2007-10-08] (RealNetworks, Inc.)

HKLM\...\Run: [TVBroadcast] - C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe [790016 2007-05-08] (ODSoft multimedia)

HKLM\...\Run: [LMgrOSD] - C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)

HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [H2O] - C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [385024 2005-10-23] (Team H2O)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-24] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM\...\Run: [PDFPrint] - C:\Program Files\pdf24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)

HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()

HKLM\...\Run: [TrojanScanner] - C:\Program Files\Trojan Remover\Trjscan.exe [1655568 2013-07-19] (Simply Super Software)

HKLM\...\Run: [THGuard] - C:\Program Files\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)

HKU\Administrator\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Administrator\...\Run: [IncrediMail] - C:\Program Files\IncrediMail\bin\IncMail.exe [ 2009-08-10] (IncrediMail, Ltd.)

HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk

ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\maxdome Download Manager.lnk

ShortcutTarget: maxdome Download Manager.lnk -> D:\ax\DCBin\DCTrayApp.exe ()

BootExecute: autocheck autochk * 
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com

SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 

BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)

BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (SmartShopper Networks)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

BHO: CSolidBrowserObj Object - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll (Solid State Networks)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

Toolbar: HKLM - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)

Toolbar: HKCU -Winload Toolbar - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)

Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} https://account.maxdome.de/presentation/script/HWTest.CAB

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183949065925

DPF: {7BABCBE7-ECFF-4EA0-A344-1DC32458A6ED} hxxp://eu.ntrsupport.com/inquiero/mod/setup/ntrplugin124v_30.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} hxxp://www.playwhat.com/solidPlugin/solidstateion.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553544700} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553545000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msdaipp - No CLSID Value - 

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default

FF SelectedSearchEngine: Winload Customized Web Search

FF Homepage: hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13

FF Keyword.URL: hxxp://mystart.incredimail.com/?loc=ff_address_bar&search=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprjplug;version=1.0.2.2910 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - D:\amazon\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF SearchPlugin: C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\searchplugins\conduit.xml

FF SearchPlugin: C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\searchplugins\MyStart Search.xml

FF Extension: No Name - C:\Users\Giannina\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

FF Extension: BrowseToolE0191 Community Toolbar - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}

FF Extension: finder - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\finder@meingutscheincode.de.xpi

FF Extension: No Name - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

FF Extension: No Name - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)

R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH)

R2 Prosieben; D:\ax\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)

S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)

R2 sp_rssrv; D:\Spyware Terminator\sp_rsser.exe [496128 2011-05-08] (Crawler.com)

R2 srvcPVR; C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe [1600512 2007-05-04] (Buhl Data Service GmbH)

S3 SureThing Labelflash service; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [74392 2009-03-17] (MicroVision Development, Inc.)

R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)

R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.)

S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)

R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.)

R2 WSWNA3100M; C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe [307488 2012-08-16] ()
 

==================== Drivers (Whitelisted) ====================
 

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2009-07-29] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-02-27] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-02-27] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)

R3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O)

S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )

R1 Hotkey; C:\Windows\System32\Drivers\Hotkey.sys [9867 2003-04-28] ()

R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2009-07-29] ()

R2 LMIRfsDriver; C:\Windows\system32\drivers\LMIRfsDriver.sys [47640 2008-07-24] (LogMeIn, Inc.)

S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [277504 2007-07-05] (Realtek Semiconductor Corporation                           )

R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-07] ()

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2008-11-10] ()

R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [142592 2011-05-08] ()

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)

S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [367616 2008-07-25] (TASCAM)

S3 TASCAM_US144_MIDI; C:\Windows\System32\drivers\tscusb2m.sys [18944 2008-07-25] (TASCAM)

S3 TASCAM_US144_WDM; C:\Windows\System32\drivers\tscusb2a.sys [33792 2008-07-25] (TASCAM)

R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)

R3 WNA3100M; C:\Windows\System32\DRIVERS\WNA3100M.sys [911464 2011-12-30] (NETGEAR Corporation                           )

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [x]

S4 LMIRfsClientNP; No ImagePath

S1 mailKmd; No ImagePath

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-10 12:02 - 2013-08-10 12:02 - 01230570 _____ (Farbar) C:\Users\Giannina\Desktop\FRST.exe

2013-08-10 12:01 - 2013-08-10 12:02 - 01230570 _____ (Farbar) C:\Users\Giannina\Downloads\FRST.exe

2013-08-10 04:10 - 2013-08-10 04:10 - 00103680 _____ (GMER) C:\fxtcypow.sys

2013-08-10 04:08 - 2013-08-10 04:08 - 00377856 _____ C:\Users\Giannina\Desktop\luht337n.exe

2013-08-10 03:41 - 2013-08-10 03:41 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Giannina\Desktop\unhide(1).exe

2013-08-10 03:34 - 2013-08-10 03:34 - 01579819 _____ C:\Users\Giannina\Downloads\unhide.zip

2013-08-10 03:14 - 2013-08-10 03:14 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\TrojanHunter

2013-08-10 03:13 - 2013-08-10 04:09 - 00000630 _____ C:\Users\Giannina\Desktop\unhide.txt

2013-08-10 03:13 - 2013-02-02 20:48 - 01652206 _____ (kany.ir) C:\Users\Giannina\Downloads\unhide.exe

2013-08-10 03:08 - 2013-08-10 03:10 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup.exe

2013-08-10 01:04 - 2013-08-10 01:04 - 00047098 _____ C:\Users\Giannina\Desktop\AVSCAN-20130809-183814-EBEFAF93.LOG

2013-08-09 18:25 - 2013-08-10 03:09 - 00000000 ____D C:\Program Files\TrojanHunter 5.5

2013-08-09 18:25 - 2013-08-09 18:25 - 00059392 ____R C:\Windows\system32\streamhlp.dll

2013-08-09 18:25 - 2013-08-09 18:25 - 00000886 _____ C:\Users\Giannina\Desktop\TrojanHunter.lnk

2013-08-09 18:25 - 2013-08-09 18:25 - 00000000 ____D C:\ProgramData\TrojanHunter

2013-08-09 18:24 - 2013-08-09 18:24 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup_5.5_Build_1003.exe

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\ProgramData\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Program Files\Trojan Remover

2013-08-09 18:18 - 2012-06-15 16:35 - 00185616 _____ C:\Windows\system32\ztvunrar39.dll

2013-08-09 18:18 - 2012-06-15 16:33 - 00605968 _____ (Igor Pavlov) C:\Windows\system32\ztv7z.dll

2013-08-09 18:16 - 2013-08-09 18:17 - 23334896 _____ (Simply Super Software                                       ) C:\Users\Giannina\Downloads\trjsetup_688.exe

2013-08-09 16:41 - 2013-08-09 16:48 - 00000000 ____D C:\ProgramData\FC1E57B12BEA94850000FC1D5B9A9B50

2013-08-08 12:26 - 2013-08-08 13:07 - 00000000 ____D C:\Users\Giannina\Desktop\cat

2013-08-07 15:18 - 2013-08-07 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-07-25 13:06 - 2013-07-25 13:06 - 00000000 _____ C:\END

2013-07-14 03:14 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-07-14 03:14 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-07-14 03:14 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-07-14 03:14 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-07-14 03:14 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-07-14 03:14 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-07-14 03:14 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-07-14 03:14 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-07-14 03:14 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-07-14 03:14 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-07-14 03:14 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-07-14 03:14 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-07-14 03:14 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-07-14 03:14 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-07-14 03:14 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-07-14 03:14 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2013-07-13 12:44 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2013-07-13 12:44 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2013-07-13 12:44 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2013-07-13 12:44 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-07-13 12:44 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2013-07-13 12:43 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-07-13 12:42 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-07-13 12:42 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
 

==================== One Month Modified Files and Folders =======
 

2013-08-10 12:04 - 2013-08-10 12:04 - 00000000 ____D C:\FRST

2013-08-10 12:02 - 2013-08-10 12:02 - 01230570 _____ (Farbar) C:\Users\Giannina\Desktop\FRST.exe

2013-08-10 12:02 - 2013-08-10 12:01 - 01230570 _____ (Farbar) C:\Users\Giannina\Downloads\FRST.exe

2013-08-10 12:00 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-10 12:00 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-10 11:58 - 2007-09-06 09:52 - 01395551 _____ C:\Windows\WindowsUpdate.log

2013-08-10 11:48 - 2009-06-26 13:07 - 00065536 _____ C:\Windows\system32\Ikeext.etl

2013-08-10 11:48 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-10 04:27 - 2006-11-02 15:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-08-10 04:14 - 2012-05-21 17:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-10 04:10 - 2013-08-10 04:10 - 00103680 _____ (GMER) C:\fxtcypow.sys

2013-08-10 04:09 - 2013-08-10 03:13 - 00000630 _____ C:\Users\Giannina\Desktop\unhide.txt

2013-08-10 04:08 - 2013-08-10 04:08 - 00377856 _____ C:\Users\Giannina\Desktop\luht337n.exe

2013-08-10 03:41 - 2013-08-10 03:41 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Giannina\Desktop\unhide(1).exe

2013-08-10 03:34 - 2013-08-10 03:34 - 01579819 _____ C:\Users\Giannina\Downloads\unhide.zip

2013-08-10 03:14 - 2013-08-10 03:14 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\TrojanHunter

2013-08-10 03:10 - 2013-08-10 03:08 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup.exe

2013-08-10 03:10 - 2008-11-13 19:51 - 00000000 ____D C:\Program Files\QuickTime

2013-08-10 03:10 - 2008-10-26 20:07 - 00000000 ____D C:\Program Files\WinRAR

2013-08-10 03:10 - 2007-06-20 12:41 - 00000000 ____D C:\Program Files\Microsoft Works

2013-08-10 03:09 - 2013-08-09 18:25 - 00000000 ____D C:\Program Files\TrojanHunter 5.5

2013-08-10 01:04 - 2013-08-10 01:04 - 00047098 _____ C:\Users\Giannina\Desktop\AVSCAN-20130809-183814-EBEFAF93.LOG

2013-08-09 23:05 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing

2013-08-09 22:51 - 2012-05-20 17:13 - 00000000 ____D C:\Users\Giannina\Desktop\cd veröffentlichung

2013-08-09 22:01 - 2007-12-23 16:47 - 00000400 _____ C:\Windows\ODBC.INI

2013-08-09 18:25 - 2013-08-09 18:25 - 00059392 ____R C:\Windows\system32\streamhlp.dll

2013-08-09 18:25 - 2013-08-09 18:25 - 00000886 _____ C:\Users\Giannina\Desktop\TrojanHunter.lnk

2013-08-09 18:25 - 2013-08-09 18:25 - 00000000 ____D C:\ProgramData\TrojanHunter

2013-08-09 18:24 - 2013-08-09 18:24 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup_5.5_Build_1003.exe

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\ProgramData\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Program Files\Trojan Remover

2013-08-09 18:17 - 2013-08-09 18:16 - 23334896 _____ (Simply Super Software                                       ) C:\Users\Giannina\Downloads\trjsetup_688.exe

2013-08-09 16:51 - 2007-09-06 09:58 - 00000953 _____ C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-08-09 16:51 - 2007-09-06 09:58 - 00000948 _____ C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2013-08-09 16:51 - 2007-09-06 09:58 - 00000919 _____ C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2013-08-09 16:51 - 2007-09-06 09:58 - 00000000 ____D C:\Users\Giannina

2013-08-09 16:50 - 2012-09-17 15:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2013-08-09 16:48 - 2013-08-09 16:41 - 00000000 ____D C:\ProgramData\FC1E57B12BEA94850000FC1D5B9A9B50

2013-08-09 14:59 - 2008-10-26 20:27 - 00000000 ____D C:\VST Projekte

2013-08-09 12:58 - 2007-09-06 10:07 - 00102912 _____ C:\Users\Giannina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-08-09 12:44 - 2006-11-02 12:33 - 01472526 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-08 19:18 - 2013-01-28 17:39 - 00000000 ____D C:\Users\Giannina\Desktop\picoftheday13

2013-08-08 13:07 - 2013-08-08 12:26 - 00000000 ____D C:\Users\Giannina\Desktop\cat

2013-08-07 22:24 - 2010-10-22 11:17 - 00010380 _____ C:\fpRedmon.log

2013-08-07 22:24 - 2010-10-22 11:17 - 00000000 ____D C:\Users\Giannina\AppData\Local\FreePDF_XP

2013-08-07 22:05 - 2011-12-01 17:49 - 00000000 ____D C:\Users\Giannina\Desktop\worddokumente

2013-08-07 15:20 - 2011-04-21 16:34 - 00000000 ____D C:\Users\Giannina\Desktop\standard-cd

2013-08-07 15:18 - 2013-08-07 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-08-06 20:58 - 2013-07-06 18:42 - 00000000 ____D C:\Users\Giannina\Desktop\berlinmylove

2013-08-04 21:32 - 2006-11-02 14:47 - 00506472 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-30 19:42 - 2012-04-29 20:12 - 00000000 ____D C:\Users\Giannina\Desktop\bildgebet

2013-07-29 16:02 - 2007-09-06 09:59 - 00171192 _____ C:\Users\Giannina\AppData\Local\GDIPFONTCACHEV1.DAT

2013-07-25 13:41 - 2010-07-31 22:37 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\DivX

2013-07-25 13:17 - 2010-07-31 22:27 - 00000000 ____D C:\ProgramData\DivX

2013-07-25 13:17 - 2009-08-14 22:59 - 00000000 ____D C:\Program Files\DivX

2013-07-25 13:16 - 2010-07-31 22:36 - 00000000 ____D C:\Program Files\Common Files\DivX Shared

2013-07-25 13:06 - 2013-07-25 13:06 - 00000000 _____ C:\END

2013-07-23 13:29 - 2006-11-02 14:52 - 00118899 _____ C:\Windows\setupact.log

2013-07-14 12:52 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET

2013-07-14 12:36 - 2007-06-20 14:13 - 00678896 _____ C:\Windows\PFRO.log

2013-07-14 03:52 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer

2013-07-14 03:18 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2013-07-14 03:03 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
 

Files to move or delete:

====================

C:\Users\Giannina\ElsterFormular2007-Setup.exe

C:\Users\Giannina\spore_creature_creator_yahoo617.exe
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-10 11:57
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

und addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-08-2013

Ran by Giannina at 2013-08-10 12:11:51

Running from C:\Users\Giannina\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)

Adobe Acrobat 6.0 Professional - English, Français, Deutsch (Version: 006.000.000)

Adobe Flash Player 10 Plugin (Version: 10.0.22.87)

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)

Adobe Photoshop 7.0 (Version: 7.0)

Adobe Reader 8.1.1 - Deutsch (Version: 8.1.1)

Alien Skin Exposure 3

Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)

Apple Software Update (Version: 2.1.1.116)

Audacity 1.2.6

Audiograbber 1.83 SE  (Version: 1.83 SE )

Avira Free Antivirus (Version: 13.0.0.3885)

AVS Update Manager 1.0

AVS Video Converter 6

AVS4YOU Software Navigator 1.3

Big Fish Games: Game Manager (Version: 3.0.1.60)

Boilsoft ASF Converter 2.68

Bonjour (Version: 1.0.105)

Canon Easy-PhotoPrint EX

Canon iP2600 series Benutzerregistrierung

Canon MG5200 series Benutzerregistrierung

Canon MG5200 series MP Drivers

Canon MP Navigator EX 4.0

Canon My Printer

Canon Solution Menu EX

Canon Utilities Solution Menu

CD-LabelPrint

Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)

Direct MP3 Joiner version 3.0.1.5 (Version: 3.0.1.5)

Direct Show Ogg Vorbis Filter (remove only)

DivX-Setup (Version: 2.6.1.44)

Easy MP3 Joiner 2.9

FaceFilter Studio 2 Trial Edition (Version: 2.0)

Farbwähler 3.00

Filter Forge 3.011

FormatFactory 2.96 (Version: 2.96)

Free Video Converter V 2.3 (Version: 2.3.0.0)

FreePDF (Remove only)

Glibberkram (Version: 1.00.0000)

GPL Ghostscript 9.00

Image Analyzer

IncrediMail (Version:  5.8.6.4300)

InfraRecorder

Intel(R) Graphics Media Accelerator Driver

Intel(R) Matrix Storage Manager

InterVideo WinDVD 8 (Version: 8.0-B6.195)

Java 7 Update 11 (Version: 7.0.110)

Java Auto Updater (Version: 2.1.9.0)

Java(TM) 6 Update 3 (Version: 1.6.0.30)

Java(TM) 6 Update 38 (Version: 6.0.380)

Kronen-Design 1.77

Launch Manager V1.3.9 (Version: 1.3.9)

LetsTrade Komponenten

LightScribe  1.4.124.1 (Version: 1.4.124.1)

maxdome Download Manager 4.1.300.78 (Version: 4.1.30078)

MEDIONbox (Version: 1.09.0000.00050)

metier 2000 PDF Printer

métier PDF Maker (light Version) (Version: 5.2)

Microsoft .NET Framework 1.1 (Version: 1.1.4322)

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2833941)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)

Microsoft Office XP Professional mit FrontPage (Version: 10.0.2701.01)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Works (Version: 08.05.0822)

Microsoft XML Parser (Version: 8.0.7820.0)

Microsoft XML Parser (Version: 8.20.8730.4)

Motorola SM56 Data Fax Modem

Movies

Mozilla Firefox 15.0.1 (x86 de) (Version: 15.0.1)

Mozilla Maintenance Service (Version: 23.0)

MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)

MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)

MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)

MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

Neat Image v6.0 Pro+

NEF Codec (Version: 1.00.0000)

neroxml (Version: 1.0.0)

NETGEAR WNA3100M N300 Wireless USB Adapter (Version: 1.0.0.19)

OpenAL

PDF24 Creator 5.2.0

QuickTime (Version: 7.55.90.70)

RealPlayer

Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)

Realtek High Definition Audio Driver (Version: 6.0.1.5374)

REALTEK RTL8187B Wireless LAN Driver (Version: Package:1.00.0006 Driver:6.1095.705.2007)

RedMon - Redirection Port Monitor

Roads of Rome II

Sceneo AbsolutTV

Skin Creator

Skype™ 5.10 (Version: 5.10.116)

Solid State ION Internet Explorer Plugin (Version: 0.883)

Spirits of Mystery: Dunkler Fluch

Spyware Terminator (Version: 2.8.2.192)

Steinberg Cubase SX v3.1.1.944

SureThing CD Labeler Deluxe Trial 5

Suyin Live Camera (Version: 1.0.0.3)

SUYIN webcam (Version: 1.0.1)

Synaptics Pointing Device Driver (Version: 9.1.17.0)

SyncroSoft Emu (Remove only)

Syncrosofts Lizenz Kontrolle

Trojan Remover 6.8.8 (Version: 6.8.8)

TrojanHunter 5.5 (Version: 5.5)

TuneUp Utilities 2013 (Version: 13.0.3020.2)

TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)

TVsweeper (Version: 3.0.2)

Ulead GIF Animator Lite Edition 1.0

Ulead PhotoImpact 12 (Version: 12.0)

Ulead VideoStudio SE DVD (Version: 10.0)

Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

US-122L / US-144 driver

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)

Visual MP3 Splitter & Joiner 6.1

VLC media player 0.9.2 (Version: 0.9.2)

Winload Toolbar (Version: )

WinRAR

 
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2008-12-16 19:31 - 00289944 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

127.0.0.1        www.007guard.com

127.0.0.1        007guard.com

127.0.0.1        008i.com

127.0.0.1        www.008k.com

127.0.0.1        008k.com

127.0.0.1        www.00hq.com

127.0.0.1        00hq.com

127.0.0.1        010402.com

127.0.0.1        www.032439.com

127.0.0.1        032439.com

127.0.0.1        www.0scan.com

127.0.0.1        0scan.com

127.0.0.1        1000gratisproben.com

127.0.0.1        www.1000gratisproben.com

127.0.0.1        www.1001namen.com

127.0.0.1        1001namen.com

127.0.0.1        www.100888290cs.com

127.0.0.1        100888290cs.com

127.0.0.1        www.100sexlinks.com

127.0.0.1        100sexlinks.com

127.0.0.1        www.10sek.com

127.0.0.1        10sek.com

127.0.0.1        www.1-2005-search.com

127.0.0.1        1-2005-search.com

127.0.0.1        123haustiereundmehr.com

127.0.0.1        www.123haustiereundmehr.com

127.0.0.1        www.123simsen.com

127.0.0.1        123simsen.com
 

There are 1000 more lines.
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {9D9F35AF-8649-4162-91A2-E1145B10C3FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)

Task: {9DF8EE53-52E8-4882-B995-C0C233C5FAFD} - System32\Tasks\{DD97DE7E-7CE2-4D65-B2E1-0EFDC77361F5} => c:\program files\internet explorer\iexplore.exe [2013-05-29] (Microsoft Corporation)

Task: {D4E26CD0-F1F9-4FBD-8DAC-6DCD4EF21FDC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Faulty Device Manager Devices =============
 

Name: 6TO4 Adapter

Description: Microsoft-6zu4-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: 6TO4 Adapter

Description: Microsoft-6zu4-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: 6TO4 Adapter

Description: Microsoft-6zu4-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: 6TO4 Adapter

Description: Microsoft-6zu4-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter

Description: Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Realtek Semiconductor Corp.

Service: RTL8187B

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: LogMeIn Mirror Driver

Description: LogMeIn Mirror Driver

Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}

Manufacturer: LogMeIn, Inc.

Service: lmimirr

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: WAN Miniport (SSTP)

Description: WAN Miniport (SSTP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: RasSstp

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/10/2013 00:04:03 PM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 00:04:02 PM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:54:01 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:54:01 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:49:59 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: -550
 

Error: (08/10/2013 11:49:20 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:48:50 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 04:11:06 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 04:11:06 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 04:10:51 AM) (Source: profsvc) (User: NT-AUTORITÄT)

Description: Die Klassenregistrierungsdatei kann nicht geladen werden.

 DETAIL - Das System kann die angegebene Datei nicht finden.
 
 

System errors:

=============

Error: (08/10/2013 11:58:09 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)

Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM
 

Error: (08/10/2013 11:54:41 AM) (Source: Service Control Manager) (User: )

Description: Windows Update
 

Error: (08/10/2013 11:50:01 AM) (Source: Service Control Manager) (User: )

Description: mailKmd
 

Error: (08/10/2013 11:50:01 AM) (Source: Service Control Manager) (User: )

Description: LogMeIn Kernel Information Provider%%3
 

Error: (08/10/2013 11:49:50 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)

Description: 0x8000002a6SYSTEM
 

Error: (08/10/2013 11:49:50 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)

Description: 0x8000002a8SOFTWARE
 

Error: (08/10/2013 11:48:44 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)

Description: 2147942402
 

Error: (08/10/2013 11:48:40 AM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am 10.08.2013 um 11:46:35 unerwartet heruntergefahren.
 

Error: (08/10/2013 11:48:33 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)

Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE
 

Error: (08/10/2013 11:45:50 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)

Description: 2147942402
 
 

Microsoft Office Sessions:

=========================

Error: (08/10/2013 00:04:03 PM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 00:04:02 PM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:54:01 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:54:01 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:49:59 AM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: -550
 

Error: (08/10/2013 11:49:20 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 11:48:50 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 04:11:06 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 04:11:06 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 

Error: (08/10/2013 04:10:51 AM) (Source: profsvc)(User: NT-AUTORITÄT)

Description: Das System kann die angegebene Datei nicht finden.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 59%

Total physical RAM: 2037.45 MB

Available physical RAM: 833.08 MB

Total Pagefile: 4312.18 MB

Available Pagefile: 2962.61 MB

Total Virtual: 2047.88 MB

Available Virtual: 1895.64 MB
 

==================== Drives ================================
 

Drive c: (BOOT) (Fixed) (Total:119 GB) (Free:19.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVER) (Fixed) (Total:30.04 GB) (Free:0.44 GB) FAT32

Drive f: () (Removable) (Total:1.84 GB) (Free:0 GB) FAT
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: E5CA60D6)

Partition 1: (Not Active) - (Size=30 GB) - (Type=OF Extended)

Partition 2: (Active) - (Size=119 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 2 GB) (Disk ID: 00000000)

Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
 

==================== End Of Log ============================

giannina

ach so, falls es von belang ist...............................ich hab hier noch den scanbericht von trojanhunter. der hat da gestern ja offenbar mehr gefunden als einem menschen lieb sein könnte. aber die sind angeblich alle entfernt.

TrojanHunter Scan Report - Saved 2013-08-10 02:52

Found malware file: C:\Program Files\Adobe\Adobe Help Viewer\1.0\ahv.exe (AgentZ.2017)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Altes Foto.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Bedingte Modusänderung.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Einschränkung auf 300 Pixel.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Einschränkung auf 64 Pixel.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Schaltfläche erstellen.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Schlagschattenrahmen.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Sepia erstellen.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Speichern als Photoshop PDF.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Beispiele\Droplets\Photoshop-Droplets\Speichern unter JPEG Medium.exe (Agent.11940)
Found malware file: C:\Program Files\Adobe\Photoshop 7.0\Required\Droplet Template.exe (Agent.11940)
Found malware file: C:\Program Files\Microsoft Works\wksss.exe (Zbot.4130)
Found malware file: C:\Program Files\QuickTime\PictureViewer.exe (Runouce.221)
Found malware file: C:\Program Files\Sceneo\Bonavista\ServiceTool.exe (Agent.3903)
Found malware file: C:\Program Files\Steinberg\Cubase SX 3\UNWISE.EXE (Generic.LdPinch.A)
Found malware file: C:\Program Files\WinRAR\Default.SFX (Chifrax.119)

lieber schrauber,

ok weiter gehts. hier der malware log:

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.08.11.06
 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Giannina :: METATRON [Administrator]
 

11.08.2013 23:40:18

mbam-log-2013-08-11 (23-40-18).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 236242

Laufzeit: 8 Minute(n), 13 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 5

HKCR\Typelib\{022C671F-6CBA-4A03-A8F9-3B3A361B235A} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCR\Typelib\{8AD815FC-607B-419F-8B70-D345A507A54E} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCR\Interface\{90F62EF7-58D1-4E8E-BB3E-CFB10BA9E47B} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKLM\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

und hier das adw log:

Code:

# AdwCleaner v2.306 - Datei am 11/08/2013 um 23:54:32 erstellt

# Aktualisiert am 19/07/2013 von Xplode

# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

# Benutzer : Giannina - METATRON

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Giannina\Downloads\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : \END

Datei Gelöscht : C:\Users\Administrator\Desktop\eBay.lnk

Datei Gelöscht : C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk

Ordner Gelöscht : C:\Program Files\Conduit

Ordner Gelöscht : C:\Program Files\Winload

Ordner Gelöscht : C:\ProgramData\Trymedia

Ordner Gelöscht : C:\Users\Giannina\AppData\LocalLow\boost_interprocess

Ordner Gelöscht : C:\Users\Giannina\AppData\LocalLow\Conduit

Ordner Gelöscht : C:\Users\Giannina\AppData\LocalLow\Winload
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Winload

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar

Schlüssel Gelöscht : HKCU\Software\Babylon

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\Headlight

Schlüssel Gelöscht : HKCU\Software\IM

Schlüssel Gelöscht : HKCU\Software\ImInstaller

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{40C3CC16-7269-4B32-9531-17F2950FB06F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{40C3CC16-7269-4B32-9531-17F2950FB06F}

Schlüssel Gelöscht : HKCU\Software\pdfforge.org

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33043B66-A18D-4AED-85F8-A0B274F1BE3B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{40C3CC16-7269-4B32-9531-17F2950FB06F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Schlüssel Gelöscht : HKLM\Software\Conduit

Schlüssel Gelöscht : HKLM\Software\Freeze.com

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40C3CC16-7269-4B32-9531-17F2950FB06F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{33043B66-A18D-4AED-85F8-A0B274F1BE3B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar

Schlüssel Gelöscht : HKLM\Software\pdfforge.org

Schlüssel Gelöscht : HKLM\Software\Winload

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{40C3CC16-7269-4B32-9531-17F2950FB06F}]

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16496
 

[OK] Die Registrierungsdatenbank ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [3872 octets] - [11/08/2013 23:54:32]
 

########## EOF - C:\AdwCleaner[S1].txt - [3932 octets] ##########

und hier junkw:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.2 (08.11.2013:1)

OS: Windows Vista (TM) Home Premium x86

Ran by Giannina on 12.08.2013 at  0:08:54,27

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 

Successfully deleted: [File] "C:\Windows\system32\authuitu.dll"

Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 12.08.2013 at  0:13:53,60

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und hier der frische farbar:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-08-2013 02

Ran by Giannina (administrator) on 12-08-2013 00:23:26

Running from C:\Users\Giannina\Desktop

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Empolis GmbH) c:\program files\common files\gnab\service\servicecontroller.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe

(Entriq, Inc.) D:\ax\DCBin\DCService.exe

(Crawler.com) D:\Spyware Terminator\sp_rsser.exe

(Buhl Data Service GmbH) C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe

(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

() C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe

(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

() C:\Program Files\Launch Manager\LaunchAp.exe

(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe

() C:\Program Files\Launch Manager\WButton.exe

(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe

(ODSoft multimedia) C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe

(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe

(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe

(Team H2O) C:\Program Files\Syncrosoft\POS\H2O\cledx.exe

(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Geek Software GmbH) C:\Program Files\pdf24\pdf24.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() C:\Program Files\DivX\DivX Update\DivXUpdate.exe

(Mischel Internet Security) C:\Program Files\TrojanHunter 5.5\THGuard.exe

(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

() D:\ax\DCBin\DCTrayApp.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Farbar) C:\Users\Giannina\Desktop\FRST(1).exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4390912 2007-02-15] (Realtek Semiconductor)

HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-02-15] (Synaptics, Inc.)

HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-11-15] (Intel Corporation)

HKLM\...\Run: [LaunchAp] - C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-07-25] ()

HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2006-12-14] (Wistron)

HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [86016 2006-11-09] ()

HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185632 2007-10-08] (RealNetworks, Inc.)

HKLM\...\Run: [TVBroadcast] - C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe [790016 2007-05-08] (ODSoft multimedia)

HKLM\...\Run: [LMgrOSD] - C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)

HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [H2O] - C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [385024 2005-10-23] (Team H2O)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-24] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM\...\Run: [PDFPrint] - C:\Program Files\pdf24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)

HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()

HKLM\...\Run: [TrojanScanner] - C:\Program Files\Trojan Remover\Trjscan.exe [1655568 2013-07-19] (Simply Super Software)

HKLM\...\Run: [THGuard] - C:\Program Files\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)

HKU\Administrator\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Administrator\...\Run: [IncrediMail] - C:\Program Files\IncrediMail\bin\IncMail.exe [ 2009-08-10] (IncrediMail, Ltd.)

HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk

ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\maxdome Download Manager.lnk

ShortcutTarget: maxdome Download Manager.lnk -> D:\ax\DCBin\DCTrayApp.exe ()
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com

SearchScopes: HKLM - DefaultScope value is missing.

BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

BHO: CSolidBrowserObj Object - {BD08A9D5-0E5C-4f42-99A3-C0CB5E860557} - C:\Windows\system32\SolidStateNetworks\SolidStateION\solidax.dll (Solid State Networks)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} https://account.maxdome.de/presentation/script/HWTest.CAB

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1183949065925

DPF: {7BABCBE7-ECFF-4EA0-A344-1DC32458A6ED} hxxp://eu.ntrsupport.com/inquiero/mod/setup/ntrplugin124v_30.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} hxxp://www.playwhat.com/solidPlugin/solidstateion.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553544700} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553545000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msdaipp - No CLSID Value - 

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default

FF SelectedSearchEngine: Winload Customized Web Search

FF Homepage: hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13

FF Keyword.URL: hxxp://mystart.incredimail.com/?loc=ff_address_bar&search=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprjplug;version=1.0.2.2910 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - D:\amazon\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF SearchPlugin: C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\searchplugins\conduit.xml

FF SearchPlugin: C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\searchplugins\MyStart Search.xml

FF Extension: No Name - C:\Users\Giannina\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

FF Extension: BrowseToolE0191 Community Toolbar - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}

FF Extension: finder - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\finder@meingutscheincode.de.xpi

FF Extension: No Name - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

FF Extension: No Name - C:\Users\Giannina\AppData\Roaming\Mozilla\Firefox\Profiles\r4ik36xt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)

R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH)

R2 Prosieben; D:\ax\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)

S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)

R2 sp_rssrv; D:\Spyware Terminator\sp_rsser.exe [496128 2011-05-08] (Crawler.com)

R2 srvcPVR; C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe [1600512 2007-05-04] (Buhl Data Service GmbH)

S3 SureThing Labelflash service; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [74392 2009-03-17] (MicroVision Development, Inc.)

R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)

R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.)

S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)

R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.)

R2 WSWNA3100M; C:\Program Files\NETGEAR\WNA3100M\WifiSvc.exe [307488 2012-08-16] ()
 

==================== Drivers (Whitelisted) ====================
 

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2009-07-29] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-02-27] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-02-27] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)

R3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O)

S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )

R1 Hotkey; C:\Windows\System32\Drivers\Hotkey.sys [9867 2003-04-28] ()

R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2009-07-29] ()

R2 LMIRfsDriver; C:\Windows\system32\drivers\LMIRfsDriver.sys [47640 2008-07-24] (LogMeIn, Inc.)

S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [277504 2007-07-05] (Realtek Semiconductor Corporation                           )

R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-02-07] ()

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2008-11-10] ()

R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [142592 2011-05-08] ()

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)

S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [367616 2008-07-25] (TASCAM)

S3 TASCAM_US144_MIDI; C:\Windows\System32\drivers\tscusb2m.sys [18944 2008-07-25] (TASCAM)

S3 TASCAM_US144_WDM; C:\Windows\System32\drivers\tscusb2a.sys [33792 2008-07-25] (TASCAM)

R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)

R3 WNA3100M; C:\Windows\System32\DRIVERS\WNA3100M.sys [911464 2011-12-30] (NETGEAR Corporation                           )

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]

S3 catchme; \??\C:\Users\Giannina\AppData\Local\Temp\catchme.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [x]

S4 LMIRfsClientNP; No ImagePath

S1 mailKmd; No ImagePath

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-12 00:13 - 2013-08-12 00:13 - 00000835 _____ C:\Users\Giannina\Desktop\JRT.txt

2013-08-12 00:08 - 2013-08-12 00:08 - 00000000 ____D C:\Windows\ERUNT

2013-08-11 23:54 - 2013-08-11 23:55 - 00004001 _____ C:\AdwCleaner[S1].txt

2013-08-11 23:37 - 2013-08-11 23:37 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\Malwarebytes

2013-08-11 23:36 - 2013-08-11 23:36 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-11 23:36 - 2013-08-11 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-08-11 23:36 - 2013-08-11 23:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-08-11 23:36 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-08-11 22:03 - 2013-08-11 22:03 - 00958573 _____ (Oleg N. Scherbakov) C:\Users\Giannina\Desktop\JRT.exe

2013-08-11 22:03 - 2013-08-11 22:03 - 00666633 _____ C:\Users\Giannina\Downloads\adwcleaner.exe

2013-08-11 21:56 - 2013-08-11 21:56 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Giannina\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-11 21:34 - 2013-08-11 21:34 - 00143112 _____ C:\Windows\Minidump\Mini081113-02.dmp

2013-08-11 21:23 - 2013-08-11 21:23 - 00143112 _____ C:\Windows\Minidump\Mini081113-01.dmp

2013-08-10 23:39 - 2013-08-10 23:39 - 00012794 _____ C:\ComboFix.txt

2013-08-10 23:13 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2013-08-10 23:13 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2013-08-10 23:13 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-08-10 23:13 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-08-10 23:13 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-08-10 23:13 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2013-08-10 23:13 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2013-08-10 23:13 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2013-08-10 23:04 - 2013-08-10 23:04 - 00143112 _____ C:\Windows\Minidump\Mini081013-01.dmp

2013-08-10 22:47 - 2013-08-10 23:39 - 00000000 ____D C:\Qoobox

2013-08-10 22:46 - 2013-08-10 23:37 - 00000000 ____D C:\Windows\erdnt

2013-08-10 22:39 - 2013-08-10 22:40 - 05102523 ____R (Swearware) C:\Users\Giannina\Desktop\ComboFix.exe

2013-08-10 22:36 - 2013-08-10 22:36 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Giannina\Downloads\unhide.exe

2013-08-10 22:36 - 2013-08-10 22:36 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Giannina\Desktop\unhide.exe

2013-08-10 12:11 - 2013-08-10 12:12 - 00016279 _____ C:\Users\Giannina\Desktop\Addition.txt

2013-08-10 12:04 - 2013-08-10 12:04 - 00000000 ____D C:\FRST

2013-08-10 12:02 - 2013-08-10 12:02 - 01230570 _____ (Farbar) C:\Users\Giannina\Desktop\FRST.exe

2013-08-10 12:01 - 2013-08-10 12:02 - 01230570 _____ (Farbar) C:\Users\Giannina\Downloads\FRST.exe

2013-08-10 04:10 - 2013-08-10 04:10 - 00103680 _____ (GMER) C:\fxtcypow.sys

2013-08-10 04:08 - 2013-08-10 04:08 - 00377856 _____ C:\Users\Giannina\Desktop\luht337n.exe

2013-08-10 03:34 - 2013-08-10 03:34 - 01579819 _____ C:\Users\Giannina\Downloads\unhide.zip

2013-08-10 03:14 - 2013-08-10 03:14 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\TrojanHunter

2013-08-10 03:13 - 2013-08-11 00:45 - 00000630 _____ C:\Users\Giannina\Desktop\unhide.txt

2013-08-10 03:08 - 2013-08-10 03:10 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup.exe

2013-08-10 01:04 - 2013-08-10 01:04 - 00047098 _____ C:\Users\Giannina\Desktop\AVSCAN-20130809-183814-EBEFAF93.LOG

2013-08-09 18:25 - 2013-08-10 13:14 - 00000000 ____D C:\Program Files\TrojanHunter 5.5

2013-08-09 18:25 - 2013-08-09 18:25 - 00059392 ____R C:\Windows\system32\streamhlp.dll

2013-08-09 18:25 - 2013-08-09 18:25 - 00000886 _____ C:\Users\Giannina\Desktop\TrojanHunter.lnk

2013-08-09 18:25 - 2013-08-09 18:25 - 00000000 ____D C:\ProgramData\TrojanHunter

2013-08-09 18:24 - 2013-08-09 18:24 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup_5.5_Build_1003.exe

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\ProgramData\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Program Files\Trojan Remover

2013-08-09 18:18 - 2012-06-15 16:35 - 00185616 _____ C:\Windows\system32\ztvunrar39.dll

2013-08-09 18:18 - 2012-06-15 16:33 - 00605968 _____ (Igor Pavlov) C:\Windows\system32\ztv7z.dll

2013-08-09 18:16 - 2013-08-09 18:17 - 23334896 _____ (Simply Super Software                                       ) C:\Users\Giannina\Downloads\trjsetup_688.exe

2013-08-08 12:26 - 2013-08-11 23:10 - 00000000 ____D C:\Users\Giannina\Desktop\cat

2013-08-07 15:18 - 2013-08-07 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-07-14 03:14 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-07-14 03:14 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-07-14 03:14 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-07-14 03:14 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-07-14 03:14 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-07-14 03:14 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-07-14 03:14 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-07-14 03:14 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-07-14 03:14 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-07-14 03:14 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-07-14 03:14 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-07-14 03:14 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-07-14 03:14 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-07-14 03:14 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-07-14 03:14 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-07-14 03:14 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2013-07-13 12:44 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2013-07-13 12:44 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2013-07-13 12:44 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2013-07-13 12:44 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2013-07-13 12:44 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-07-13 12:44 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2013-07-13 12:43 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-07-13 12:42 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-07-13 12:42 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
 

==================== One Month Modified Files and Folders =======
 

2013-08-12 00:19 - 2013-08-12 00:19 - 01068593 _____ (Farbar) C:\Users\Giannina\Desktop\FRST(1).exe

2013-08-12 00:16 - 2013-01-28 17:39 - 00000000 ____D C:\Users\Giannina\Desktop\picoftheday13

2013-08-12 00:14 - 2012-05-21 17:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-12 00:14 - 2010-12-26 21:02 - 00000000 ____D C:\Seelenlicht

2013-08-12 00:13 - 2013-08-12 00:13 - 00000835 _____ C:\Users\Giannina\Desktop\JRT.txt

2013-08-12 00:08 - 2013-08-12 00:08 - 00000000 ____D C:\Windows\ERUNT

2013-08-12 00:04 - 2007-09-06 09:52 - 01473615 _____ C:\Windows\WindowsUpdate.log

2013-08-11 23:58 - 2009-06-26 13:07 - 00065536 _____ C:\Windows\system32\Ikeext.etl

2013-08-11 23:58 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-11 23:58 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-11 23:58 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-11 23:57 - 2006-11-02 15:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-08-11 23:55 - 2013-08-11 23:54 - 00004001 _____ C:\AdwCleaner[S1].txt

2013-08-11 23:37 - 2013-08-11 23:37 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\Malwarebytes

2013-08-11 23:36 - 2013-08-11 23:36 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-11 23:36 - 2013-08-11 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-08-11 23:36 - 2013-08-11 23:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-08-11 23:10 - 2013-08-08 12:26 - 00000000 ____D C:\Users\Giannina\Desktop\cat

2013-08-11 22:03 - 2013-08-11 22:03 - 00958573 _____ (Oleg N. Scherbakov) C:\Users\Giannina\Desktop\JRT.exe

2013-08-11 22:03 - 2013-08-11 22:03 - 00666633 _____ C:\Users\Giannina\Downloads\adwcleaner.exe

2013-08-11 21:56 - 2013-08-11 21:56 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Giannina\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-11 21:34 - 2013-08-11 21:34 - 00143112 _____ C:\Windows\Minidump\Mini081113-02.dmp

2013-08-11 21:34 - 2009-08-07 20:35 - 00000000 ____D C:\Windows\Minidump

2013-08-11 21:34 - 2009-08-07 20:34 - 236906529 _____ C:\Windows\MEMORY.DMP

2013-08-11 21:23 - 2013-08-11 21:23 - 00143112 _____ C:\Windows\Minidump\Mini081113-01.dmp

2013-08-11 21:21 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing

2013-08-11 00:45 - 2013-08-10 03:13 - 00000630 _____ C:\Users\Giannina\Desktop\unhide.txt

2013-08-11 00:23 - 2007-06-20 14:13 - 00679442 _____ C:\Windows\PFRO.log

2013-08-10 23:39 - 2013-08-10 23:39 - 00012794 _____ C:\ComboFix.txt

2013-08-10 23:39 - 2013-08-10 22:47 - 00000000 ____D C:\Qoobox

2013-08-10 23:39 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default

2013-08-10 23:39 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public

2013-08-10 23:37 - 2013-08-10 22:46 - 00000000 ____D C:\Windows\erdnt

2013-08-10 23:36 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini

2013-08-10 23:04 - 2013-08-10 23:04 - 00143112 _____ C:\Windows\Minidump\Mini081013-01.dmp

2013-08-10 22:50 - 2013-07-06 18:42 - 00000000 ____D C:\Users\Giannina\Desktop\berlinmylove

2013-08-10 22:40 - 2013-08-10 22:39 - 05102523 ____R (Swearware) C:\Users\Giannina\Desktop\ComboFix.exe

2013-08-10 22:36 - 2013-08-10 22:36 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Giannina\Downloads\unhide.exe

2013-08-10 22:36 - 2013-08-10 22:36 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Giannina\Desktop\unhide.exe

2013-08-10 13:14 - 2013-08-09 18:25 - 00000000 ____D C:\Program Files\TrojanHunter 5.5

2013-08-10 12:12 - 2013-08-10 12:11 - 00016279 _____ C:\Users\Giannina\Desktop\Addition.txt

2013-08-10 12:04 - 2013-08-10 12:04 - 00000000 ____D C:\FRST

2013-08-10 12:02 - 2013-08-10 12:02 - 01230570 _____ (Farbar) C:\Users\Giannina\Desktop\FRST.exe

2013-08-10 12:02 - 2013-08-10 12:01 - 01230570 _____ (Farbar) C:\Users\Giannina\Downloads\FRST.exe

2013-08-10 04:10 - 2013-08-10 04:10 - 00103680 _____ (GMER) C:\fxtcypow.sys

2013-08-10 04:08 - 2013-08-10 04:08 - 00377856 _____ C:\Users\Giannina\Desktop\luht337n.exe

2013-08-10 03:34 - 2013-08-10 03:34 - 01579819 _____ C:\Users\Giannina\Downloads\unhide.zip

2013-08-10 03:14 - 2013-08-10 03:14 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\TrojanHunter

2013-08-10 03:10 - 2013-08-10 03:08 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup.exe

2013-08-10 03:10 - 2008-11-13 19:51 - 00000000 ____D C:\Program Files\QuickTime

2013-08-10 03:10 - 2008-10-26 20:07 - 00000000 ____D C:\Program Files\WinRAR

2013-08-10 03:10 - 2007-06-20 12:41 - 00000000 ____D C:\Program Files\Microsoft Works

2013-08-10 01:04 - 2013-08-10 01:04 - 00047098 _____ C:\Users\Giannina\Desktop\AVSCAN-20130809-183814-EBEFAF93.LOG

2013-08-09 22:51 - 2012-05-20 17:13 - 00000000 ____D C:\Users\Giannina\Desktop\cd veröffentlichung

2013-08-09 22:01 - 2007-12-23 16:47 - 00000400 _____ C:\Windows\ODBC.INI

2013-08-09 18:25 - 2013-08-09 18:25 - 00059392 ____R C:\Windows\system32\streamhlp.dll

2013-08-09 18:25 - 2013-08-09 18:25 - 00000886 _____ C:\Users\Giannina\Desktop\TrojanHunter.lnk

2013-08-09 18:25 - 2013-08-09 18:25 - 00000000 ____D C:\ProgramData\TrojanHunter

2013-08-09 18:24 - 2013-08-09 18:24 - 05843488 _____ (Mischel Internet Security                                   ) C:\Users\Giannina\Downloads\TrojanHunterSetup_5.5_Build_1003.exe

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\ProgramData\Simply Super Software

2013-08-09 18:18 - 2013-08-09 18:18 - 00000000 ____D C:\Program Files\Trojan Remover

2013-08-09 18:17 - 2013-08-09 18:16 - 23334896 _____ (Simply Super Software                                       ) C:\Users\Giannina\Downloads\trjsetup_688.exe

2013-08-09 16:51 - 2007-09-06 09:58 - 00000953 _____ C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-08-09 16:51 - 2007-09-06 09:58 - 00000948 _____ C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2013-08-09 16:51 - 2007-09-06 09:58 - 00000919 _____ C:\Users\Giannina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2013-08-09 16:51 - 2007-09-06 09:58 - 00000000 ____D C:\Users\Giannina

2013-08-09 16:50 - 2012-09-17 15:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2013-08-09 14:59 - 2008-10-26 20:27 - 00000000 ____D C:\VST Projekte

2013-08-09 12:58 - 2007-09-06 10:07 - 00102912 _____ C:\Users\Giannina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-08-09 12:44 - 2006-11-02 12:33 - 01472526 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-07 22:24 - 2010-10-22 11:17 - 00010380 _____ C:\fpRedmon.log

2013-08-07 22:24 - 2010-10-22 11:17 - 00000000 ____D C:\Users\Giannina\AppData\Local\FreePDF_XP

2013-08-07 22:05 - 2011-12-01 17:49 - 00000000 ____D C:\Users\Giannina\Desktop\worddokumente

2013-08-07 15:20 - 2011-04-21 16:34 - 00000000 ____D C:\Users\Giannina\Desktop\standard-cd

2013-08-07 15:18 - 2013-08-07 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-08-04 21:32 - 2006-11-02 14:47 - 00506472 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-30 19:42 - 2012-04-29 20:12 - 00000000 ____D C:\Users\Giannina\Desktop\bildgebet

2013-07-29 16:02 - 2007-09-06 09:59 - 00171192 _____ C:\Users\Giannina\AppData\Local\GDIPFONTCACHEV1.DAT

2013-07-25 13:41 - 2010-07-31 22:37 - 00000000 ____D C:\Users\Giannina\AppData\Roaming\DivX

2013-07-25 13:17 - 2010-07-31 22:27 - 00000000 ____D C:\ProgramData\DivX

2013-07-25 13:17 - 2009-08-14 22:59 - 00000000 ____D C:\Program Files\DivX

2013-07-25 13:16 - 2010-07-31 22:36 - 00000000 ____D C:\Program Files\Common Files\DivX Shared

2013-07-23 13:29 - 2006-11-02 14:52 - 00118899 _____ C:\Windows\setupact.log

2013-07-14 12:52 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET

2013-07-14 03:52 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer

2013-07-14 03:18 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2013-07-14 03:03 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
 

Files to move or delete:

====================

C:\Users\Giannina\ElsterFormular2007-Setup.exe

C:\Users\Giannina\spore_creature_creator_yahoo617.exe
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-12 00:05
 

==================== End Of Log ============================

--- --- ---

--- --- ---

soll ich unhide jetzt nochmal versuchen?
danke fürs weiterhelfen. ich hab wieder hoffnung :)

gute nacht

Lieber schrauber, nachdem ich nun alles gemacht habe wie du sagtest habe ich den Rechner rebooter und nun faehrt er aber leider nicht mehr hoch bzw er faehrt hoch aber ich sehe nichts ausser schwarzem screen und weissem mousezeiger. Und auch im abgesicherten Modus passiert das, schwarzer screen weisser mousezeiger. Was ist denn nun bloss passiert? Ist jetzt nicts mehr zu retten? Kann jetzt nur noch ueber Handy das Forum lesen........
Verzweifelte gruesse