Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows fake security update popup (https://www.trojaner-board.de/145996-windows-fake-security-update-popup.html)

No1Se 12.12.2013 19:12
Windows fake security update popup
 
Hallo liebe Leute,

der PC meiner Freundin hat seit gestern ein Problem: Ein fake MS13-052 Security update für Windows poppt immer wieder auf. Dasselbe Problem wurde in diesem Forum bereits beschrieben (siehe http://www.trojaner-board.de/144941-...e-net-4-a.html).

Ein erster FRST scan dürfte was gefunden haben, siehe unten. Könnt ihr mir sagen, wie ich jetzt weitermachen kann?

Vielen Dank!
No1Se

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2013
Ran by Desktop (administrator) on DESKTOP-PC on 12-12-2013 18:24:12
Running from C:\Users\Desktop\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Bamboo Dock\BambooCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Crawler.com) C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler.com) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Dropbox, Inc.) C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\Desktop\AppData\Local\Temp\tmpf7d38d7c\nup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmpaa6a4693\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp1fe90a0b\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp828783a6\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp0ffc7929\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmpd37e4819\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp4a2f046b\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp743a07a9\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmpc168bcee\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp43109b2f\nup.exe
(loihytgvfd) C:\Users\Desktop\AppData\Local\Temp\tmp3ac37b3a\nup.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AutoEJCD_0ACE20FF] - C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE [40960 2010-01-19] ()
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [BambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe [646744 2013-01-08] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
HKCU\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272640 2012-09-12] (Microsoft Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Sobeytduot] - C:\Users\Desktop\AppData\Roaming\Ebzapo\ileqs.exe [295556 2013-01-04] (gtfrdeszde)
HKCU\...\Run: [nup] - C:\Users\Desktop\AppData\Local\Temp\tmp3ac37b3a\nup.exe [387717 2013-12-12] (loihytgvfd) <===== ATTENTION
Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10263&gct=hp&dc=EU&locale=de_AT
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x57149D9F5FF7CB01
URLSearchHook: HKLM - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
URLSearchHook: HKCU - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - {D3CDF9AA-B31E-441E-B9D1-4AECE7459D41} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10263&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGU&apn_dtid=^YYYYYY^YY^AT&apn_uid=c25fef61-3eab-42a3-b0e1-c0ed310bb7b5&apn_sauid=799C5281-FB1B-48EB-BF2E-DA384F28464D
BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe Reader - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Desktop\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - softonic-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1                                activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\fxyjbvp1.default
FF Homepage: hxxp://search.avira.com/?l=dis&o=APN10263&gct=hp&dc=EU&locale=de_AT
FF SelectedSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF DefaultSearchEngine: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @graphisoft.com/GDL Web Plug-in - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\fxyjbvp1.default\searchplugins\askcom.xml
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Adobe Reader - C:\Program Files\Mozilla Firefox\extensions\{b677fa16-ac2f-410c-8ea5-3bc98ed515d3}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

Chrome:
=======
CHR DefaultSearchKeyword: google.at
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (ArchiCAD) - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (WacomTabletPlugin) - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 gupdate1ca8171fbc6f74b; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-12-20] (Google Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [526208 2012-11-14] (Wacom Technology, Corp.)
S2 ANSYS FLEXlm license manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]
S2 Flexlm Service 1; C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11680 2012-10-12] (Windows (R) Win 7 DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows (R) Win 7 DDK provider)
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-04-04] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-23] (Avira GmbH)
S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [69024 2012-10-12] (Wacom Technology)
S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13728 2012-10-12] (Wacom Technology)
S2 adfs; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-12 18:24 - 2013-12-12 18:24 - 00022222 _____ C:\Users\Desktop\Desktop\FRST.txt
2013-12-12 18:22 - 2013-12-12 18:22 - 00022300 _____ C:\Users\Desktop\Downloads\Addition.txt
2013-12-12 18:20 - 2013-12-12 18:23 - 00022224 _____ C:\Users\Desktop\Downloads\FRST.txt
2013-12-12 18:20 - 2013-12-12 18:20 - 00000000 ____D C:\FRST
2013-12-12 18:18 - 2013-12-12 18:19 - 01060373 _____ (Farbar) C:\Users\Desktop\Desktop\FRST.exe
2013-12-12 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:30 - 2013-12-12 18:00 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-11 19:30 - 2013-12-11 19:30 - 00001008 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Spyware Terminator
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Program Files\Spyware Terminator
2013-12-11 19:30 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2013-12-11 19:28 - 2013-12-11 19:28 - 05049344 _____ (Crawler.com                                                ) C:\Users\Desktop\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-12-11 03:43 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 03:43 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 03:43 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 03:43 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 03:43 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 03:43 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 03:43 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 03:43 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 03:43 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 21:04 - 2013-12-10 21:04 - 00359044 _____ C:\ProgramData\nup.exe
2013-12-10 15:22 - 2013-12-10 15:38 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Laecmy
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Eras
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Ebzapo
2013-11-30 23:28 - 2013-11-30 23:28 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 23:28 - 2013-11-30 23:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 23:28 - 2013-11-30 23:28 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 23:28 - 2013-11-30 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-30 23:27 - 2013-11-30 23:30 - 00012053 _____ C:\Windows\IE11_main.log
2013-11-14 19:22 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 19:22 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 19:22 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 19:22 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 19:22 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 19:22 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 19:22 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 19:22 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 19:22 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 19:22 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 19:22 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 19:22 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 19:22 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 19:22 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 19:22 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-12 18:24 - 2013-12-12 18:24 - 00022222 _____ C:\Users\Desktop\Desktop\FRST.txt
2013-12-12 18:23 - 2013-12-12 18:20 - 00022224 _____ C:\Users\Desktop\Downloads\FRST.txt
2013-12-12 18:22 - 2013-12-12 18:22 - 00022300 _____ C:\Users\Desktop\Downloads\Addition.txt
2013-12-12 18:20 - 2013-12-12 18:20 - 00000000 ____D C:\FRST
2013-12-12 18:19 - 2013-12-12 18:18 - 01060373 _____ (Farbar) C:\Users\Desktop\Desktop\FRST.exe
2013-12-12 18:00 - 2013-12-11 19:30 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-12 17:47 - 2013-02-25 13:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 17:44 - 2009-12-20 13:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 15:26 - 2012-06-21 09:46 - 00000000 ____D C:\Users\Desktop\AppData\Local\Windows Live
2013-12-12 15:21 - 2010-09-02 15:38 - 01851838 _____ C:\Windows\WindowsUpdate.log
2013-12-12 09:44 - 2009-12-20 13:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-12 08:10 - 2009-07-14 05:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 08:10 - 2009-07-14 05:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 08:08 - 2010-11-13 10:07 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Dropbox
2013-12-12 08:07 - 2010-09-02 15:48 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-12 08:03 - 2010-11-13 10:10 - 00000000 ___RD C:\Users\Desktop\Documents\My Dropbox
2013-12-12 08:02 - 2009-11-23 17:30 - 00000000 ____D C:\Users\Desktop\Tracing
2013-12-12 08:01 - 2012-11-18 20:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-12 08:01 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-12 08:01 - 2009-07-14 05:39 - 19066857 _____ C:\Windows\setupact.log
2013-12-12 04:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-12 03:24 - 2009-07-14 05:33 - 03822928 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 03:22 - 2009-11-10 21:21 - 00224234 _____ C:\Windows\PFRO.log
2013-12-12 03:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-12 03:06 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-12 03:04 - 2013-08-14 22:45 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 03:01 - 2010-11-24 12:25 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-11 19:30 - 2013-12-11 19:30 - 00001008 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Spyware Terminator
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Program Files\Spyware Terminator
2013-12-11 19:28 - 2013-12-11 19:28 - 05049344 _____ (Crawler.com                                                ) C:\Users\Desktop\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-12-11 17:47 - 2013-02-25 13:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 17:47 - 2013-02-25 13:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 21:04 - 2013-12-10 21:04 - 00359044 _____ C:\ProgramData\nup.exe
2013-12-10 15:38 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Laecmy
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Eras
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Ebzapo
2013-12-08 15:05 - 2013-02-23 13:00 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-30 23:30 - 2013-11-30 23:27 - 00012053 _____ C:\Windows\IE11_main.log
2013-11-30 23:28 - 2013-11-30 23:28 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 23:28 - 2013-11-30 23:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 23:28 - 2013-11-30 23:28 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 23:28 - 2013-11-30 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 11:11 - 2013-12-12 03:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-12 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-12 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-12 03:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-12 03:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-12 03:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:38 - 2013-12-12 03:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:36 - 2013-12-12 03:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-12 03:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-12 03:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-12 03:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-12 03:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 03:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-12 03:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 08:32 - 2013-12-12 03:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 03:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-12 03:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 03:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-12 03:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 17:05 - 2013-05-08 07:02 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 17:05 - 2013-02-23 13:00 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 17:05 - 2013-02-23 13:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 18:42 - 2010-09-10 11:57 - 00051000 _____ C:\fpRedmon.log
2013-11-24 18:42 - 2010-09-10 11:57 - 00000000 ____D C:\Users\Desktop\AppData\Local\FreePDF_XP
2013-11-19 10:25 - 2009-11-10 19:35 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Skype
2013-11-12 03:07 - 2013-12-11 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

Files to move or delete:
====================
C:\Users\Desktop\AppData\Local\Temp\tmp3ac37b3a\nup.exe
C:\ProgramData\nup.exe
C:\Users\Desktop\install_flash_player.exe
C:\Users\Desktop\ProTeXt-2.2.1-102109.exe
C:\Users\Desktop\SkypeSetup.exe
C:\Users\Desktop\vlc-1.0.5-win32.exe
C:\Users\Desktop\wlsetup-web.exe


Some content of TEMP:
====================
C:\Users\Desktop\AppData\Local\Temp\AcDeltree.exe
C:\Users\Desktop\AppData\Local\Temp\ApnStub.exe
C:\Users\Desktop\AppData\Local\Temp\AskSLib.dll
C:\Users\Desktop\AppData\Local\Temp\avgnt.exe
C:\Users\Desktop\AppData\Local\Temp\contentDATs.exe
C:\Users\Desktop\AppData\Local\Temp\DivXSetup.exe
C:\Users\Desktop\AppData\Local\Temp\ffmpeg15.exe
C:\Users\Desktop\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Desktop\AppData\Local\Temp\Fox1E4C.exe
C:\Users\Desktop\AppData\Local\Temp\InstallAX.exe
C:\Users\Desktop\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Desktop\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Desktop\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Desktop\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Desktop\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Desktop\AppData\Local\Temp\menu.exe
C:\Users\Desktop\AppData\Local\Temp\mpsetup.exe
C:\Users\Desktop\AppData\Local\Temp\qt-mt332.dll
C:\Users\Desktop\AppData\Local\Temp\qt-mt337.dll
C:\Users\Desktop\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Desktop\AppData\Local\Temp\setup.exe
C:\Users\Desktop\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Desktop\AppData\Local\Temp\softonic-de3.exe
C:\Users\Desktop\AppData\Local\Temp\unicows.dll
C:\Users\Desktop\AppData\Local\Temp\WiseShell32Utils.dll
C:\Users\Desktop\AppData\Local\Temp\wlsetup-cvr.exe
C:\Users\Desktop\AppData\Local\Temp\_is54B4.exe
C:\Users\Desktop\AppData\Local\Temp\_is78F7.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 18:01

==================== End Of Log ============================

schrauber 12.12.2013 22:06
hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

No1Se 12.12.2013 23:46
Vielen Dank für die flotte Antwort!

Hier das logfile von ComboFix:
Code:
ComboFix 13-12-12.03 - Desktop 12.12.2013  22:35:44.1.4 - x86
Microsoft Windows 7 Professional  6.1.7601.1.1252.43.1031.18.3327.1898 [GMT 1:00]
ausgeführt von:: c:\users\Desktop\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Desktop\AppData\Roaming\Ebzapo
c:\users\Desktop\AppData\Roaming\Ebzapo\ileqs.exe
c:\users\Desktop\ProTeXt-2.2.1-102109.exe
c:\users\Desktop\vlc-1.0.5-win32.exe
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wpcap.dll
K:\AUTORUN.INF
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-11-12 bis 2013-12-12  ))))))))))))))))))))))))))))))
.
.
2013-12-12 17:20 . 2013-12-12 17:20        --------        d-----w-        C:\FRST
2013-12-11 18:30 . 2011-06-21 10:24        32768        ----a-w-        c:\windows\system32\drivers\sp_rsdrv2.sys
2013-12-11 18:30 . 2013-12-12 17:00        --------        d-----w-        c:\programdata\Spyware Terminator
2013-12-11 18:30 . 2013-12-11 18:30        --------        d-----w-        c:\users\Desktop\AppData\Roaming\Spyware Terminator
2013-12-11 18:30 . 2013-12-11 18:30        --------        d-----w-        c:\program files\Spyware Terminator
2013-12-11 02:43 . 2013-10-19 01:36        159232        ----a-w-        c:\windows\system32\imagehlp.dll
2013-12-11 02:43 . 2013-10-12 02:04        121856        ----a-w-        c:\windows\system32\wshom.ocx
2013-12-11 02:43 . 2013-10-12 02:03        163840        ----a-w-        c:\windows\system32\scrrun.dll
2013-12-11 02:43 . 2013-10-12 01:15        141824        ----a-w-        c:\windows\system32\wscript.exe
2013-12-11 02:43 . 2013-10-12 01:15        126976        ----a-w-        c:\windows\system32\cscript.exe
2013-12-11 02:43 . 2013-11-12 02:07        2048        ----a-w-        c:\windows\system32\tzres.dll
2013-12-11 02:43 . 2013-10-30 01:27        2349056        ----a-w-        c:\windows\system32\win32k.sys
2013-12-11 02:43 . 2013-10-04 01:49        81408        ----a-w-        c:\windows\system32\drivers\drmk.sys
2013-12-11 02:43 . 2013-10-04 01:17        177152        ----a-w-        c:\windows\system32\drivers\portcls.sys
2013-12-10 20:04 . 2013-12-10 20:04        359044        ----a-w-        c:\programdata\nup.exe
2013-12-10 14:22 . 2013-12-10 14:38        --------        d-----w-        c:\users\Desktop\AppData\Roaming\Laecmy
2013-12-10 14:22 . 2013-12-10 14:22        --------        d-----w-        c:\users\Desktop\AppData\Roaming\Eras
2013-11-14 18:22 . 2013-09-25 02:01        136640        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 16:47 . 2013-02-25 12:20        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 16:47 . 2013-02-25 12:20        692616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-12-08 14:05 . 2013-02-23 12:00        90400        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2013-11-25 16:05 . 2013-05-08 06:02        67680        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2013-11-25 16:05 . 2013-02-23 12:00        37352        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2013-11-25 16:05 . 2013-02-23 12:00        137208        ----a-w-        c:\windows\system32\drivers\avipbb.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72}]
2010-03-08 17:05        198656        ----a-w-        c:\users\Desktop\AppData\Roaming\AdobeReader\IE\AdobeReader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
2010-06-03 17:24        2736736        ----a-w-        c:\program files\softonic-de3\tbsoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}"= "c:\program files\softonic-de3\tbsoft.dll" [2010-06-03 2736736]
.
[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-15 11:15        220632        ----a-w-        c:\users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-15 11:15        220632        ----a-w-        c:\users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-15 11:15        220632        ----a-w-        c:\users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Desktop\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Desktop\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Desktop\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoEJCD_0ACE20FF"="c:\program files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE" [2010-01-19 40960]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"BambooCore"="c:\program files\Bamboo Dock\BambooCore.exe" [2013-01-08 646744]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-11-25 683576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2013-04-03 2777736]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
c:\users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
NETGEAR WNA3100 Genie.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2013-11-1 8364288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoCAD-Startbeschleuniger.lnk]
backup=c:\windows\pss\AutoCAD-Startbeschleuniger.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD-Startbeschleuniger.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-24 03:16        203928        ----a-w-        c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03        152872        ----a-w-        c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57        153136        ----a-w-        c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50        18642024        ----a-r-        c:\program files\Skype\Phone\Skype.exe
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-04-04 691696]
R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager;c:\program files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]
R2 Flexlm Service 1;Flexlm Service 1;c:\program files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]
R2 gupdate1ca8171fbc6f74b;Google Update Service (gupdate1ca8171fbc6f74b);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 133104]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [2011-12-07 303360]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-10-12 11680]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-10-12 69024]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-10-12 13728]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-04 1343400]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2011-07-22 21472]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-25 37352]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-11-25 440376]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [2013-04-03 587912]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe [2012-11-14 526208]
S3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh6.sys [2011-12-12 1093888]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-08 14:44        1210320        ----a-w-        c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-25 16:47]
.
2013-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 12:43]
.
2013-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 12:43]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10263&gct=hp&dc=EU&locale=de_AT
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
.
.
------- Dateityp-Verknüpfung -------
.
.scr=AutoCADScriptFile
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-Sobeytduot - c:\users\Desktop\AppData\Roaming\Ebzapo\ileqs.exe
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
MSConfigStartUp-AdobeCS4ServiceManager - c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
MSConfigStartUp-Adobe_ID0ENQBO - c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~3.EXE
AddRemove-MF Flachdach - c:\windows\IsUn0407.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Tablet\Pen\Pen_TabletUser.exe
c:\program files\Tablet\Pen\WacomHost.exe
c:\program files\Tablet\Pen\Pen_Tablet.exe
c:\program files\Tablet\Pen\Pen_TouchUser.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\program files\Brother\Brmfcmon\BrMfimon.exe
c:\users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\scrnsave.scr
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-12  23:37:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-12-12 22:37
.
Vor Suchlauf: 6 Verzeichnis(se), 28.630.925.312 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 34.707.976.192 Bytes frei
.
- - End Of File - - 4159BAB9AE7D33CBB5B18FDD10B8AE05
A36C5E4F47E84449FF07ED3517B43A31
Beim Neustart gabs übrigens keine Probleme.

schrauber 13.12.2013 20:12
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

No1Se 14.12.2013 09:45
Malwarebytes:
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.13.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
Desktop :: DESKTOP-PC [Administrator]

13.12.2013 20:35:01
mbam-log-2013-12-13 (20-35-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|K:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1076517
Laufzeit: 3 Stunde(n), 37 Minute(n),

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\ProgramData\nup.exe (Trojan.Crypt.NKN) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Users\Desktop\AppData\Roaming\Ebzapo\ileqs.exe.vir (Trojan.Crypt.NKN) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
AdwCleaner:
Code:
# AdwCleaner v3.015 - Bericht erstellt am 14/12/2013 um 00:20:31
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Desktop - DESKTOP-PC
# Gestartet von : C:\Users\Desktop\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\GreenTree Applications
Ordner Gelöscht : C:\Program Files\NCH Software
Ordner Gelöscht : C:\Program Files\softonic-de3
Ordner Gelöscht : C:\Users\Desktop\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Desktop\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Desktop\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Desktop\AppData\LocalLow\softonic-de3
Ordner Gelöscht : C:\Users\Desktop\AppData\Roaming\NCH Software
Datei Gelöscht : C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\fxyjbvp1.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Windows\System32\Tasks\NCH Software

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader43050_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader43050_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_adobe-acrobat-professional_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_adobe-acrobat-professional_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9B895A26-D15B-4C6C-9520-535F1D2C6C87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B895A26-D15B-4C6C-9520-535F1D2C6C87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9B895A26-D15B-4C6C-9520-535F1D2C6C87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\Software\NCH Software
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\softonic-de3
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\fxyjbvp1.default\prefs.js ]

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10263&gct=hp&dc=EU&locale=de_AT");
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7729 octets] - [14/12/2013 00:18:21]
AdwCleaner[S0].txt - [6475 octets] - [14/12/2013 00:20:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6535 octets] ##########
JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x86
Ran by Desktop on 14.12.2013 at  0:31:41,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D3CDF9AA-B31E-441E-B9D1-4AECE7459D41}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Desktop\appdata\local\apn"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{0029F21D-95B3-40D9-8A3C-966A22EC0F45}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{0103BE15-265C-4B50-9589-2053A8C708E0}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{020D9636-0762-4D50-BB52-240012BF1346}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{02722A78-9037-434D-96E0-1D375EED8281}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{032FA4E4-311C-4A31-85BF-5E85BDC152E7}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{033BA5EC-F683-436E-A27A-889305F2040A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{036BD886-F971-4F76-86EF-BC3391B53A07}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{03752905-E15A-4C66-945B-B8D5B61E50B0}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{05913CC0-71F7-4291-AB8B-05FD73D24C85}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{099F241F-5022-4F53-AB0F-9032EA515E17}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{0C07FB58-0BD3-4760-830D-6E80F92BF036}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{0C230258-B412-45F1-A3DE-02D93A20653B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{10D67BBD-1410-440F-88B5-0805B9C7B288}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{10FD47B0-CCFD-4413-A07B-B8CBCBE5DA33}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{12467CF3-2316-41B4-8017-AF772002A32E}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{13CD48E0-A5C5-4880-8407-46AE21D08C07}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{1401AE2C-A83A-432E-ABF1-0F74CC56B36D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{1416135E-004F-47EA-8315-CEC3BCBEBF51}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{16563DD3-BD73-4C75-A14C-79136D118685}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{1BA5B378-ABA3-4B9E-9537-8BC38340B430}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{1C2159E2-AADD-49A5-834A-87CDD1640574}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{20013FD6-0452-44A8-9B4D-A50747383944}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{20C2C19C-CD34-4044-99F4-6F20A6791255}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{20F7000F-EED7-4AEC-A4ED-9E97CEBA136B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{21DAFF88-6AA8-4BA3-B506-C3B2EA9B8C19}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{21F13CF9-FE0E-42E4-A642-53D6C7BFCAD2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2220F22C-0DC2-4641-A9CD-3B77E2C39B55}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{23AD11F7-205C-4CF8-BCDC-88AA2569A550}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{25CEFFB0-771E-423D-816F-02310F2CEFFC}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{27E25385-9831-4720-A8A4-FDA20FE9168C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2842F7BD-14A7-46AE-9A6B-659E2A794283}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{28D9DC72-2516-4DDF-91B4-5C5FF7F32D9F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2B1B0833-F30D-45ED-96A2-6B9C79AD686F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2B2DFD93-33B2-4A95-831D-9A18E130582B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2C5ED178-0F99-4C44-B7F2-287FDC61C9AD}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2CDF7F25-6E33-41E4-88AF-63F577C70246}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2D72B1B0-7677-453C-92F3-28EF55ECF8F4}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{2ED4CB20-9E67-4251-B32D-D9C0E8699FB9}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{3017E538-370E-4377-A7EE-20FFF32F7433}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{32B3F8E9-FBBB-4EB9-8F2F-087CD3591152}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{33A4150C-95E9-4F80-B1DF-38336E08DE67}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{341B4A2E-4281-46AE-A5BC-9390EF913590}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{387A4A17-C751-4C97-8F59-DAACCAAB53CC}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{395F36E1-C410-4D0C-9DFF-75C8CC2A082C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{39FF4D20-AE88-4084-8BE3-1687D2721375}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{3E45307B-C3EB-475E-B302-1AEAB305F89D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{3FAF82EE-DBBE-4CB2-A1F3-F30AC74E17CB}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{40EA0EDC-2E5C-4807-B2B2-94C67D08E55E}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{49F68FDE-CF74-4D46-B5DB-D400D5976FB0}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4A21BFED-F6A6-4F26-A701-908B306A778D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4B9CC877-5F9E-4C86-B086-3E506BACC55B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4D4F6416-9C3D-48D4-B633-03403E2D127F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4E197D74-33B7-46B2-A4B7-5775F9F684C7}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4E28A656-EABE-4F15-A23B-2BB6265AED98}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4E2AD7C0-0672-448A-8F58-70F52B246BCF}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4F5459FF-A1C0-49FB-A68C-8C0C933D0B86}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{4FEA9AB6-E42C-45CF-8446-89613586CD94}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{504FA8DC-89DD-476B-B085-8C986CEEF490}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{51B186B3-447A-49BA-BF0E-63847D1D1CB2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{53113B88-9494-429C-8745-B6E184196148}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{53317701-2F55-4DE5-BCC9-D983DD45D9E5}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{541C62AB-1352-46D1-A74B-0F036D0B16B9}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{55AC9321-FEDF-4E73-ADEB-C6E0D09D4AD1}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{56A6D01A-E901-4C9B-BCEF-EB313DEE6A26}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{58B09B2F-704F-44F6-9E34-27582FC88857}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{5B6DA533-A0DE-4419-821C-E9D8A663819B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{5BEA5089-96C4-4E38-A6BC-DE23AC063AFF}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{5D77E4EB-9941-40DB-9C5C-C243B82731A0}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{5D7B883F-7CC8-448F-948A-E259255F105B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{60A53CA4-6266-4EC3-B822-99EE9EB17679}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{6172ADE7-8CC3-4DE5-BF12-B19BE3EA09A7}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{61B19FD9-0C81-4C6B-87C0-53920D2A394F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{65023B30-3308-43AA-ABD8-E472CEB806C0}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{689A1FB5-2DE0-4CBD-A079-6FB9544890E2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{6AAF1904-A775-478F-8B88-655A5A46B3AC}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{6AD65F85-EDE9-426B-9D3C-3317843C42E9}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{6BD448C2-5FDA-42F8-895E-1A3A40BAA5FD}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{6F95747F-AB37-4BAB-A8C3-08BED0ACCB76}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{71913105-A237-477E-AFCA-748A9B5281E1}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{72018B15-0B38-433D-8D99-B9F64160F301}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{7245D658-7784-43CF-B8B6-1DCC11D97067}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{728A1189-72B1-4FFB-87E1-385C5F19677C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{7349AB81-477D-4D7E-8D85-F4F54DED446D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{769FDAA8-BA8C-4249-801A-4DA24EB506DA}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{78D00CA6-5B45-4DC2-A116-5B1301800DA9}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{791FA410-7865-440A-8A36-CC76025B7838}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{7A711F27-D641-48A7-82ED-886465BFB241}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{8174F799-B4A4-42AE-A292-C353471A9E01}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{82508C61-FFE3-4346-A6DD-D252A8FB9F4A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{897BE42A-82C6-4C6C-9060-67DE18E2F34B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{8D1887E8-0F32-4C1F-B8E3-E2D843F3463B}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{8D7E1127-7A49-40A2-9ED1-D7B1A1738FDE}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{8E7F3323-F3DE-449C-8510-7DF2768A940A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{8FB518CB-2164-449A-9EC8-6B9602CA988C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{905001DF-72BA-4A6A-B640-AF116E7F4E62}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{94C2F6F8-AC16-4EE1-AA7A-0C3DA4100694}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{9541928F-D2ED-4C8A-9031-5ACEE6C67125}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{9645705C-3CA5-492D-8CAB-1E0ACFE08770}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{98884466-9473-41B9-A6CA-039D56B26B0D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{99000E56-B50B-4C81-8878-815C40A0EF44}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{9A16370C-DEF0-4039-A8DC-64577D40E665}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{9A96ACC0-4ABA-43B0-AD3B-686DBCC2B4B2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{9C014977-41FD-47B4-8311-670759C6DF1D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{9E45D006-3FA0-4501-8BE1-38368E5B0710}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A0F092DA-7F41-42E8-BC03-1B863E8CBF3C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A1920635-5926-4FEB-ADD9-8A2991B0BF75}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A210D37E-DB0B-4B29-938F-66E1BE86B3D2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A2EDD5A5-D290-4ACA-9808-08D3FF032F77}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A36931AB-4D95-497C-B2AA-1001CC2CEC03}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A388C9D3-FBD2-4F08-B665-64D97FABF88A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A4312E65-60A2-4525-8CBE-0DA595A8FC3C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A4D00FCC-F988-45B9-B300-84DEBC8A526A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A6ABF387-AFBE-4A81-B4BA-A22A3EA9EEFE}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A784BCBB-4B55-4B2F-990E-3EAB8CDE0B04}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{A81FFEE8-BDD1-4D01-8768-3908327D447A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{AA49F992-B8F0-4C55-84B8-A68D76AB3D61}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{AB2EED52-5E77-4BE5-A342-599D1C763DC9}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{ABB2E586-7EFE-47D9-8D3B-F3F3527D6014}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{ACDA9FE4-E93E-45F0-89EA-E2CAAD2D17DE}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{ADFDAC0E-D6D6-43B1-B005-C475E721A418}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{AFAE3575-B39A-4248-8632-4E6ABB559623}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{B26A8E0C-F74F-4440-8870-D9EB51CF90E0}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{B526A370-757D-4FDA-A142-1693C6D839AD}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{B5807E53-BD8B-4C25-8766-F0C118EB3977}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{B685A911-D501-40EE-9F17-2ACC82789E61}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BB09A65E-BFBE-493D-B88D-A5AF5A281302}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BBD2E37A-A1BC-494D-8890-B94412F5244F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BC76C022-71D7-4286-9273-098AD3307306}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BCE4BAC6-262D-4294-A9CE-ACA1CC355FC9}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BEE808B4-B886-4C46-AEA1-FA6021800D70}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BF219F06-0988-45C3-96A1-E2B559A0AC2E}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BF4C166F-5081-4AAE-9FF2-8BBAD0ADAE68}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{BFFFE7AA-1E86-48F5-8258-BF1726195609}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C093CE41-F437-43A0-A67C-225242E916BE}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C0D1E67A-B0FD-44AA-A5E5-7CCA26F823A8}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C10B9EF8-743D-40E5-B330-A4809B67472A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C26122C0-C265-4167-A1E6-36AC792EEB76}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C2B3216D-C599-40EF-B9AA-981C7238087D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C5A6A862-48F9-480E-9A6F-A07C9CEE1158}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C5C6452F-BFB9-450A-8733-AFF109AB05A4}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C62254CF-B1D7-48DB-88D8-2DC1A4EDABDC}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C78EF998-1D2B-4302-9B29-E2C65B14BDD6}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C7ABAB86-D66E-4342-B3EC-BAC071BF6C91}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{C83B0F09-9301-405E-A72B-CF163E7D134E}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{CB6CF504-82CF-4B5B-87DB-AD3030B48E0C}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{CEB9A94A-2B86-435A-9875-E9D79014AF14}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{CF9A0A4C-9000-4A7F-A192-4956D362B536}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D15E68DF-F209-4799-80E1-E84581A432F8}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D25AC56E-3C4C-46D2-A651-25245450C543}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D2A6DF5D-9E83-4EEE-B4CA-0AC0BCE857DA}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D407F9D1-E249-4804-AB4B-03BF713D7D6A}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D419DED8-D1BC-45B7-AF1B-8BBEB740D1A1}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D60DADA0-8F2F-4958-8822-7B533345A608}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D6A3ECB0-D621-469A-9411-66EC4D561B14}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D7800725-7FA5-4962-8554-D5FE58EC4A69}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{D985FB3A-2251-415B-8624-802400C16F10}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{DC72C274-9F86-4C74-841A-B1601A68DB60}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{DCE98D38-0FE1-4415-9362-5582614131AE}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{DD0C58AE-A428-4657-ABA7-AD16C0ACB304}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{DF90E71D-5D43-4597-9382-8C3C3B751215}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{E0269B31-6B60-4FB5-ABA6-720863C3A1FA}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{E1408BB2-D6EA-48F1-A9D7-20976CD82B13}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{E42A7C93-3EDB-4F91-9AD0-9B77ADD6E59F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{E7E74D2F-CA23-4CE6-AA26-3C0D5DB1CF97}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{E9D90495-3E9A-445E-9560-0F820A0263EB}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{E9E0CA98-CDA9-4EBD-879A-18E426D254F2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{ECB83447-6744-4504-B25D-764CE7564F23}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{EFDCCEE6-0DB1-4EC3-84A7-DB63ECD0FAD8}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F0AC6013-16D5-41B2-954C-FB982B656E3D}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F0B714F5-CF3F-4F2C-8CCF-34376BD96C34}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F27E1212-1319-4458-85C7-DBE82C55E691}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F449C4BC-C863-43D1-A06E-F85D76B9E525}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F74837F5-9510-4C34-AA3E-2EFB2B2784A2}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F771E910-6D60-4C62-BA97-3CF81866D7A1}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F793EFDA-2A4A-4FA3-A5F6-67738E4E6C67}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{F9B3415E-79FF-4BF1-A9CC-3D794E6F48FF}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{FA91D17A-14A5-4355-8395-270652168D1F}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{FB914AB7-9677-4FF1-8CAA-0ABC8E5DC1A5}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{FC3DF240-2398-4737-89DC-B4F30BDDD7D8}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{FCC04D76-289B-4241-A343-267102275BCB}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{FE36FEC4-08E5-4A32-83AB-D81986178568}
Successfully deleted: [Empty Folder] C:\Users\Desktop\appdata\local\{FE964806-43AE-4EB3-9A0D-A57089D2B478}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.12.2013 at  0:33:37,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2013 01
Ran by Desktop (administrator) on DESKTOP-PC on 14-12-2013 00:39:26
Running from C:\Users\Desktop\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Bamboo Dock\BambooCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Dropbox, Inc.) C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AutoEJCD_0ACE20FF] - C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE [40960 2010-01-19] ()
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [BambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe [646744 2013-01-08] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x57149D9F5FF7CB01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe Reader - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Desktop\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\fxyjbvp1.default
FF SelectedSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF DefaultSearchEngine: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @graphisoft.com/GDL Web Plug-in - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Adobe Reader - C:\Program Files\Mozilla Firefox\extensions\{b677fa16-ac2f-410c-8ea5-3bc98ed515d3}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

Chrome:
=======
CHR DefaultSearchKeyword: google.at
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (ArchiCAD) - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (WacomTabletPlugin) - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 gupdate1ca8171fbc6f74b; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-12-20] (Google Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
S2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [526208 2012-11-14] (Wacom Technology, Corp.)
S2 ANSYS FLEXlm license manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]
S2 Flexlm Service 1; C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11680 2012-10-12] (Windows (R) Win 7 DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows (R) Win 7 DDK provider)
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-04-04] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-23] (Avira GmbH)
S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [69024 2012-10-12] (Wacom Technology)
S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13728 2012-10-12] (Wacom Technology)
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\Desktop\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-14 00:39 - 2013-12-14 00:39 - 00018549 _____ C:\Users\Desktop\Desktop\FRST.txt
2013-12-14 00:39 - 2013-12-14 00:39 - 00000000 ____D C:\Users\Desktop\Desktop\FRST-OlderVersion
2013-12-14 00:33 - 2013-12-14 00:33 - 00020679 _____ C:\Users\Desktop\Desktop\JRT.txt
2013-12-14 00:31 - 2013-12-14 00:31 - 00000000 ____D C:\Windows\ERUNT
2013-12-14 00:29 - 2013-12-14 00:29 - 01034531 _____ (Thisisu) C:\Users\Desktop\Downloads\JRT.exe
2013-12-14 00:28 - 2013-12-14 00:28 - 00006615 _____ C:\Users\Desktop\Desktop\AdwCleaner[S0].txt
2013-12-14 00:14 - 2013-12-14 00:20 - 00000000 ____D C:\AdwCleaner
2013-12-14 00:14 - 2013-12-14 00:14 - 01226802 _____ C:\Users\Desktop\Downloads\adwcleaner.exe
2013-12-13 20:32 - 2013-12-13 20:32 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-13 20:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-13 20:31 - 2013-12-13 20:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Desktop\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-12 23:37 - 2013-12-12 23:37 - 00018718 _____ C:\ComboFix.txt
2013-12-12 22:33 - 2013-12-12 23:37 - 00000000 ____D C:\Qoobox
2013-12-12 22:33 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-12 22:33 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-12 22:33 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-12 22:32 - 2013-12-12 23:31 - 00000000 ____D C:\Windows\erdnt
2013-12-12 22:29 - 2013-12-12 22:29 - 05154763 ____R (Swearware) C:\Users\Desktop\Desktop\ComboFix.exe
2013-12-12 18:24 - 2013-12-12 18:25 - 00048007 _____ C:\Users\Desktop\Desktop\FRST_Nr1.txt
2013-12-12 18:22 - 2013-12-12 18:22 - 00022300 _____ C:\Users\Desktop\Downloads\Addition.txt
2013-12-12 18:20 - 2013-12-14 00:39 - 00000000 ____D C:\FRST
2013-12-12 18:20 - 2013-12-12 18:23 - 00022224 _____ C:\Users\Desktop\Downloads\FRST.txt
2013-12-12 18:18 - 2013-12-14 00:39 - 01060575 _____ (Farbar) C:\Users\Desktop\Desktop\FRST.exe
2013-12-12 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:30 - 2013-12-12 18:00 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-11 19:30 - 2013-12-11 19:30 - 00001008 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Spyware Terminator
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Program Files\Spyware Terminator
2013-12-11 19:30 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2013-12-11 19:28 - 2013-12-11 19:28 - 05049344 _____ (Crawler.com                                                ) C:\Users\Desktop\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-12-11 03:43 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 03:43 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 03:43 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 03:43 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 03:43 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 03:43 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 03:43 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 03:43 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 03:43 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 15:22 - 2013-12-10 15:38 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Laecmy
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Eras
2013-11-30 23:28 - 2013-11-30 23:28 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 23:28 - 2013-11-30 23:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 23:28 - 2013-11-30 23:28 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 23:28 - 2013-11-30 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-30 23:27 - 2013-11-30 23:30 - 00012053 _____ C:\Windows\IE11_main.log
2013-11-14 19:22 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 19:22 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 19:22 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 19:22 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 19:22 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 19:22 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 19:22 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 19:22 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 19:22 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 19:22 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 19:22 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 19:22 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 19:22 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 19:22 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 19:22 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-14 00:39 - 2013-12-14 00:39 - 00018549 _____ C:\Users\Desktop\Desktop\FRST.txt
2013-12-14 00:39 - 2013-12-14 00:39 - 00000000 ____D C:\Users\Desktop\Desktop\FRST-OlderVersion
2013-12-14 00:39 - 2013-12-12 18:20 - 00000000 ____D C:\FRST
2013-12-14 00:39 - 2013-12-12 18:18 - 01060575 _____ (Farbar) C:\Users\Desktop\Desktop\FRST.exe
2013-12-14 00:33 - 2013-12-14 00:33 - 00020679 _____ C:\Users\Desktop\Desktop\JRT.txt
2013-12-14 00:31 - 2013-12-14 00:31 - 00000000 ____D C:\Windows\ERUNT
2013-12-14 00:30 - 2009-07-14 05:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-14 00:30 - 2009-07-14 05:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-14 00:29 - 2013-12-14 00:29 - 01034531 _____ (Thisisu) C:\Users\Desktop\Downloads\JRT.exe
2013-12-14 00:28 - 2013-12-14 00:28 - 00006615 _____ C:\Users\Desktop\Desktop\AdwCleaner[S0].txt
2013-12-14 00:27 - 2010-09-02 15:48 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-14 00:24 - 2010-11-13 10:07 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Dropbox
2013-12-14 00:23 - 2010-11-13 10:10 - 00000000 ___RD C:\Users\Desktop\Documents\My Dropbox
2013-12-14 00:22 - 2012-12-15 12:19 - 00000000 ____D C:\Windows\de
2013-12-14 00:22 - 2012-11-18 20:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-14 00:22 - 2009-12-20 13:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-14 00:22 - 2009-11-10 21:21 - 00225372 _____ C:\Windows\PFRO.log
2013-12-14 00:22 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-14 00:22 - 2009-07-14 05:39 - 19093411 _____ C:\Windows\setupact.log
2013-12-14 00:21 - 2010-09-02 15:38 - 01927390 _____ C:\Windows\WindowsUpdate.log
2013-12-14 00:20 - 2013-12-14 00:14 - 00000000 ____D C:\AdwCleaner
2013-12-14 00:14 - 2013-12-14 00:14 - 01226802 _____ C:\Users\Desktop\Downloads\adwcleaner.exe
2013-12-13 23:47 - 2013-02-25 13:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-13 23:44 - 2009-12-20 13:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-13 20:32 - 2013-12-13 20:32 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-13 20:31 - 2013-12-13 20:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Desktop\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-12 23:37 - 2013-12-12 23:37 - 00018718 _____ C:\ComboFix.txt
2013-12-12 23:37 - 2013-12-12 22:33 - 00000000 ____D C:\Qoobox
2013-12-12 23:37 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-12-12 23:37 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-12 23:31 - 2013-12-12 22:32 - 00000000 ____D C:\Windows\erdnt
2013-12-12 23:24 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-12-12 22:29 - 2013-12-12 22:29 - 05154763 ____R (Swearware) C:\Users\Desktop\Desktop\ComboFix.exe
2013-12-12 22:26 - 2009-11-23 17:30 - 00000000 ____D C:\Users\Desktop\Tracing
2013-12-12 18:25 - 2013-12-12 18:24 - 00048007 _____ C:\Users\Desktop\Desktop\FRST_Nr1.txt
2013-12-12 18:23 - 2013-12-12 18:20 - 00022224 _____ C:\Users\Desktop\Downloads\FRST.txt
2013-12-12 18:22 - 2013-12-12 18:22 - 00022300 _____ C:\Users\Desktop\Downloads\Addition.txt
2013-12-12 18:00 - 2013-12-11 19:30 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-12 15:26 - 2012-06-21 09:46 - 00000000 ____D C:\Users\Desktop\AppData\Local\Windows Live
2013-12-12 04:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-12 03:24 - 2009-07-14 05:33 - 03822928 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 03:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-12 03:06 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-12 03:04 - 2013-08-14 22:45 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 03:01 - 2010-11-24 12:25 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-11 19:30 - 2013-12-11 19:30 - 00001008 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Spyware Terminator
2013-12-11 19:30 - 2013-12-11 19:30 - 00000000 ____D C:\Program Files\Spyware Terminator
2013-12-11 19:28 - 2013-12-11 19:28 - 05049344 _____ (Crawler.com                                                ) C:\Users\Desktop\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2013-12-11 17:47 - 2013-02-25 13:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 17:47 - 2013-02-25 13:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 15:38 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Laecmy
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Eras
2013-12-08 15:05 - 2013-02-23 13:00 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-30 23:30 - 2013-11-30 23:27 - 00012053 _____ C:\Windows\IE11_main.log
2013-11-30 23:28 - 2013-11-30 23:28 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 23:28 - 2013-11-30 23:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 23:28 - 2013-11-30 23:28 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 23:28 - 2013-11-30 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 11:11 - 2013-12-12 03:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-12 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-12 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-12 03:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-12 03:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-12 03:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:38 - 2013-12-12 03:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:36 - 2013-12-12 03:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-12 03:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-12 03:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-12 03:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-12 03:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 03:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-12 03:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 08:32 - 2013-12-12 03:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 03:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-12 03:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 03:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-12 03:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 17:05 - 2013-05-08 07:02 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 17:05 - 2013-02-23 13:00 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 17:05 - 2013-02-23 13:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 18:42 - 2010-09-10 11:57 - 00051000 _____ C:\fpRedmon.log
2013-11-24 18:42 - 2010-09-10 11:57 - 00000000 ____D C:\Users\Desktop\AppData\Local\FreePDF_XP
2013-11-19 10:25 - 2009-11-10 19:35 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Skype

Files to move or delete:
====================
C:\Users\Desktop\install_flash_player.exe
C:\Users\Desktop\SkypeSetup.exe
C:\Users\Desktop\wlsetup-web.exe


Some content of TEMP:
====================
C:\Users\Desktop\AppData\Local\Temp\avgnt.exe
C:\Users\Desktop\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 18:01

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 14.12.2013 16:12

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

No1Se 15.12.2013 09:50
Mit dem ESET online scanner hab ich ein Problem: Beim ersten Lauf kam gegen Ende die Windows-Meldung "Das Programm reagiert nicht mehr". Kurz davor war er jedenfalls schon beim Scannen der externen Platte und hat noch keine Probleme entdeckt.

Habe dann einen 2. Scan über Nacht laufen lassen. Heute Früh: Kein ESET Prozess mehr am Laufen, Avira wieder aktiv, keine Internetverbindung. Musste den Netgear wLAN Stick neu installieren.

Das ESET log ist dementsprechend wenig aussagekräftig:
Code:
ESETSmartInstaller@High as downloader log:
all ok
Ich habe jetzt mal die weiteren Schritte ausgeführt. SecurityCheck:
Code:
Results of screen317's Security Check version 0.99.77 
 Windows 7 Service Pack 1 x86 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 JavaFX 2.1.1   
 Java 7 Update 7 
 Java(TM) 6 Update 3 
 Java version out of Date!
 Adobe Flash Player        11.9.900.170 
 Adobe Reader 10.0.1 Adobe Reader out of Date! 
 Google Chrome 31.0.1650.57 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
und FRST:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2013 01
Ran by Desktop (administrator) on DESKTOP-PC on 15-12-2013 09:39:01
Running from C:\Users\Desktop\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Bamboo Dock\BambooCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AutoEJCD_0ACE20FF] - C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE [40960 2010-01-19] ()
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [BambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe [646744 2013-01-08] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
Startup: C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x57149D9F5FF7CB01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe Reader - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Desktop\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\fxyjbvp1.default
FF SelectedSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF DefaultSearchEngine: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @graphisoft.com/GDL Web Plug-in - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Adobe Reader - C:\Program Files\Mozilla Firefox\extensions\{b677fa16-ac2f-410c-8ea5-3bc98ed515d3}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

Chrome:
=======
CHR DefaultSearchKeyword: google.at
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (ArchiCAD) - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (WacomTabletPlugin) - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 gupdate1ca8171fbc6f74b; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-12-20] (Google Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [526208 2012-11-14] (Wacom Technology, Corp.)
S2 ANSYS FLEXlm license manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]
S2 Flexlm Service 1; C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11680 2012-10-12] (Windows (R) Win 7 DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows (R) Win 7 DDK provider)
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-04-04] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-23] (Avira GmbH)
S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [69024 2012-10-12] (Wacom Technology)
S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13728 2012-10-12] (Wacom Technology)
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\Desktop\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-15 09:39 - 2013-12-15 09:39 - 00018430 _____ C:\Users\Desktop\Desktop\FRST.txt
2013-12-15 09:33 - 2013-12-15 09:33 - 00891200 _____ C:\Users\Desktop\Desktop\SecurityCheck.exe
2013-12-15 09:25 - 2011-12-12 17:42 - 01093888 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh6.sys
2013-12-15 09:25 - 2011-07-22 10:35 - 00021472 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
2013-12-15 09:25 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll
2013-12-15 09:25 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\system32\Packet.dll
2013-12-15 09:25 - 2010-02-03 11:21 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
2013-12-15 09:25 - 2010-02-03 11:21 - 00050704 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-12-15 00:59 - 2013-12-15 00:59 - 00161232 _____ C:\Windows\Minidump\121513-22916-01.dmp
2013-12-14 17:58 - 2013-12-14 17:59 - 02347384 _____ (ESET) C:\Users\Desktop\Downloads\esetsmartinstaller_enu.exe
2013-12-14 00:39 - 2013-12-15 09:38 - 00000000 ____D C:\Users\Desktop\Desktop\FRST-OlderVersion
2013-12-14 00:39 - 2013-12-14 00:39 - 00046493 _____ C:\Users\Desktop\Desktop\FRST_Nr2.txt
2013-12-14 00:33 - 2013-12-14 00:33 - 00020679 _____ C:\Users\Desktop\Desktop\JRT.txt
2013-12-14 00:31 - 2013-12-14 00:31 - 00000000 ____D C:\Windows\ERUNT
2013-12-14 00:29 - 2013-12-14 00:29 - 01034531 _____ (Thisisu) C:\Users\Desktop\Downloads\JRT.exe
2013-12-14 00:28 - 2013-12-14 00:28 - 00006615 _____ C:\Users\Desktop\Desktop\AdwCleaner[S0].txt
2013-12-14 00:14 - 2013-12-14 00:20 - 00000000 ____D C:\AdwCleaner
2013-12-14 00:14 - 2013-12-14 00:14 - 01226802 _____ C:\Users\Desktop\Downloads\adwcleaner.exe
2013-12-13 20:32 - 2013-12-13 20:32 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-13 20:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-13 20:31 - 2013-12-13 20:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Desktop\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-12 23:37 - 2013-12-12 23:37 - 00018718 _____ C:\ComboFix.txt
2013-12-12 22:33 - 2013-12-12 23:37 - 00000000 ____D C:\Qoobox
2013-12-12 22:33 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-12 22:33 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-12 22:33 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-12 22:33 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-12 22:32 - 2013-12-12 23:31 - 00000000 ____D C:\Windows\erdnt
2013-12-12 22:29 - 2013-12-12 22:29 - 05154763 ____R (Swearware) C:\Users\Desktop\Desktop\ComboFix.exe
2013-12-12 18:24 - 2013-12-12 18:25 - 00048007 _____ C:\Users\Desktop\Desktop\FRST_Nr1.txt
2013-12-12 18:22 - 2013-12-12 18:22 - 00022300 _____ C:\Users\Desktop\Downloads\Addition.txt
2013-12-12 18:20 - 2013-12-15 09:38 - 00000000 ____D C:\FRST
2013-12-12 18:20 - 2013-12-12 18:23 - 00022224 _____ C:\Users\Desktop\Downloads\FRST.txt
2013-12-12 18:18 - 2013-12-15 09:38 - 01060897 _____ (Farbar) C:\Users\Desktop\Desktop\FRST.exe
2013-12-12 03:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:05 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:05 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:05 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:05 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:05 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:05 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:05 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:30 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2013-12-11 03:43 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 03:43 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 03:43 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 03:43 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 03:43 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 03:43 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 03:43 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 03:43 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 03:43 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 15:22 - 2013-12-10 15:38 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Laecmy
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Eras
2013-11-30 23:28 - 2013-11-30 23:28 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 23:28 - 2013-11-30 23:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 23:28 - 2013-11-30 23:28 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 23:28 - 2013-11-30 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-30 23:27 - 2013-11-30 23:30 - 00012053 _____ C:\Windows\IE11_main.log

==================== One Month Modified Files and Folders =======

2013-12-15 09:39 - 2013-12-15 09:39 - 00018430 _____ C:\Users\Desktop\Desktop\FRST.txt
2013-12-15 09:39 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-12-15 09:38 - 2013-12-14 00:39 - 00000000 ____D C:\Users\Desktop\Desktop\FRST-OlderVersion
2013-12-15 09:38 - 2013-12-12 18:20 - 00000000 ____D C:\FRST
2013-12-15 09:38 - 2013-12-12 18:18 - 01060897 _____ (Farbar) C:\Users\Desktop\Desktop\FRST.exe
2013-12-15 09:33 - 2013-12-15 09:33 - 00891200 _____ C:\Users\Desktop\Desktop\SecurityCheck.exe
2013-12-15 09:30 - 2010-11-13 10:07 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Dropbox
2013-12-15 09:29 - 2010-11-13 10:10 - 00000000 ___RD C:\Users\Desktop\Documents\My Dropbox
2013-12-15 09:29 - 2010-09-02 15:48 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-15 09:26 - 2009-07-14 05:39 - 19147055 _____ C:\Windows\setupact.log
2013-12-15 09:25 - 2013-11-01 10:59 - 00000848 _____ C:\Users\Public\Desktop\NETGEAR WNA3100 Genie.lnk
2013-12-15 09:25 - 2013-11-01 10:59 - 00000000 ____D C:\Program Files\NETGEAR
2013-12-15 09:23 - 2009-07-14 05:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-15 09:23 - 2009-07-14 05:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-15 09:18 - 2010-09-02 15:38 - 01992393 _____ C:\Windows\WindowsUpdate.log
2013-12-15 09:14 - 2012-11-18 20:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-15 09:14 - 2009-12-20 13:51 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-15 09:14 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-15 08:47 - 2013-02-25 13:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-15 08:44 - 2009-12-20 13:51 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-15 00:59 - 2013-12-15 00:59 - 00161232 _____ C:\Windows\Minidump\121513-22916-01.dmp
2013-12-15 00:59 - 2012-06-22 12:13 - 00000000 ____D C:\Windows\Minidump
2013-12-15 00:59 - 2012-06-22 12:12 - 318108445 _____ C:\Windows\MEMORY.DMP
2013-12-14 17:59 - 2013-12-14 17:58 - 02347384 _____ (ESET) C:\Users\Desktop\Downloads\esetsmartinstaller_enu.exe
2013-12-14 17:57 - 2013-02-22 10:16 - 00002010 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-12-14 17:57 - 2009-12-13 13:00 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-12-14 00:39 - 2013-12-14 00:39 - 00046493 _____ C:\Users\Desktop\Desktop\FRST_Nr2.txt
2013-12-14 00:33 - 2013-12-14 00:33 - 00020679 _____ C:\Users\Desktop\Desktop\JRT.txt
2013-12-14 00:31 - 2013-12-14 00:31 - 00000000 ____D C:\Windows\ERUNT
2013-12-14 00:29 - 2013-12-14 00:29 - 01034531 _____ (Thisisu) C:\Users\Desktop\Downloads\JRT.exe
2013-12-14 00:28 - 2013-12-14 00:28 - 00006615 _____ C:\Users\Desktop\Desktop\AdwCleaner[S0].txt
2013-12-14 00:22 - 2012-12-15 12:19 - 00000000 ____D C:\Windows\de
2013-12-14 00:22 - 2009-11-10 21:21 - 00225372 _____ C:\Windows\PFRO.log
2013-12-14 00:20 - 2013-12-14 00:14 - 00000000 ____D C:\AdwCleaner
2013-12-14 00:14 - 2013-12-14 00:14 - 01226802 _____ C:\Users\Desktop\Downloads\adwcleaner.exe
2013-12-13 20:32 - 2013-12-13 20:32 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-13 20:31 - 2013-12-13 20:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Desktop\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-12 23:37 - 2013-12-12 23:37 - 00018718 _____ C:\ComboFix.txt
2013-12-12 23:37 - 2013-12-12 22:33 - 00000000 ____D C:\Qoobox
2013-12-12 23:37 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-12 23:31 - 2013-12-12 22:32 - 00000000 ____D C:\Windows\erdnt
2013-12-12 23:24 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-12-12 22:29 - 2013-12-12 22:29 - 05154763 ____R (Swearware) C:\Users\Desktop\Desktop\ComboFix.exe
2013-12-12 22:26 - 2009-11-23 17:30 - 00000000 ____D C:\Users\Desktop\Tracing
2013-12-12 18:25 - 2013-12-12 18:24 - 00048007 _____ C:\Users\Desktop\Desktop\FRST_Nr1.txt
2013-12-12 18:23 - 2013-12-12 18:20 - 00022224 _____ C:\Users\Desktop\Downloads\FRST.txt
2013-12-12 18:22 - 2013-12-12 18:22 - 00022300 _____ C:\Users\Desktop\Downloads\Addition.txt
2013-12-12 15:26 - 2012-06-21 09:46 - 00000000 ____D C:\Users\Desktop\AppData\Local\Windows Live
2013-12-12 04:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-12 03:24 - 2009-07-14 05:33 - 03822928 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 03:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-12 03:06 - 2009-07-14 03:04 - 00000499 _____ C:\Windows\win.ini
2013-12-12 03:04 - 2013-08-14 22:45 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 03:01 - 2010-11-24 12:25 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-11 17:47 - 2013-02-25 13:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 17:47 - 2013-02-25 13:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 15:38 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Laecmy
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Eras
2013-12-08 15:05 - 2013-02-23 13:00 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-30 23:30 - 2013-11-30 23:27 - 00012053 _____ C:\Windows\IE11_main.log
2013-11-30 23:28 - 2013-11-30 23:28 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 23:28 - 2013-11-30 23:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-30 23:28 - 2013-11-30 23:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 23:28 - 2013-11-30 23:28 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 23:28 - 2013-11-30 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 23:28 - 2013-11-30 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 23:28 - 2013-11-30 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 11:11 - 2013-12-12 03:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-12 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-12 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-12 03:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-12 03:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-12 03:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:38 - 2013-12-12 03:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:36 - 2013-12-12 03:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-12 03:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-12 03:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-12 03:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-12 03:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 03:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-12 03:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 08:32 - 2013-12-12 03:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 03:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-12 03:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 03:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-12 03:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 17:05 - 2013-05-08 07:02 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 17:05 - 2013-02-23 13:00 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 17:05 - 2013-02-23 13:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 18:42 - 2010-09-10 11:57 - 00051000 _____ C:\fpRedmon.log
2013-11-24 18:42 - 2010-09-10 11:57 - 00000000 ____D C:\Users\Desktop\AppData\Local\FreePDF_XP
2013-11-19 10:25 - 2009-11-10 19:35 - 00000000 ____D C:\Users\Desktop\AppData\Roaming\Skype

Files to move or delete:
====================
C:\Users\Desktop\install_flash_player.exe
C:\Users\Desktop\SkypeSetup.exe
C:\Users\Desktop\wlsetup-web.exe


Some content of TEMP:
====================
C:\Users\Desktop\AppData\Local\Temp\avgnt.exe
C:\Users\Desktop\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 18:01

==================== End Of Log ============================
--- --- ---

--- --- ---


Der Computer zeigt vorerst keine Symptome mehr (großes DANKE!).
Meinst du, ich sollte den ESET Scanner nochmal probieren?

schrauber 15.12.2013 18:41
Nö passt :)

Java und Adobe updaten.

Fertig :)

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun :)


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

No1Se 28.12.2013 21:44
Hallo nochmal! Nach ausgiebiger Testphase gabs keine weiteren Probleme, du kannst den Thread aus deinen Abos nehmen :)

Vielen Dank für deine Hilfe! :dankeschoen:

schrauber 29.12.2013 12:45
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:22 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131