Trojaner-Board - PC extrem langsam

Hallo Matthias, danke daß du mir hilfst, es ist total schwer überhaupt etwas in Gänge zu bringen. Ich versuche so gut es geht "mit zu arbeiten"... ich weiss nicht ob das das richtige Log ist:
FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01

Ran by Jasskas (administrator) on JASSKAS-PC on 15-02-2014 21:25:53

Running from C:\Users\Jasskas\Downloads

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe

(Google Inc.) C:\Users\Jasskas\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe

() C:\Users\Jasskas\AppData\Roaming\SystemMn\bin\SystemMn.exe

() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

(Farbar) C:\Users\Jasskas\Downloads\FRST64(1).exe

(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [172600 2014-01-29] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165104 2009-09-17] (Softthinks)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-990396829-1976191800-715236640-1000\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2498048 2012-07-02] ()

HKU\S-1-5-21-990396829-1976191800-715236640-1000\...\Run: [Google+ Auto Backup] - C:\Users\Jasskas\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)

HKU\S-1-5-21-990396829-1976191800-715236640-1000\...\Run: [SystemMn] - C:\Users\Jasskas\AppData\Roaming\SystemMn\bin\SystemMn.exe [149504 2014-02-05] ()

HKU\S-1-5-21-990396829-1976191800-715236640-1000\...\RunOnce: [Uninstall C:\Users\Jasskas\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jasskas\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

HKU\S-1-5-21-990396829-1976191800-715236640-1000\...\MountPoints2: {184b3263-e4ca-11df-b070-002564ec1b44} - I:\NokiaPCIA_Autorun.exe

HKU\S-1-5-21-990396829-1976191800-715236640-1003\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272640 2012-09-12] (Microsoft Corporation)

HKU\S-1-5-21-990396829-1976191800-715236640-1003\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c

HKU\S-1-5-21-990396829-1976191800-715236640-1003\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-13] (Google Inc.)

HKU\S-1-5-21-990396829-1976191800-715236640-1003\...\MountPoints2: {184b3263-e4ca-11df-b070-002564ec1b44} - I:\NokiaPCIA_Autorun.exe

HKU\S-1-5-21-990396829-1976191800-715236640-1003\...\MountPoints2: {76cadc69-fc87-11de-9d28-806e6f6e6963} - D:\autorun.exe

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search

SearchScopes: HKCU - Backup.Old.DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}

SearchScopes: HKCU - Bing URL = hxxp://www.bing.com/search?q={searchTerms}&form=OSDSRC

SearchScopes: HKCU - {9F6B9B67-C044-439A-A003-28236ADD3C2F} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Jasskas\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: HKLM-x32 {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldde-de.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Jasskas\AppData\Roaming\Mozilla\Firefox\Profiles\7gcy6dyr.default

FF Homepage: hxxp://de.msn.com/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pack.google.com/Google Updater;version=14 - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jasskas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: (No Name) - C:\Users\Jasskas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oopofgccipckckifenoicncegojimpmf [2013-04-16]

CHR Extension: (Gmail) - C:\Users\Jasskas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-21]

CHR HKCU\...\Chrome\Extension: [ajeaeekpfakbiidigngcnelnclhnaibo] - C:\Users\Jasskas\AppData\Local\CRE\ajeaeekpfakbiidigngcnelnclhnaibo.crx [2011-12-21]

CHR HKLM-x32\...\Chrome\Extension: [ajeaeekpfakbiidigngcnelnclhnaibo] - C:\Users\Jasskas\AppData\Local\CRE\ajeaeekpfakbiidigngcnelnclhnaibo.crx [2011-12-21]
 

==================== Services (Whitelisted) =================
 

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [109112 2014-01-29] (Avira Operations GmbH & Co. KG)

S3 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia)

R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)

S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)

S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology)

S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-05-18] (Duplex Secure Ltd.)

S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)

S3 AIDA32Driver; \??\C:\Users\Jasskas\AppData\Local\Temp\aida32.sa6 [X]

S3 cpuz132; \??\C:\Users\Jasskas\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-15 21:25 - 2014-02-15 21:25 - 02152960 _____ (Farbar) C:\Users\Jasskas\Downloads\FRST64(2).exe

2014-02-15 21:24 - 2014-02-15 21:25 - 02152960 _____ (Farbar) C:\Users\Jasskas\Downloads\FRST64(1).exe

2014-02-15 21:00 - 2014-02-15 21:00 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jasskas\Downloads\mbar-1.07.0.1009(1).exe

2014-02-15 20:03 - 2014-02-15 21:18 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-15 20:03 - 2014-02-15 21:01 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-02-15 19:59 - 2014-02-15 21:18 - 00000000 ____D () C:\Users\Jasskas\Desktop\mbar

2014-02-15 19:59 - 2014-02-15 21:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-02-15 19:58 - 2014-02-15 19:59 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jasskas\Downloads\mbar-1.07.0.1009.exe

2014-02-15 18:07 - 2014-02-15 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-14 20:56 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-14 20:56 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-14 20:56 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-02-14 20:56 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-14 20:56 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-14 20:56 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-02-14 20:56 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-14 20:56 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-14 20:56 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-14 20:56 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-14 20:56 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-02-14 20:56 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-02-14 20:56 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-14 20:56 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-14 20:56 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-14 20:56 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-14 20:56 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-14 20:56 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-14 20:56 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-14 20:56 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-14 20:56 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-14 20:56 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-14 20:56 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-14 20:56 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-14 20:56 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-14 20:56 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-14 20:56 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-02-14 20:56 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-14 20:56 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-14 20:56 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-14 20:56 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-14 20:56 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-14 20:56 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-14 20:56 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-14 20:56 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-14 20:56 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-14 20:56 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-02-14 20:56 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-14 20:56 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-14 20:56 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-14 20:56 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-02-14 19:15 - 2014-02-14 19:15 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2014-02-14 15:20 - 2014-02-14 15:20 - 00000000 ____D () C:\Users\Jasskas\AppData\Roaming\Avira

2014-02-14 15:14 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2014-02-14 15:14 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2014-02-14 15:14 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2014-02-14 15:05 - 2014-02-14 15:06 - 129598176 _____ () C:\Users\Jasskas\Downloads\avira_free344_antivirus_de.exe

2014-02-14 14:51 - 2014-02-14 15:14 - 00000000 ____D () C:\ProgramData\Avira

2014-02-14 14:51 - 2014-02-14 14:51 - 00001099 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-02-14 14:51 - 2014-02-14 14:51 - 00000000 ____D () C:\ProgramData\Package Cache

2014-02-14 14:49 - 2014-02-14 14:49 - 04011472 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jasskas\Downloads\avira_oe_client_antivirus_de.exe

2014-02-14 12:04 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-02-14 12:03 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-14 12:03 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-02-14 12:03 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-02-14 12:03 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-02-14 12:03 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-02-14 12:03 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-02-14 12:03 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-02-14 12:03 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-02-14 12:03 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-02-14 12:03 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-02-14 12:03 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-02-14 12:03 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-14 12:03 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-02-14 12:03 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-02-14 12:03 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-02-14 12:03 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-02-14 12:03 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-02-14 12:03 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-02-14 12:03 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-02-14 12:03 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-02-14 12:03 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-14 12:02 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-02-14 12:02 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-02-14 12:02 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-02-14 12:02 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-02-13 20:01 - 2014-02-13 20:02 - 00000000 ____D () C:\Users\Jasskas\Desktop\Alte Firefox-Daten

2014-02-13 13:50 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-02-13 13:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-02-12 22:55 - 2014-02-14 19:15 - 00000000 ____D () C:\Program Files\CCleaner

2014-02-12 22:52 - 2014-02-12 22:52 - 00614792 _____ (Chip Digital GmbH) C:\Users\Jasskas\Downloads\CCleaner - CHIP-Downloader.exe

2014-02-06 18:59 - 2014-02-06 18:59 - 01166132 _____ () C:\Users\Jasskas\Downloads\adwcleaner-3.018.exe

2014-02-05 22:10 - 2014-02-06 11:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-02-05 09:41 - 2014-02-05 09:41 - 00000000 ____D () C:\Users\Jasskas\AppData\Roaming\SystemMn
 

==================== One Month Modified Files and Folders =======
 

2014-02-15 21:25 - 2014-02-15 21:25 - 02152960 _____ (Farbar) C:\Users\Jasskas\Downloads\FRST64(2).exe

2014-02-15 21:25 - 2014-02-15 21:24 - 02152960 _____ (Farbar) C:\Users\Jasskas\Downloads\FRST64(1).exe

2014-02-15 21:25 - 2013-12-20 21:25 - 00016041 _____ () C:\Users\Jasskas\Downloads\FRST.txt

2014-02-15 21:25 - 2013-12-20 21:25 - 00000000 ____D () C:\FRST

2014-02-15 21:18 - 2014-02-15 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-02-15 21:18 - 2014-02-15 19:59 - 00000000 ____D () C:\Users\Jasskas\Desktop\mbar

2014-02-15 21:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing

2014-02-15 21:01 - 2014-02-15 20:03 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-02-15 21:01 - 2014-02-15 19:59 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-02-15 21:00 - 2014-02-15 21:00 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jasskas\Downloads\mbar-1.07.0.1009(1).exe

2014-02-15 20:58 - 2009-07-14 05:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-15 20:58 - 2009-07-14 05:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-15 20:55 - 2009-07-14 06:10 - 01674896 _____ () C:\Windows\WindowsUpdate.log

2014-02-15 20:52 - 2012-09-14 18:03 - 00000000 ____D () C:\Users\Jasskas\.rainlendar2

2014-02-15 20:51 - 2010-01-12 17:17 - 00000000 ____D () C:\Users\Jasskas\AppData\Local\SoftThinks

2014-02-15 20:50 - 2012-10-23 21:22 - 00065536 _____ () C:\Windows\system32\Ikeext.etl

2014-02-15 20:50 - 2012-04-25 23:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-15 20:50 - 2011-03-31 07:49 - 00245972 _____ () C:\Windows\PFRO.log

2014-02-15 20:50 - 2011-03-13 11:39 - 00153374 _____ () C:\Windows\setupact.log

2014-02-15 20:50 - 2010-01-08 20:02 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-15 20:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-15 20:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors

2014-02-15 20:48 - 2012-06-06 12:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-15 19:59 - 2014-02-15 19:58 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jasskas\Downloads\mbar-1.07.0.1009.exe

2014-02-15 18:07 - 2014-02-15 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-15 14:20 - 2013-05-22 09:55 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-02-14 21:06 - 2009-07-14 18:58 - 00662584 _____ () C:\Windows\system32\perfh007.dat

2014-02-14 21:06 - 2009-07-14 18:58 - 00133536 _____ () C:\Windows\system32\perfc007.dat

2014-02-14 21:06 - 2009-07-14 06:13 - 01544336 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-14 19:15 - 2014-02-14 19:15 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2014-02-14 19:15 - 2014-02-12 22:55 - 00000000 ____D () C:\Program Files\CCleaner

2014-02-14 18:34 - 2013-05-08 19:38 - 00000000 ____D () C:\Program Files (x86)\Nero

2014-02-14 17:22 - 2013-10-25 22:23 - 00000000 ____D () C:\Nero Autobackup

2014-02-14 15:35 - 2010-01-12 17:17 - 00000000 ___RD () C:\Users\Jasskas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-14 15:27 - 2010-01-12 21:09 - 00000000 ____D () C:\Users\Jasskas\Tracing

2014-02-14 15:20 - 2014-02-14 15:20 - 00000000 ____D () C:\Users\Jasskas\AppData\Roaming\Avira

2014-02-14 15:14 - 2014-02-14 14:51 - 00000000 ____D () C:\ProgramData\Avira

2014-02-14 15:14 - 2013-03-01 16:29 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-02-14 15:06 - 2014-02-14 15:05 - 129598176 _____ () C:\Users\Jasskas\Downloads\avira_free344_antivirus_de.exe

2014-02-14 14:51 - 2014-02-14 14:51 - 00001099 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-02-14 14:51 - 2014-02-14 14:51 - 00000000 ____D () C:\ProgramData\Package Cache

2014-02-14 14:49 - 2014-02-14 14:49 - 04011472 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jasskas\Downloads\avira_oe_client_antivirus_de.exe

2014-02-14 14:04 - 2012-09-01 12:04 - 00000000 ____D () C:\Users\Jasskas\AppData\Roaming\Skype

2014-02-14 11:59 - 2011-11-06 17:22 - 00000000 ____D () C:\Users\Jasskas\AppData\Local\Windows Live

2014-02-14 11:56 - 2010-01-12 17:17 - 00000000 ____D () C:\Users\Jasskas

2014-02-14 11:55 - 2010-03-21 22:20 - 00000000 ____D () C:\Windows\Minidump

2014-02-14 11:29 - 2012-05-27 12:33 - 00000000 ____D () C:\NVIDIA

2014-02-14 11:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat

2014-02-14 11:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration

2014-02-14 11:24 - 2011-07-01 10:09 - 00000000 ____D () C:\Users\Jasskas\AppData\Local\Mozilla

2014-02-13 21:07 - 2010-01-26 12:44 - 00000000 ___DC () C:\Users\Jasskas\AppData\Local\MigWiz

2014-02-13 21:07 - 2010-01-09 04:40 - 00000000 ____D () C:\Windows\Panther

2014-02-13 20:02 - 2014-02-13 20:01 - 00000000 ____D () C:\Users\Jasskas\Desktop\Alte Firefox-Daten

2014-02-12 22:52 - 2014-02-12 22:52 - 00614792 _____ (Chip Digital GmbH) C:\Users\Jasskas\Downloads\CCleaner - CHIP-Downloader.exe

2014-02-09 11:26 - 2010-01-13 11:44 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job

2014-02-06 19:03 - 2013-12-20 21:32 - 00000000 ____D () C:\AdwCleaner

2014-02-06 18:59 - 2014-02-06 18:59 - 01166132 _____ () C:\Users\Jasskas\Downloads\adwcleaner-3.018.exe

2014-02-06 13:16 - 2014-02-14 20:56 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-06 12:30 - 2014-02-14 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-06 12:30 - 2014-02-14 20:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-02-06 12:12 - 2014-02-14 20:56 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-06 12:07 - 2014-02-14 20:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-06 12:06 - 2014-02-14 20:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-02-06 11:57 - 2014-02-14 20:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-06 11:56 - 2014-02-14 20:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-06 11:56 - 2014-02-05 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-02-06 11:52 - 2014-02-14 20:56 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-06 11:49 - 2014-02-14 20:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-06 11:48 - 2014-02-14 20:56 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-02-06 11:48 - 2014-02-14 20:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-02-06 11:38 - 2014-02-14 20:56 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-06 11:32 - 2014-02-14 20:56 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-06 11:20 - 2014-02-14 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-06 11:17 - 2014-02-14 20:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-06 11:11 - 2014-02-14 20:56 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-06 11:01 - 2014-02-14 20:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-06 11:00 - 2014-02-14 20:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-06 10:57 - 2014-02-14 20:56 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-06 10:57 - 2014-02-14 20:56 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-06 10:52 - 2014-02-14 20:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-06 10:52 - 2014-02-14 20:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-06 10:50 - 2014-02-14 20:56 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-06 10:49 - 2014-02-14 20:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-06 10:47 - 2014-02-14 20:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-06 10:46 - 2014-02-14 20:56 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-02-06 10:25 - 2014-02-14 20:56 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-06 10:25 - 2014-02-14 20:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-06 10:24 - 2014-02-14 20:56 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-06 10:22 - 2014-02-14 20:56 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-06 10:13 - 2014-02-14 20:56 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-06 10:09 - 2014-02-14 20:56 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-06 10:03 - 2014-02-14 20:56 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-06 09:55 - 2014-02-14 20:56 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-06 09:41 - 2014-02-14 20:56 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-06 09:40 - 2014-02-14 20:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-02-06 09:36 - 2014-02-14 20:56 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-06 09:34 - 2014-02-14 20:56 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-05 16:48 - 2012-06-06 12:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-05 16:48 - 2012-06-06 12:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-05 16:48 - 2011-05-17 07:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-05 09:41 - 2014-02-05 09:41 - 00000000 ____D () C:\Users\Jasskas\AppData\Roaming\SystemMn

2014-02-03 23:02 - 2013-01-10 18:14 - 00000000 ____D () C:\Users\Jasskas\Documents\Bewerbungen

2014-01-29 12:26 - 2013-05-10 10:17 - 00000000 ____D () C:\Users\Jasskas\Documents\Unterseeschule

2014-01-16 09:49 - 2009-07-14 05:45 - 00457256 _____ () C:\Windows\system32\FNTCACHE.DAT
 

Some content of TEMP:

====================

C:\Users\Jasskas\AppData\Local\Temp\649.0675358720199_Update.exe

C:\Users\Jasskas\AppData\Local\Temp\avgnt.exe

C:\Users\Jasskas\AppData\Local\Temp\ERUNT.exe

C:\Users\Jasskas\AppData\Local\Temp\nsb9D9B.exe

C:\Users\Jasskas\AppData\Local\Temp\nsmB726.exe

C:\Users\Jasskas\AppData\Local\Temp\nsw9F9F.exe

C:\Users\Jasskas\AppData\Local\Temp\nswB939.exe

C:\Users\Jasskas\AppData\Local\Temp\Quarantine.exe

C:\Users\Jasskas\AppData\Local\Temp\SPSetup.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-02-08 20:41
 

==================== End Of Log ============================

--- --- ---

Code:

ComboFix 14-02-14.01 - Jasskas 16.02.2014  15:49:05.1.4 - x64

Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.6133.4100 [GMT 1:00]

ausgeführt von:: c:\users\Jasskas\Downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\PCDr\6422\AddOnDownloaded\1b8965d5-1ace-460f-9f9d-51d4c6c7c534.dll

c:\programdata\PCDr\6422\AddOnDownloaded\236515c7-c29a-41e6-873d-b9e2673e11c3.dll

c:\programdata\PCDr\6422\AddOnDownloaded\2b605d7d-d0d9-4054-adbf-4b49c7319932.dll

c:\programdata\PCDr\6422\AddOnDownloaded\46396106-fa11-4329-87bf-ed5a85069e89.dll

c:\programdata\PCDr\6422\AddOnDownloaded\46f8f9b8-a6d9-4ac9-a82f-2c79e2a75546.dll

c:\programdata\PCDr\6422\AddOnDownloaded\4f436db1-def5-4137-a084-15125ef65010.dll

c:\programdata\PCDr\6422\AddOnDownloaded\5dc25d30-0116-4ea0-9e12-f329c60c603b.dll

c:\programdata\PCDr\6422\AddOnDownloaded\667e2f17-0031-40e7-a376-b390959abbb8.dll

c:\programdata\PCDr\6422\AddOnDownloaded\6ff7e11c-29c5-4891-bc9e-fae289e9c9fe.dll

c:\programdata\PCDr\6422\AddOnDownloaded\7bc69e73-3dda-484f-af68-bb19598a4b32.dll

c:\programdata\PCDr\6422\AddOnDownloaded\9c39bb99-9a2d-442b-9a53-fc7bd3d32368.dll

c:\programdata\PCDr\6422\AddOnDownloaded\9c91892f-68c1-49f2-9c84-27a2e4701c64.dll

c:\programdata\PCDr\6422\AddOnDownloaded\a5fe6876-4636-4d79-8440-3ce56e4f4416.dll

c:\programdata\PCDr\6422\AddOnDownloaded\a9d9bdb2-283c-48d2-b6ea-df9f6bc83b04.dll

c:\programdata\PCDr\6422\AddOnDownloaded\ade7fb72-009e-483b-8dbb-a94667c9efee.dll

c:\programdata\PCDr\6422\AddOnDownloaded\b1cd2350-1a70-4fd2-9b75-98208aace99a.dll

c:\programdata\PCDr\6422\AddOnDownloaded\cdf86821-bbfe-4586-8cae-bf998bb8d498.dll

c:\programdata\PCDr\6422\AddOnDownloaded\e6166583-b575-4093-a3ca-d9c4587d4bb7.dll

c:\programdata\PCDr\6422\AddOnDownloaded\fdae1379-f1f4-49e3-a1cc-0a3d1c8ae2a5.dll

c:\programdata\PCDr\6422\AddOnDownloaded\ffa288d5-37d2-4036-812e-1b7722ec86ed.dll

c:\users\Jasskas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

c:\users\Jasskas\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll

c:\users\Jasskas\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-01-16 bis 2014-02-16  ))))))))))))))))))))))))))))))

.

.

2014-02-15 19:03 . 2014-02-15 20:01        119000        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-02-15 18:59 . 2014-02-15 20:01        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2014-02-15 13:18 . 2013-12-16 00:54        10315576        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BACFEB6-C177-464A-8518-3E0E349945C2}\mpengine.dll

2014-02-14 14:20 . 2014-02-14 14:20        --------        d-----w-        c:\users\Jasskas\AppData\Roaming\Avira

2014-02-14 14:14 . 2013-12-18 08:32        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2014-02-14 14:14 . 2013-12-18 08:32        131576        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2014-02-14 14:14 . 2013-12-18 08:32        108440        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2014-02-14 13:51 . 2014-02-14 14:14        --------        d-----w-        c:\programdata\Avira

2014-02-14 13:51 . 2014-02-14 13:51        --------        d-----w-        c:\programdata\Package Cache

2014-02-14 11:02 . 2013-12-24 23:09        1987584        ----a-w-        c:\windows\SysWow64\d3d10warp.dll

2014-02-14 11:02 . 2013-12-24 22:48        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll

2014-02-14 11:02 . 2013-11-26 08:16        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll

2014-02-14 11:02 . 2013-11-22 22:48        3928064        ----a-w-        c:\windows\system32\d2d1.dll

2014-02-13 12:50 . 2013-12-04 02:27        123392        ----a-w-        c:\windows\system32\secproc_ssp_isv.dll

2014-02-12 21:55 . 2014-02-14 18:15        --------        d-----w-        c:\program files\CCleaner

2014-02-05 21:10 . 2014-02-06 10:56        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird

2014-02-05 08:41 . 2014-02-05 08:41        --------        d-----w-        c:\users\Jasskas\AppData\Roaming\SystemMn

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-02-05 15:48 . 2012-06-06 11:22        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2014-02-05 15:48 . 2011-05-17 06:27        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-15 21:38 . 2010-01-18 07:03        86054176        ----a-w-        c:\windows\system32\MRT.exe

2014-01-06 19:23 . 2014-01-06 19:23        4558848        ----a-w-        c:\windows\SysWow64\GPhotos.scr

2014-01-05 13:28 . 2010-01-22 14:49        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2014-01-05 13:28 . 2010-06-03 12:59        42168        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2014-01-05 13:28 . 2010-01-22 14:49        1236816        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-12-18 05:13 . 2011-05-04 06:03        270496        ------w-        c:\windows\system32\MpSigStub.exe

2013-12-14 13:51 . 2010-05-19 12:50        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-12-14 13:51 . 2010-05-19 12:50        42168        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2013-11-27 01:41 . 2014-01-15 11:11        343040        ----a-w-        c:\windows\system32\drivers\usbhub.sys

2013-11-27 01:41 . 2014-01-15 11:11        99840        ----a-w-        c:\windows\system32\drivers\usbccgp.sys

2013-11-27 01:41 . 2014-01-15 11:11        53248        ----a-w-        c:\windows\system32\drivers\usbehci.sys

2013-11-27 01:41 . 2014-01-15 11:11        325120        ----a-w-        c:\windows\system32\drivers\usbport.sys

2013-11-27 01:41 . 2014-01-15 11:11        25600        ----a-w-        c:\windows\system32\drivers\usbohci.sys

2013-11-27 01:41 . 2014-01-15 11:11        30720        ----a-w-        c:\windows\system32\drivers\usbuhci.sys

2013-11-27 01:41 . 2014-01-15 11:11        7808        ----a-w-        c:\windows\system32\drivers\usbd.sys

2013-11-26 11:40 . 2014-01-15 11:11        376768        ----a-w-        c:\windows\system32\drivers\netio.sys

2013-11-26 10:32 . 2014-01-15 11:11        3156480        ----a-w-        c:\windows\system32\win32k.sys

2013-11-23 18:26 . 2013-12-11 18:42        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47 . 2013-12-11 18:42        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C8B7D03D-30D7-493A-95E5-6547E2FAC2FE}]

2013-08-09 08:17        122400        ----a-w-        c:\users\Jasskas\AppData\Roaming\ShinyProfile\shinyprofile.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-04-28 18:10        222808        ----a-w-        c:\users\Jasskas\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-04-28 18:10        222808        ----a-w-        c:\users\Jasskas\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-04-28 18:10        222808        ----a-w-        c:\users\Jasskas\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2012-07-02 2498048]

"Google+ Auto Backup"="c:\users\Jasskas\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" [2014-01-06 3619096]

"SystemMn"="c:\users\Jasskas\AppData\Roaming\SystemMn\bin\SystemMn.exe" [2014-02-05 149504]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-01-29 172600]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-09-17 165104]

.

c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-9-21 1316192]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-9-21 1316192]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableSecureUIAPath"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 AIDA32Driver;AIDA32Driver;c:\users\Jasskas\AppData\Local\Temp\aida32.sa6;c:\users\Jasskas\AppData\Local\Temp\aida32.sa6 [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]

R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]

R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]

S3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]

S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

Inhalt des "geplante Tasks" Ordners

.

2014-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 15:48]

.

2014-02-16 c:\windows\Tasks\Google Software Updater.job

- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-13 12:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-04-28 18:10        261704        ----a-w-        c:\users\Jasskas\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-04-28 18:10        261704        ----a-w-        c:\users\Jasskas\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-04-28 18:10        261704        ----a-w-        c:\users\Jasskas\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Add animation to IncrediMail Style Box - c:\program files (x86)\IncrediMail\bin\resources\WebMenuImg.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Free YouTube Download - c:\users\Jasskas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Jasskas\AppData\Roaming\Mozilla\Firefox\Profiles\7gcy6dyr.default\

FF - prefs.js: browser.startup.homepage - hxxp://de.msn.com/

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

AddRemove-{0CC15B17-F592-48E6-B442-D74E45ADFC89} - c:\users\Jasskas\AppData\Local\{C9F60138-EDD0-4FE6-997C-6A42B5D7A85D}\Setup.exe

AddRemove-{2FAA2415-618E-4EC0-8253-3CDA076C84D6} - c:\users\Jasskas\AppData\Local\{E844F16E-E26A-4D34-B4EA-A8C69B0E0547}\Setup.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA32Driver]

"ImagePath"="\??\c:\users\Jasskas\AppData\Local\Temp\aida32.sa6"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-990396829-1976191800-715236640-1000_Classes\CLSID]

@DACL=(02 0000)

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2014-02-16  16:05:25 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2014-02-16 15:05

.

Vor Suchlauf: 22 Verzeichnis(se), 593.621.790.720 Bytes frei

Nach Suchlauf: 26 Verzeichnis(se), 594.150.088.704 Bytes frei

.

- - End Of File - - 0F6E7D6E4FF7B36FE6FA6218099DD5A9

A36C5E4F47E84449FF07ED3517B43A31

yupiyeyyyy... ich habs! Es war nur die Maus!! lach.. hatte eine Funk-Maus, die wohl ihren Geist aufgegeben hat, jetzt mit der anderen Maus funzt es einwandfrei. Peinlich, aber ich bin froh...

Liebe Grüße
Reni