Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Löschen von Torntv Downloader (https://www.trojaner-board.de/159004-loeschen-torntv-downloader.html)

Davi123 26.09.2014 16:41
Hier die frst log datei die du wolltest:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by David (administrator) on DAVID-PC on 25-09-2014 15:13:03
Running from C:\Users\David\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Syntek Ltd.) C:\Windows\STK03N\STK03NM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [548864 2009-02-04] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-998695996-4168773435-2637053711-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-13] (Google Inc.)
HKU\S-1-5-21-998695996-4168773435-2637053711-1001\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-998695996-4168773435-2637053711-1001\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2055 2012-10-24] ()
HKU\S-1-5-21-998695996-4168773435-2637053711-1003\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKU\S-1-5-21-998695996-4168773435-2637053711-501\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKU\S-1-5-21-998695996-4168773435-2637053711-501\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-13] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK03N PNP Monitor.lnk
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\Windows\STK03N\STK03NM.exe (Syntek Ltd.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE442
SearchScopes: HKCU - {697E090B-01E5-4AC3-8C2E-867B056ED9C9} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&origin=searchplugin
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {A812CA6C-1BE9-4A43-A236-D3EE25ED6D5E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - No Name - !{82E1477C-B154-48D3-9891-33D83C26BCD3} -  No File
Toolbar: HKLM-x32 - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM-x32 - No Name - !{EA582743-9076-4178-9AA6-7393FDF4D5CE} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\David\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\1und1-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\amazon-distro.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\mailcom-search.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\David\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-03-20]
FF Extension: Fast Discountz - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{2a4808f0-e451-4d0b-982a-bb0f44d3354d} [2013-08-27]
FF Extension: Buyertools - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A} [2012-04-25]
FF Extension: FTdownloader V3.0 - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: PlusWinks - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\pluswinks@PlusWinks.xpi [2013-07-20]
FF Extension: Test Pilot - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-31]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-25]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-08]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-29]
CHR HKLM\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\David\AppData\Local\WebToSave.crx [2013-08-31]
CHR HKCU\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\David\AppData\Local\WebToSave.crx [2013-08-31]
CHR HKLM-x32\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\David\AppData\Local\WebToSave.crx [2013-08-31]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-08] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [161448 2009-03-24] (Samsung Electronics CO., LTD.) [File not signed]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [34040 2012-01-24] (Windows (R) Win 7 DDK provider)
S3 DCamUSBSTK03N; C:\Windows\System32\DRIVERS\STK03NW2.sys [113288 2010-01-05] (Syntek Ltd.)
S3 DCamUSBSTK03N; C:\Windows\SysWOW64\DRIVERS\STK03NW2.sys [108544 2010-01-05] (Syntek Ltd.)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2008-01-10] (Samsung Electronics Co., Ltd.) [File not signed]
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-22] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140925.001\IDSvia64.sys [633560 2014-09-19] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140924.019\ENG64.SYS [129752 2014-09-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140924.019\EX64.SYS [2137304 2014-09-23] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 15:12 - 2014-09-25 15:12 - 00000000 ____D () C:\Users\David\Downloads\FRST-OlderVersion
2014-09-25 15:09 - 2014-09-25 15:09 - 00025739 _____ () C:\Users\David\Desktop\JRT.7z
2014-09-25 15:07 - 2014-09-25 15:07 - 01110476 _____ () C:\Users\David\Downloads\7z920.exe
2014-09-25 15:07 - 2014-09-25 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-25 15:07 - 2014-09-25 15:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-09-25 14:56 - 2014-09-25 14:56 - 00137695 _____ () C:\Users\David\Desktop\JRT.txt
2014-09-25 14:47 - 2014-09-25 14:47 - 01024790 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-09-25 14:47 - 2014-09-25 14:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 14:25 - 2014-09-25 14:25 - 01373475 _____ () C:\Users\David\Downloads\AdwCleaner_3.310 (1).exe
2014-09-25 14:23 - 2014-09-25 14:23 - 00005017 _____ () C:\Users\David\Desktop\mbam.txt
2014-09-24 13:50 - 2014-09-24 13:50 - 00037269 _____ () C:\ComboFix.txt
2014-09-24 13:15 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-24 13:15 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-24 13:15 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-24 13:03 - 2014-09-24 13:50 - 00000000 ____D () C:\Qoobox
2014-09-24 13:03 - 2014-09-24 13:45 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 12:59 - 2014-09-24 12:59 - 05579290 ____R (Swearware) C:\Users\David\Downloads\ComboFix.exe
2014-09-24 12:45 - 2014-09-24 12:45 - 00001268 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-09-24 12:45 - 2014-09-24 12:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-24 12:44 - 2014-09-24 12:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup95.exe
2014-09-24 11:27 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 11:27 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 12:03 - 2014-09-23 12:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-22 21:09 - 2014-09-22 21:09 - 00003486 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-09-22 21:09 - 2014-09-22 21:09 - 00003468 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-09-22 21:09 - 2014-09-22 21:09 - 00003294 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-09-22 21:09 - 2014-09-22 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-09-22 21:08 - 2014-09-22 21:08 - 00000000 ____D () C:\Program Files\Motorola Mobility LLC
2014-09-22 19:44 - 2014-09-22 19:47 - 00054437 _____ () C:\Users\David\Downloads\Addition.txt
2014-09-22 19:41 - 2014-09-25 15:13 - 00030141 _____ () C:\Users\David\Downloads\FRST.txt
2014-09-22 19:40 - 2014-09-25 15:13 - 00000000 ____D () C:\FRST
2014-09-22 19:37 - 2014-09-25 15:12 - 02106880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-09-22 14:34 - 2014-09-23 11:55 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-09-22 14:34 - 2014-09-22 14:34 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-09-22 14:34 - 2014-09-22 14:34 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-09-22 14:34 - 2014-09-22 14:34 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-09-22 14:33 - 2014-09-23 11:55 - 00002323 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-09-22 14:31 - 2014-09-23 11:58 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-22 14:31 - 2014-09-23 11:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-09-22 14:31 - 2014-09-22 14:31 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-09-22 14:29 - 2014-09-25 14:35 - 00724276 _____ () C:\Windows\PFRO.log
2014-09-22 12:11 - 2014-09-22 12:13 - 211474544 ____N (Symantec Corporation) C:\Users\David\Downloads\N360-TW-21.1.0-GE.exe
2014-09-22 11:58 - 2014-09-25 14:35 - 00000504 _____ () C:\Windows\setupact.log
2014-09-22 11:58 - 2014-09-22 11:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 23:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-21 23:43 - 2014-09-25 14:34 - 00000000 ____D () C:\AdwCleaner
2014-09-21 23:43 - 2014-09-21 23:43 - 01373475 _____ () C:\Users\David\Downloads\adwcleaner_3.310.exe
2014-09-21 22:45 - 2014-09-21 22:54 - 00000000 ____D () C:\Program Files (x86)\RegCleaner
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\Nutzer\Desktop\RegCleaner.lnk
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\Gast\Desktop\RegCleaner.lnk
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\David\Desktop\RegCleaner.lnk
2014-09-21 22:44 - 2014-09-21 22:44 - 00553687 _____ () C:\Users\David\Downloads\RegCleaner.exe
2014-09-21 16:16 - 2014-09-21 22:17 - 00000000 ____D () C:\ProgramData\Sophos
2014-09-21 15:45 - 2014-09-21 15:46 - 97688768 _____ (Sophos Limited) C:\Users\David\Downloads\Sophos Virus Removal Tool.exe
2014-09-19 18:39 - 2014-09-19 18:39 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\David\Downloads\UseNeXTSetup_5.63 (1).exe
2014-09-19 13:29 - 2014-09-25 14:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 13:28 - 2014-09-19 13:28 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-19 13:28 - 2014-09-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-19 13:28 - 2014-09-19 13:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-19 13:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-19 13:28 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-19 13:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-19 13:27 - 2014-09-19 13:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 15:36 - 2014-09-16 15:36 - 00359655 _____ () C:\Users\David\Downloads\Reklamationsantrag_V11.tif
2014-09-12 16:15 - 2014-09-21 22:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\UseNeXT
2014-09-12 16:13 - 2014-09-12 16:13 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\David\Downloads\UseNeXTSetup_5.63.exe
2014-09-11 21:45 - 2014-09-11 21:45 - 00015483 _____ () C:\Users\David\Downloads\F56C9D8291380D306FF6EC20E8036F543431E954 (1).torrent
2014-09-11 19:42 - 2014-09-11 19:42 - 00014435 _____ () C:\Users\David\Downloads\Komplett film in Deutsch 2014 DVDRiP.rar.torrent
2014-09-11 19:11 - 2012-01-24 00:07 - 00034040 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\DbusAudio.sys
2014-09-11 19:07 - 2014-09-11 19:10 - 24618440 _____ (Ramka Ltd. ) C:\Users\David\Downloads\DRMBuster_4.3.3-Setup_www.drmbuster.com (1).exe
2014-09-11 19:04 - 2014-09-11 21:32 - 00000000 ____D () C:\Program Files (x86)\DRMBuster
2014-09-11 19:01 - 2014-09-11 19:04 - 24618440 _____ (Ramka Ltd. ) C:\Users\David\Downloads\DRMBuster_4.3.3-Setup_www.drmbuster.com.exe
2014-09-11 18:38 - 2014-09-11 18:38 - 02764840 _____ (New Monte Inc) C:\Users\David\Downloads\Saphirblau_Movie_downloader.exe
2014-09-11 18:23 - 2014-09-11 18:23 - 00015483 _____ () C:\Users\David\Downloads\F56C9D8291380D306FF6EC20E8036F543431E954.torrent
2014-09-11 13:11 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 13:11 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 13:11 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 13:11 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 13:11 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 13:11 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 13:11 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 13:11 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 13:11 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 13:11 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 13:11 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 13:11 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 13:11 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 13:11 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 13:11 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 13:11 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 13:11 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 13:11 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 13:11 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 13:11 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 13:11 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 13:11 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 13:11 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 13:11 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 13:11 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 13:11 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 13:11 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 13:11 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 13:11 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 13:11 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 13:11 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 13:11 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 13:11 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 13:11 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 13:11 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 13:11 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 13:11 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 13:11 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 13:11 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 13:11 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 13:11 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 13:11 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 13:11 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 13:11 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 13:11 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 13:11 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 13:11 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 13:11 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 13:11 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 13:11 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 13:11 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 13:11 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 13:11 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 13:11 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 13:10 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 13:10 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 12:29 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 12:29 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 11:05 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 11:05 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 11:04 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 11:04 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 11:04 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 11:04 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 11:04 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 11:04 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 11:04 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 11:04 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 11:04 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-06 19:37 - 2014-09-19 19:51 - 00000000 ____D () C:\Users\David\Desktop\Neuer Ordner (3)
2014-09-06 17:46 - 2014-09-06 17:47 - 07457256 _____ ( ) C:\Users\David\Downloads\UsenetNLSetup.exe
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\David\Documents\Neuer Ordner (2)
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\David\Documents\Neuer Ordner
2014-09-01 17:26 - 2014-09-01 17:26 - 24489269 _____ () C:\Users\David\Downloads\setup_free.exe
2014-09-01 17:26 - 2014-09-01 17:26 - 00857696 _____ ( ) C:\Users\David\Downloads\Free_Download_Setup (1).exe
2014-09-01 17:24 - 2014-09-01 17:24 - 00857696 _____ ( ) C:\Users\David\Downloads\Free_Download_Setup.exe
2014-09-01 16:54 - 2014-09-01 16:54 - 01376768 _____ () C:\Users\David\Downloads\7z920-x64.msi
2014-09-01 16:48 - 2014-09-01 16:48 - 01158232 _____ (Zugara Investments Limited ) C:\Users\David\Downloads\rapidfixer-speed-up-your-pc.exe
2014-09-01 13:35 - 2014-09-01 13:35 - 00000000 _____ () C:\temp.txt
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\David\AppData\Roaming\HUO
2014-08-27 19:45 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:45 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 19:45 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 18:53 - 2014-09-10 11:15 - 00000348 _____ () C:\Windows\Tasks\0814tbUpdateInfo.job
2014-08-26 18:53 - 2014-09-10 11:15 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-26 13:03 - 2014-09-14 14:48 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 15:13 - 2014-09-22 19:41 - 00030141 _____ () C:\Users\David\Downloads\FRST.txt
2014-09-25 15:13 - 2014-09-22 19:40 - 00000000 ____D () C:\FRST
2014-09-25 15:12 - 2014-09-25 15:12 - 00000000 ____D () C:\Users\David\Downloads\FRST-OlderVersion
2014-09-25 15:12 - 2014-09-22 19:37 - 02106880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-09-25 15:09 - 2014-09-25 15:09 - 00025739 _____ () C:\Users\David\Desktop\JRT.7z
2014-09-25 15:07 - 2014-09-25 15:07 - 01110476 _____ () C:\Users\David\Downloads\7z920.exe
2014-09-25 15:07 - 2014-09-25 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-25 15:07 - 2014-09-25 15:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-09-25 15:00 - 2012-06-20 15:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 14:56 - 2014-09-25 14:56 - 00137695 _____ () C:\Users\David\Desktop\JRT.txt
2014-09-25 14:47 - 2014-09-25 14:47 - 01024790 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-09-25 14:47 - 2014-09-25 14:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 14:46 - 2011-07-26 12:14 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 14:45 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 14:45 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 14:38 - 2012-01-23 01:21 - 00000000 ____D () C:\Users\David\Desktop\Neuer Ordner (2)
2014-09-25 14:36 - 2011-09-01 15:23 - 00000000 ____D () C:\Temp
2014-09-25 14:35 - 2014-09-22 14:29 - 00724276 _____ () C:\Windows\PFRO.log
2014-09-25 14:35 - 2014-09-22 11:58 - 00000504 _____ () C:\Windows\setupact.log
2014-09-25 14:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 14:34 - 2014-09-21 23:43 - 00000000 ____D () C:\AdwCleaner
2014-09-25 14:34 - 2010-10-09 03:49 - 01058374 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 14:31 - 2011-07-26 11:24 - 00000000 ____D () C:\Users\David
2014-09-25 14:29 - 2011-07-26 20:45 - 00000000 ____D () C:\Users\David\AppData\Roaming\ICQ
2014-09-25 14:25 - 2014-09-25 14:25 - 01373475 _____ () C:\Users\David\Downloads\AdwCleaner_3.310 (1).exe
2014-09-25 14:23 - 2014-09-25 14:23 - 00005017 _____ () C:\Users\David\Desktop\mbam.txt
2014-09-25 14:20 - 2014-09-19 13:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 14:11 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2014-09-25 14:07 - 2013-01-11 00:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998695996-4168773435-2637053711-1001UA.job
2014-09-24 23:07 - 2013-01-11 00:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998695996-4168773435-2637053711-1001Core.job
2014-09-24 17:16 - 2011-09-15 19:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\BOM
2014-09-24 16:00 - 2012-06-20 15:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:00 - 2012-06-20 15:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:00 - 2012-06-20 15:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 13:50 - 2014-09-24 13:50 - 00037269 _____ () C:\ComboFix.txt
2014-09-24 13:50 - 2014-09-24 13:03 - 00000000 ____D () C:\Qoobox
2014-09-24 13:50 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-24 13:45 - 2014-09-24 13:03 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 13:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-24 13:15 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-24 12:59 - 2014-09-24 12:59 - 05579290 ____R (Swearware) C:\Users\David\Downloads\ComboFix.exe
2014-09-24 12:53 - 2012-02-16 18:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\FoxTab FLV Player
2014-09-24 12:45 - 2014-09-24 12:45 - 00001268 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-09-24 12:45 - 2014-09-24 12:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-24 12:44 - 2014-09-24 12:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup95.exe
2014-09-23 22:52 - 2012-11-21 16:30 - 00000000 ____D () C:\Windows\STK03N
2014-09-23 17:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-23 13:33 - 2010-10-09 13:40 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-09-23 13:33 - 2010-10-09 13:40 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-09-23 13:33 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-23 12:03 - 2014-09-23 12:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-23 11:58 - 2014-09-22 14:31 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-23 11:55 - 2014-09-22 14:34 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-09-23 11:55 - 2014-09-22 14:33 - 00002323 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-09-23 11:55 - 2014-09-22 14:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-09-23 11:55 - 2011-12-30 20:57 - 00000000 ____D () C:\ProgramData\1und1InternetExplorerAddon
2014-09-22 21:53 - 2011-09-15 19:23 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-09-22 21:09 - 2014-09-22 21:09 - 00003486 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-09-22 21:09 - 2014-09-22 21:09 - 00003468 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-09-22 21:09 - 2014-09-22 21:09 - 00003294 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-09-22 21:09 - 2014-09-22 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-09-22 21:09 - 2012-07-06 19:42 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-09-22 21:08 - 2014-09-22 21:08 - 00000000 ____D () C:\Program Files\Motorola Mobility LLC
2014-09-22 19:47 - 2014-09-22 19:44 - 00054437 _____ () C:\Users\David\Downloads\Addition.txt
2014-09-22 14:35 - 2012-01-20 20:44 - 00000000 ____D () C:\ProgramData\Norton
2014-09-22 14:34 - 2014-09-22 14:34 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-09-22 14:34 - 2014-09-22 14:34 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-09-22 14:34 - 2014-09-22 14:34 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-09-22 14:31 - 2014-09-22 14:31 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-09-22 14:29 - 2012-04-22 00:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-22 13:57 - 2012-01-21 16:00 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-09-22 12:13 - 2014-09-22 12:11 - 211474544 ____N (Symantec Corporation) C:\Users\David\Downloads\N360-TW-21.1.0-GE.exe
2014-09-22 11:58 - 2014-09-22 11:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 23:43 - 2014-09-21 23:43 - 01373475 _____ () C:\Users\David\Downloads\adwcleaner_3.310.exe
2014-09-21 23:33 - 2013-08-29 18:33 - 00000000 ____D () C:\Windows\Minidump
2014-09-21 22:54 - 2014-09-21 22:45 - 00000000 ____D () C:\Program Files (x86)\RegCleaner
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\Nutzer\Desktop\RegCleaner.lnk
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\Gast\Desktop\RegCleaner.lnk
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\David\Desktop\RegCleaner.lnk
2014-09-21 22:44 - 2014-09-21 22:44 - 00553687 _____ () C:\Users\David\Downloads\RegCleaner.exe
2014-09-21 22:17 - 2014-09-21 16:16 - 00000000 ____D () C:\ProgramData\Sophos
2014-09-21 22:16 - 2014-09-12 16:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\UseNeXT
2014-09-21 15:46 - 2014-09-21 15:45 - 97688768 _____ (Sophos Limited) C:\Users\David\Downloads\Sophos Virus Removal Tool.exe
2014-09-19 19:51 - 2014-09-06 19:37 - 00000000 ____D () C:\Users\David\Desktop\Neuer Ordner (3)
2014-09-19 18:39 - 2014-09-19 18:39 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\David\Downloads\UseNeXTSetup_5.63 (1).exe
2014-09-19 15:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-19 15:06 - 2014-03-12 23:15 - 00000000 ____D () C:\Program Files\Recuva
2014-09-19 14:28 - 2012-11-27 01:08 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-09-19 14:27 - 2012-02-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Vlcclassic
2014-09-19 13:28 - 2014-09-19 13:28 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-19 13:28 - 2014-09-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-19 13:28 - 2014-09-19 13:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-19 13:28 - 2014-09-19 13:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-19 13:28 - 2012-08-11 20:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-17 18:47 - 2012-02-18 14:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-16 22:51 - 2014-08-10 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-16 15:36 - 2014-09-16 15:36 - 00359655 _____ () C:\Users\David\Downloads\Reklamationsantrag_V11.tif
2014-09-14 14:48 - 2014-08-26 13:03 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-14 14:48 - 2014-04-17 13:31 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-14 14:48 - 2014-04-17 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-14 14:48 - 2014-04-17 13:31 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-13 23:14 - 2012-03-31 00:02 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-09-12 16:13 - 2014-09-12 16:13 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\David\Downloads\UseNeXTSetup_5.63.exe
2014-09-11 21:45 - 2014-09-11 21:45 - 00015483 _____ () C:\Users\David\Downloads\F56C9D8291380D306FF6EC20E8036F543431E954 (1).torrent
2014-09-11 21:32 - 2014-09-11 19:04 - 00000000 ____D () C:\Program Files (x86)\DRMBuster
2014-09-11 19:42 - 2014-09-11 19:42 - 00014435 _____ () C:\Users\David\Downloads\Komplett film in Deutsch 2014 DVDRiP.rar.torrent
2014-09-11 19:10 - 2014-09-11 19:07 - 24618440 _____ (Ramka Ltd. ) C:\Users\David\Downloads\DRMBuster_4.3.3-Setup_www.drmbuster.com (1).exe
2014-09-11 19:04 - 2014-09-11 19:01 - 24618440 _____ (Ramka Ltd. ) C:\Users\David\Downloads\DRMBuster_4.3.3-Setup_www.drmbuster.com.exe
2014-09-11 18:38 - 2014-09-11 18:38 - 02764840 _____ (New Monte Inc) C:\Users\David\Downloads\Saphirblau_Movie_downloader.exe
2014-09-11 18:23 - 2014-09-11 18:23 - 00015483 _____ () C:\Users\David\Downloads\F56C9D8291380D306FF6EC20E8036F543431E954.torrent
2014-09-11 13:10 - 2011-08-01 15:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 13:08 - 2014-02-26 02:14 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 13:06 - 2013-08-15 01:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 12:29 - 2014-05-07 00:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 12:29 - 2011-07-29 14:51 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 11:15 - 2014-08-26 18:53 - 00000348 _____ () C:\Windows\Tasks\0814tbUpdateInfo.job
2014-09-10 11:15 - 2014-08-26 18:53 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-09-10 00:11 - 2014-09-24 11:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 23:47 - 2014-09-24 11:27 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-06 17:47 - 2014-09-06 17:46 - 07457256 _____ ( ) C:\Users\David\Downloads\UsenetNLSetup.exe
2014-09-06 14:20 - 2012-11-04 17:36 - 00000000 ____D () C:\Users\David\Downloads\Money talks
2014-09-05 04:10 - 2014-09-11 11:04 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 11:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\David\Documents\Neuer Ordner (2)
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\David\Documents\Neuer Ordner
2014-09-01 17:26 - 2014-09-01 17:26 - 24489269 _____ () C:\Users\David\Downloads\setup_free.exe
2014-09-01 17:26 - 2014-09-01 17:26 - 00857696 _____ ( ) C:\Users\David\Downloads\Free_Download_Setup (1).exe
2014-09-01 17:26 - 2012-12-11 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-01 17:24 - 2014-09-01 17:24 - 00857696 _____ ( ) C:\Users\David\Downloads\Free_Download_Setup.exe
2014-09-01 16:54 - 2014-09-01 16:54 - 01376768 _____ () C:\Users\David\Downloads\7z920-x64.msi
2014-09-01 16:48 - 2014-09-01 16:48 - 01158232 _____ (Zugara Investments Limited ) C:\Users\David\Downloads\rapidfixer-speed-up-your-pc.exe
2014-09-01 16:05 - 2011-07-30 20:20 - 00000000 ___RD () C:\Users\David\Desktop\Eigene Dateien
2014-09-01 13:44 - 2010-07-13 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2014-09-01 13:44 - 2010-07-13 13:45 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-09-01 13:44 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 13:35 - 2014-09-01 13:35 - 00000000 _____ () C:\temp.txt
2014-09-01 13:24 - 2013-06-30 16:54 - 00000000 ____D () C:\Users\David\AppData\Local\Poker
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\David\AppData\Roaming\HUO
2014-08-30 14:57 - 2013-11-08 18:46 - 00000000 ____D () C:\Program Files (x86)\MetaTrader - AAAFx
2014-08-28 12:29 - 2009-07-14 06:45 - 00454960 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\avgnt.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-23 17:12

==================== End Of Log ============================
--- --- ---

--- --- ---


Jetzt müsste alles da sein was du brauchst oder fehlt noch was?

schrauber 26.09.2014 19:49

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Davi123 27.09.2014 10:55
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c5804302082c144f96f49e4599e6a845
# engine=20319
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-26 08:09:41
# local_time=2014-09-26 10:09:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 11872 18444517 0 0
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 212122 162424677 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 14027600 163392031 0 0
# scanned=5804
# found=22
# cleaned=0
# scan_time=1349
sh=8D7A8EC588734A824F355F6CA5795F8FA16DF7FD ft=1 fh=c71c0011456d8323 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\asktoolbar4\asktoolbar4X.dll.vir"
sh=8D1B69902A404A5799FD5EADDFBF3E363339CBDE ft=1 fh=07f1a7bb45044fb5 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\asktoolbar4\dtUser.exe.vir"
sh=DB851B276E2C114A93E1660D16AE7FC66B7DBC87 ft=1 fh=c71c0011c2ab2610 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\asktoolbar4\searchresultstb.dll.vir"
sh=1B2E938EAEA27B990355B6C3DB6C1C1A9F33BFB4 ft=1 fh=c71c0011ddfe20fa vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll.vir"
sh=C02A094933FD68AE44EAE0EA249EB6A981353C91 ft=1 fh=1cff81f31528b9a9 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll.vir"
sh=9E60FE40C5BA463780413D5D22446858015EFF4B ft=1 fh=b2e9a257c367f009 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll.vir"
sh=DB4B67CD0978E05C6190A3370ADF9A2003E36753 ft=1 fh=082f1f6aee5cf08a vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll.vir"
sh=6505B4017A742332E933253F0F9EAB39CE266172 ft=1 fh=0216c665d26d87a6 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll.vir"
sh=80D690D6A5D57A883AAEE464BF35A9F5B8832737 ft=1 fh=3daa122aea2194bb vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\DnsBHO.dll.vir"
sh=51A425FAAA32618B3BEF813AE5AC0A6B10F00664 ft=1 fh=07dd38563461eeb1 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll.vir"
sh=B81BAAC9D35824000ADB556418067A9220C40F01 ft=1 fh=23a12d968d390125 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe.vir"
sh=5618448E0195BA9251A1A0A5132CE2612037D630 ft=1 fh=ccf0f11a65c989b1 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll.vir"
sh=9069C1AE362702A5CFD0947D07C49791244CF7E1 ft=1 fh=b2a7890de2375dad vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll.vir"
sh=F6AC801E1D3995F95A2805227B0940F74A5DAB72 ft=1 fh=eb7d74be9d93ebad vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll.vir"
sh=4C6562242EAC88E3A27EB55C7FFB414C63CB54EE ft=1 fh=d2d6121785d1111d vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll.vir"
sh=E1C99225C4C16710DE3AF3D52300E1E943F7C84F ft=1 fh=f891ef12b7700e02 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir"
sh=E33473A547B46503C4F7D8D6095F084570496E0F ft=1 fh=3cc725458bf86889 vn="Win32/BrowserCompanion evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\BrowserCompanion\tbhcn.exe.vir"
sh=A011DFD8D93BBA7B75833C0F85FF6E1D25594B84 ft=1 fh=049679d5506e563e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\Plugins\npConduitFirefoxPlugin.dll.vir"
sh=108A500E4A188882CBA720723607F417A6501924 ft=1 fh=5c9da47200740b7c vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\ctypes\FirefoxCtype.dll.vir"
sh=C015E890715621E6FF97D3BF893BC75E8E27DE77 ft=1 fh=3ad6b33bccff1099 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\Plugins\npFirefoxPlugin.dll.vir"
sh=94A5F9D5C2E4C65F86CA528A47DA43BD4A71635E ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\witmain.js.vir"
sh=94A5F9D5C2E4C65F86CA528A47DA43BD4A71635E ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\witmain.js.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c5804302082c144f96f49e4599e6a845
# engine=20319
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-26 10:51:01
# local_time=2014-09-27 12:51:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 21552 18454197 0 0
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 221802 162434357 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 14037280 163401711 0 0
# scanned=208049
# found=34
# cleaned=0
# scan_time=9596
sh=8D7A8EC588734A824F355F6CA5795F8FA16DF7FD ft=1 fh=c71c0011456d8323 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\asktoolbar4\asktoolbar4X.dll.vir"
sh=8D1B69902A404A5799FD5EADDFBF3E363339CBDE ft=1 fh=07f1a7bb45044fb5 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\asktoolbar4\dtUser.exe.vir"
sh=DB851B276E2C114A93E1660D16AE7FC66B7DBC87 ft=1 fh=c71c0011c2ab2610 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\asktoolbar4\searchresultstb.dll.vir"
sh=1B2E938EAEA27B990355B6C3DB6C1C1A9F33BFB4 ft=1 fh=c71c0011ddfe20fa vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll.vir"
sh=C02A094933FD68AE44EAE0EA249EB6A981353C91 ft=1 fh=1cff81f31528b9a9 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll.vir"
sh=9E60FE40C5BA463780413D5D22446858015EFF4B ft=1 fh=b2e9a257c367f009 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll.vir"
sh=DB4B67CD0978E05C6190A3370ADF9A2003E36753 ft=1 fh=082f1f6aee5cf08a vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll.vir"
sh=6505B4017A742332E933253F0F9EAB39CE266172 ft=1 fh=0216c665d26d87a6 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll.vir"
sh=80D690D6A5D57A883AAEE464BF35A9F5B8832737 ft=1 fh=3daa122aea2194bb vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\DnsBHO.dll.vir"
sh=51A425FAAA32618B3BEF813AE5AC0A6B10F00664 ft=1 fh=07dd38563461eeb1 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll.vir"
sh=B81BAAC9D35824000ADB556418067A9220C40F01 ft=1 fh=23a12d968d390125 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe.vir"
sh=5618448E0195BA9251A1A0A5132CE2612037D630 ft=1 fh=ccf0f11a65c989b1 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll.vir"
sh=9069C1AE362702A5CFD0947D07C49791244CF7E1 ft=1 fh=b2a7890de2375dad vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll.vir"
sh=F6AC801E1D3995F95A2805227B0940F74A5DAB72 ft=1 fh=eb7d74be9d93ebad vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll.vir"
sh=4C6562242EAC88E3A27EB55C7FFB414C63CB54EE ft=1 fh=d2d6121785d1111d vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll.vir"
sh=E1C99225C4C16710DE3AF3D52300E1E943F7C84F ft=1 fh=f891ef12b7700e02 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir"
sh=E33473A547B46503C4F7D8D6095F084570496E0F ft=1 fh=3cc725458bf86889 vn="Win32/BrowserCompanion evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\BrowserCompanion\tbhcn.exe.vir"
sh=A011DFD8D93BBA7B75833C0F85FF6E1D25594B84 ft=1 fh=049679d5506e563e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\Plugins\npConduitFirefoxPlugin.dll.vir"
sh=108A500E4A188882CBA720723607F417A6501924 ft=1 fh=5c9da47200740b7c vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\ctypes\FirefoxCtype.dll.vir"
sh=C015E890715621E6FF97D3BF893BC75E8E27DE77 ft=1 fh=3ad6b33bccff1099 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\Plugins\npFirefoxPlugin.dll.vir"
sh=94A5F9D5C2E4C65F86CA528A47DA43BD4A71635E ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\witmain.js.vir"
sh=94A5F9D5C2E4C65F86CA528A47DA43BD4A71635E ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\witmain.js.vir"
sh=C9AE55F15B28459248B14CDDB03B3E33478C774A ft=1 fh=578a4d6752204186 vn="Win32/LoadTubes.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\updated\plugins\npmieze.dll"
sh=9B441B5759C901E4640102E2D71450138C84CB38 ft=1 fh=eb521a69a81b6b5d vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\David\AppData\Roaming\HUO"
sh=9EAC8206F828CF4DA1E710650BABB279D0A31453 ft=1 fh=8e428864e815a5db vn="Variante von Win32/InstallCore.QB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\David\Downloads\Free_Download_Setup (1).exe"
sh=9EAC8206F828CF4DA1E710650BABB279D0A31453 ft=1 fh=8e428864e815a5db vn="Variante von Win32/InstallCore.QB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\David\Downloads\Free_Download_Setup.exe"
sh=6238BDDCAF95788FDACC04520026CFB13F55F370 ft=1 fh=447b56a2f9a54d79 vn="Variante von Win32/ExpressDownloader.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\David\Downloads\Saphirblau_Movie_downloader.exe"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"

hier die backup txt
Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Norton 360
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 15.0.0.152
Adobe Reader 10.1.12 Adobe Reader out of Date!
Mozilla Firefox (31.0)
Google Chrome 37.0.2062.120
Google Chrome 37.0.2062.124
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

und hier die neue frst:
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by David (administrator) on DAVID-PC on 27-09-2014 11:51:31
Running from C:\Users\David\Downloads
Loaded Profile: David (Available profiles: David & Nutzer & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Syntek Ltd.) C:\Windows\STK03N\STK03NM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [548864 2009-02-04] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-998695996-4168773435-2637053711-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-13] (Google Inc.)
HKU\S-1-5-21-998695996-4168773435-2637053711-1001\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-998695996-4168773435-2637053711-1001\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2055 2012-10-24] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK03N PNP Monitor.lnk
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\Windows\STK03N\STK03NM.exe (Syntek Ltd.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE442
SearchScopes: HKCU - {697E090B-01E5-4AC3-8C2E-867B056ED9C9} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&origin=searchplugin
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {A812CA6C-1BE9-4A43-A236-D3EE25ED6D5E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - No Name - !{82E1477C-B154-48D3-9891-33D83C26BCD3} -  No File
Toolbar: HKLM-x32 - No Name - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -  No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKLM-x32 - No Name - !{EA582743-9076-4178-9AA6-7393FDF4D5CE} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\David\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\1und1-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\amazon-distro.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\mailcom-search.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\David\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-03-20]
FF Extension: Fast Discountz - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{2a4808f0-e451-4d0b-982a-bb0f44d3354d} [2013-08-27]
FF Extension: Buyertools - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A} [2012-04-25]
FF Extension: FTdownloader V3.0 - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: PlusWinks - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\pluswinks@PlusWinks.xpi [2013-07-20]
FF Extension: Test Pilot - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3izijiy8.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-31]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-27]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-08]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-29]
CHR HKLM\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\David\AppData\Local\WebToSave.crx [2013-08-31]
CHR HKCU\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\David\AppData\Local\WebToSave.crx [2013-08-31]
CHR HKLM-x32\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\David\AppData\Local\WebToSave.crx [2013-08-31]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-08] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [161448 2009-03-24] (Samsung Electronics CO., LTD.) [File not signed]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [34040 2012-01-24] (Windows (R) Win 7 DDK provider)
S3 DCamUSBSTK03N; C:\Windows\System32\DRIVERS\STK03NW2.sys [113288 2010-01-05] (Syntek Ltd.)
S3 DCamUSBSTK03N; C:\Windows\SysWOW64\DRIVERS\STK03NW2.sys [108544 2010-01-05] (Syntek Ltd.)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2008-01-10] (Samsung Electronics Co., Ltd.) [File not signed]
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-22] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140925.002\IDSvia64.sys [633560 2014-09-19] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140925.025\ENG64.SYS [129752 2014-09-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140925.025\EX64.SYS [2137304 2014-09-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 11:41 - 2014-09-27 11:41 - 00854417 _____ () C:\Users\David\Downloads\SecurityCheck.exe
2014-09-26 21:44 - 2014-09-26 21:44 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_deu.exe
2014-09-25 15:12 - 2014-09-26 21:35 - 00000000 ____D () C:\Users\David\Downloads\FRST-OlderVersion
2014-09-25 15:07 - 2014-09-25 15:07 - 01110476 _____ () C:\Users\David\Downloads\7z920.exe
2014-09-25 15:07 - 2014-09-25 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-25 15:07 - 2014-09-25 15:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-09-25 14:47 - 2014-09-25 14:47 - 01024790 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-09-25 14:47 - 2014-09-25 14:47 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 14:25 - 2014-09-25 14:25 - 01373475 _____ () C:\Users\David\Downloads\AdwCleaner_3.310 (1).exe
2014-09-24 13:50 - 2014-09-24 13:50 - 00037269 _____ () C:\ComboFix.txt
2014-09-24 13:15 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-24 13:15 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-24 13:15 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-24 13:15 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-24 13:03 - 2014-09-24 13:50 - 00000000 ____D () C:\Qoobox
2014-09-24 13:03 - 2014-09-24 13:45 - 00000000 ____D () C:\Windows\erdnt
2014-09-24 12:59 - 2014-09-24 12:59 - 05579290 ____R (Swearware) C:\Users\David\Downloads\ComboFix.exe
2014-09-24 12:45 - 2014-09-24 12:45 - 00001268 _____ () C:\Users\David\Desktop\Revo Uninstaller.lnk
2014-09-24 12:45 - 2014-09-24 12:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-24 12:44 - 2014-09-24 12:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\David\Downloads\revosetup95.exe
2014-09-24 11:27 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 11:27 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 12:03 - 2014-09-23 12:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-22 21:09 - 2014-09-22 21:09 - 00003486 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-09-22 21:09 - 2014-09-22 21:09 - 00003468 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-09-22 21:09 - 2014-09-22 21:09 - 00003294 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-09-22 21:09 - 2014-09-22 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-09-22 21:08 - 2014-09-22 21:08 - 00000000 ____D () C:\Program Files\Motorola Mobility LLC
2014-09-22 19:44 - 2014-09-22 19:47 - 00054437 _____ () C:\Users\David\Downloads\Addition.txt
2014-09-22 19:41 - 2014-09-27 11:51 - 00029559 _____ () C:\Users\David\Downloads\FRST.txt
2014-09-22 19:40 - 2014-09-27 11:51 - 00000000 ____D () C:\FRST
2014-09-22 19:37 - 2014-09-26 21:35 - 02108928 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2014-09-22 14:34 - 2014-09-23 11:55 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-09-22 14:34 - 2014-09-22 14:34 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-09-22 14:34 - 2014-09-22 14:34 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-09-22 14:34 - 2014-09-22 14:34 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-09-22 14:33 - 2014-09-23 11:55 - 00002323 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-09-22 14:31 - 2014-09-23 11:58 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-22 14:31 - 2014-09-23 11:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-09-22 14:31 - 2014-09-22 14:31 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-09-22 14:29 - 2014-09-27 11:35 - 00725660 _____ () C:\Windows\PFRO.log
2014-09-22 12:11 - 2014-09-22 12:13 - 211474544 ____N (Symantec Corporation) C:\Users\David\Downloads\N360-TW-21.1.0-GE.exe
2014-09-22 11:58 - 2014-09-27 11:35 - 00000728 _____ () C:\Windows\setupact.log
2014-09-22 11:58 - 2014-09-22 11:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 23:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-21 23:43 - 2014-09-25 14:34 - 00000000 ____D () C:\AdwCleaner
2014-09-21 23:43 - 2014-09-21 23:43 - 01373475 _____ () C:\Users\David\Downloads\adwcleaner_3.310.exe
2014-09-21 22:45 - 2014-09-21 22:54 - 00000000 ____D () C:\Program Files (x86)\RegCleaner
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\Nutzer\Desktop\RegCleaner.lnk
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\Gast\Desktop\RegCleaner.lnk
2014-09-21 22:45 - 2014-09-21 22:45 - 00000962 _____ () C:\Users\David\Desktop\RegCleaner.lnk
2014-09-21 22:44 - 2014-09-21 22:44 - 00553687 _____ () C:\Users\David\Downloads\RegCleaner.exe
2014-09-21 16:16 - 2014-09-21 22:17 - 00000000 ____D () C:\ProgramData\Sophos
2014-09-21 15:45 - 2014-09-21 15:46 - 97688768 _____ (Sophos Limited) C:\Users\David\Downloads\Sophos Virus Removal Tool.exe
2014-09-19 18:39 - 2014-09-19 18:39 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\David\Downloads\UseNeXTSetup_5.63 (1).exe
2014-09-19 13:29 - 2014-09-25 14:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 13:28 - 2014-09-19 13:28 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-19 13:28 - 2014-09-19 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-19 13:28 - 2014-09-19 13:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-19 13:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-19 13:28 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-19 13:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-19 13:27 - 2014-09-19 13:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 15:36 - 2014-09-16 15:36 - 00359655 _____ () C:\Users\David\Downloads\Reklamationsantrag_V11.tif
2014-09-12 16:15 - 2014-09-21 22:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\UseNeXT
2014-09-12 16:13 - 2014-09-12 16:13 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\David\Downloads\UseNeXTSetup_5.63.exe
2014-09-11 21:45 - 2014-09-11 21:45 - 00015483 _____ () C:\Users\David\Downloads\F56C9D8291380D306FF6EC20E8036F543431E954 (1).torrent
2014-09-11 19:42 - 2014-09-11 19:42 - 00014435 _____ () C:\Users\David\Downloads\Komplett film in Deutsch 2014 DVDRiP.rar.torrent
2014-09-11 19:11 - 2012-01-24 00:07 - 00034040 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\DbusAudio.sys
2014-09-11 19:07 - 2014-09-11 19:10 - 24618440 _____ (Ramka Ltd. ) C:\Users\David\Downloads\DRMBuster_4.3.3-Setup_www.drmbuster.com (1).exe
2014-09-11 19:04 - 2014-09-11 21:32 - 00000000 ____D () C:\Program Files (x86)\DRMBuster
2014-09-11 19:01 - 2014-09-11 19:04 - 24618440 _____ (Ramka Ltd. ) C:\Users\David\Downloads\DRMBuster_4.3.3-Setup_www.drmbuster.com.exe
2014-09-11 18:38 - 2014-09-11 18:38 - 02764840 _____ (New Monte Inc) C:\Users\David\Downloads\Saphirblau_Movie_downloader.exe
2014-09-11 18:23 - 2014-09-11 18:23 - 00015483 _____ () C:\Users\David\Downloads\F56C9D8291380D306FF6EC20E8036F543431E954.torrent
2014-09-11 13:11 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 13:11 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 13:11 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 13:11 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 13:11 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 13:11 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 13:11 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 13:11 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 13:11 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 13:11 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 13:11 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 13:11 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 13:11 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 13:11 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 13:11 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 13:11 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 13:11 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 13:11 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 13:11 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 13:11 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 13:11 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 13:11 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 13:11 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 13:11 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 13:11 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 13:11 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 13:11 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 13:11 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 13:11 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 13:11 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 13:11 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 13:11 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 13:11 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 13:11 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 13:11 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 13:11 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 13:11 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 13:11 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 13:11 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 13:11 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 13:11 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 13:11 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 13:11 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 13:11 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 13:11 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 13:11 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 13:11 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 13:11 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 13:11 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 13:11 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 13:11 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 13:11 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 13:11 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 13:11 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 13:10 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 13:10 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 12:29 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 12:29 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 11:05 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 11:05 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 11:04 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 11:04 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 11:04 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 11:04 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 11:04 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 11:04 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 11:04 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 11:04 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 11:04 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-06 19:37 - 2014-09-25 16:27 - 00000000 ____D () C:\Users\David\Desktop\Neuer Ordner (3)
2014-09-06 17:46 - 2014-09-06 17:47 - 07457256 _____ ( ) C:\Users\David\Downloads\UsenetNLSetup.exe
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\David\Documents\Neuer Ordner (2)
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\David\Documents\Neuer Ordner
2014-09-01 17:26 - 2014-09-01 17:26 - 24489269 _____ () C:\Users\David\Downloads\setup_free.exe
2014-09-01 17:26 - 2014-09-01 17:26 - 00857696 _____ ( ) C:\Users\David\Downloads\Free_Download_Setup (1).exe
2014-09-01 17:24 - 2014-09-01 17:24 - 00857696 _____ ( ) C:\Users\David\Downloads\Free_Download_Setup.exe
2014-09-01 16:54 - 2014-09-01 16:54 - 01376768 _____ () C:\Users\David\Downloads\7z920-x64.msi
2014-09-01 16:48 - 2014-09-01 16:48 - 01158232 _____ (Zugara Investments Limited ) C:\Users\David\Downloads\rapidfixer-speed-up-your-pc.exe
2014-09-01 13:35 - 2014-09-01 13:35 - 00000000 _____ () C:\temp.txt
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\David\AppData\Roaming\HUO

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 11:46 - 2011-07-26 12:14 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-27 11:46 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 11:46 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 11:44 - 2010-10-09 03:49 - 01109428 _____ () C:\Windows\WindowsUpdate.log
2014-09-27 11:43 - 2010-10-09 13:40 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-09-27 11:43 - 2010-10-09 13:40 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-09-27 11:43 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-27 11:39 - 2012-01-23 01:21 - 00000000 ____D () C:\Users\David\Desktop\Neuer Ordner (2)
2014-09-27 11:35 - 2011-09-01 15:23 - 00000000 ____D () C:\Temp
2014-09-27 11:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-27 01:00 - 2012-06-20 15:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-26 23:07 - 2013-01-11 00:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998695996-4168773435-2637053711-1001UA.job
2014-09-26 23:07 - 2013-01-11 00:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-998695996-4168773435-2637053711-1001Core.job
2014-09-26 15:58 - 2011-09-15 19:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\BOM
2014-09-25 16:25 - 2011-07-26 11:24 - 00000000 ____D () C:\Users\David
2014-09-25 16:23 - 2014-03-12 23:15 - 00000000 ____D () C:\Program Files\Recuva
2014-09-25 14:30 - 2011-07-26 20:46 - 00000000 ____D () C:\ProgramData\ICQ
2014-09-25 14:29 - 2011-07-26 20:45 - 00000000 ____D () C:\Users\David\AppData\Roaming\ICQ
2014-09-25 14:12 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2014-09-24 16:00 - 2012-06-20 15:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:00 - 2012-06-20 15:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:00 - 2012-06-20 15:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 13:50 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-24 13:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-24 13:15 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-24 12:53 - 2012-02-16 18:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\FoxTab FLV Player
2014-09-23 22:52 - 2012-11-21 16:30 - 00000000 ____D () C:\Windows\STK03N
2014-09-23 17:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-23 11:55 - 2011-12-30 20:57 - 00000000 ____D () C:\ProgramData\1und1InternetExplorerAddon
2014-09-22 21:53 - 2011-09-15 19:23 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-09-22 21:09 - 2012-07-06 19:42 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-09-22 14:35 - 2012-01-20 20:44 - 00000000 ____D () C:\ProgramData\Norton
2014-09-22 14:29 - 2012-04-22 00:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-22 13:57 - 2012-01-21 16:00 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-09-21 23:33 - 2013-08-29 18:33 - 00000000 ____D () C:\Windows\Minidump
2014-09-19 15:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-19 14:28 - 2012-11-27 01:08 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-09-19 14:27 - 2012-02-16 20:03 - 00000000 ____D () C:\Program Files (x86)\Vlcclassic
2014-09-19 13:28 - 2012-08-11 20:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-17 18:47 - 2012-02-18 14:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-16 22:51 - 2014-08-10 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 14:48 - 2014-08-26 13:03 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-14 14:48 - 2014-04-17 13:31 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-14 14:48 - 2014-04-17 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-14 14:48 - 2014-04-17 13:31 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-13 23:14 - 2012-03-31 00:02 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-09-11 13:10 - 2011-08-01 15:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 13:08 - 2014-02-26 02:14 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 13:06 - 2013-08-15 01:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 12:29 - 2014-05-07 00:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 12:29 - 2011-07-29 14:51 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 11:15 - 2014-08-26 18:53 - 00000348 _____ () C:\Windows\Tasks\0814tbUpdateInfo.job
2014-09-10 11:15 - 2014-08-26 18:53 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-09-06 14:20 - 2012-11-04 17:36 - 00000000 ____D () C:\Users\David\Downloads\Money talks
2014-09-01 17:26 - 2012-12-11 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-01 16:05 - 2011-07-30 20:20 - 00000000 ___RD () C:\Users\David\Desktop\Eigene Dateien
2014-09-01 13:44 - 2010-07-13 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2014-09-01 13:44 - 2010-07-13 13:45 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-09-01 13:44 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 13:24 - 2013-06-30 16:54 - 00000000 ____D () C:\Users\David\AppData\Local\Poker
2014-08-30 14:57 - 2013-11-08 18:46 - 00000000 ____D () C:\Program Files (x86)\MetaTrader - AAAFx
2014-08-28 12:29 - 2009-07-14 06:45 - 00454960 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\avgnt.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 16:24

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Also ich finde alles super:) Aber ich würde es auch nicht merken wenn noch
ein Virus da wäre:) aber ich glaube es ist alles top, oder was meinst du?

schrauber 27.09.2014 20:43
Adobe updaten.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen



Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Davi123 27.09.2014 22:29
Hallo,
ich habe alles gemacht bisher...du hast gesagt man soll sich von Registry cleaner fernhalten. Hab ich runtergeschmissen.
Ich habe noch einen CCleaner...soll ich den auch runterschmeißen?
Liebe Grüße

schrauber 28.09.2014 13:44
Den kannste behalten um die Temps zu leeren. Aber FInger weg von der Registry :)

Davi123 28.09.2014 18:20
Dankeschön!
Großartiger Job! Ohne dich hätte ich das nie geschafft.
Vielen, vielen Dank!!
Liebe Grüße

schrauber 29.09.2014 14:00
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:55 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131