Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Webseite bizcoaching öffnet sich ständig ungefragt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.07.2013, 09:13   #16
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, entschuldigen Sie dass ich mich nicht mehr gemeldet habe, aber mir ging es zu schlecht ich habe Urlaub vorm Computer gemacht...hier das frische FRST
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Dust (administrator) on 08-07-2013 10:11:26
Running from C:\allewebprojekte
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
() C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(Apple Computer, Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
() C:\Dokumente und Einstellungen\Dust\ceegaix.exe
() c:\dokumente und einstellungen\dust\anwendungsdaten\wmprwise.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
HKLM\...\Run: [Alcmtr] ALCMTR.EXE [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [13529088 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] nwiz.exe /install [x]
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [86016 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\RECYCLER\S-1-5-18\$d6f0497ef4d323fcbc4a52237e3baa9b\o. ATTENTION! ====> ZeroAccess
HKCU\...\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKCU\...\Run: [ceegaix] C:\Dokumente und Einstellungen\Dust\ceegaix.exe /w [86016 2013-07-06] ()
HKCU\...\Run: [Microsoft Firewall 2.9] C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\WMPRWISE.EXE [160389 2013-07-06] ()
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\RECYCLER\S-1-5-21-1275210071-926492609-682003330-1004\$d6f0497ef4d323fcbc4a52237e3baa9b\o. ATTENTION! ====> ZeroAccess?
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll (LeapWare)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: No Name - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Programme\PicLensIE\cooliris.dll (Cooliris Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Winsock: Catalog9 01 C:\Programme\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Programme\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 21 C:\Programme\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Firefox\Profiles\bq0opndw.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SpeedAnalysis.com - C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-06] (Adobe Systems)
R2 AdobeActiveFileMonitor4.0; C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-10-03] ()
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [86224 2012-05-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-09] (Avira Operations GmbH & Co. KG)
S3 Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-12-14] (Autodesk)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-07-18] (Macrovision Europe Ltd.)
R2 ForcewareWebInterface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 nSvcIp; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation)
R2 nSvcLog; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [242544 2007-02-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [89968 2007-02-10] (Microsoft Corporation)
R2 syshost32; C:\WINDOWS\Installer\{AA4EC929-9F4C-F92F-E21B-A65FC2029741}\syshost.exe [55296 2013-07-06] ()
R2 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4150112 2013-06-13] (TeamViewer GmbH)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S2 AviraUpgradeService; "C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2009-03-05] (Windows (R) 2000 DDK provider)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-09] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-09] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-09-16] (Avira GmbH)
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-06-18] (Avanquest Software)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 DCamUSBSQTECH; C:\Windows\System32\Drivers\SQcaptur.sys [29744 2003-10-28] (Service & Quality Technology.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-06 18:33 - 2013-07-06 18:33 - 00060928 ____A C:\Windows\System32\Drivers\5b1c0562b57cda28.sys
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:45 - 2013-07-06 12:33 - 00000000 ____D C:\JRT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:57 - 2013-07-05 14:58 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:55 - 2013-07-05 14:56 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 12:55 - 2013-07-05 12:57 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-05 10:31 - 2013-07-05 15:00 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 10:31 - 2013-07-05 15:00 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 10:31 - 2013-07-05 14:59 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 10:30 - 2013-07-05 14:58 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 10:30 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-07-05 10:29 - 2013-07-05 14:55 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:11 - 2013-07-04 22:13 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:53 - 2013-07-04 22:13 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2008-04-14 07:51 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\Windows\System32\dllcache\sl_anet.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msaud32.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\dllcache\l3codeca.acm
2013-07-04 21:52 - 2007-06-26 11:30 - 00572557 ____C C:\Windows\System32\dllcache\rtuner.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00457607 ____C C:\Windows\System32\dllcache\mdlib.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00381425 ____C C:\Windows\System32\dllcache\copycd.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00375519 ____C C:\Windows\System32\dllcache\nuskin.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00354468 ____C C:\Windows\System32\dllcache\wmpaud1.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud7.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud6.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00300969 ____C C:\Windows\System32\dllcache\viz.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud9.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud8.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud3.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086196 ____C C:\Windows\System32\dllcache\wmpaud5.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud4.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud2.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00022060 ____C C:\Windows\System32\dllcache\npds.zip
2013-07-04 21:52 - 2007-06-26 11:30 - 00010457 ____C C:\Windows\System32\dllcache\wmptour.hta
2013-07-04 21:52 - 2007-06-26 11:30 - 00009585 ____C C:\Windows\System32\dllcache\controls.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00008298 ____C C:\Windows\System32\dllcache\contents.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00006878 ____C C:\Windows\System32\dllcache\controls.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00005971 ____C C:\Windows\System32\dllcache\events.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00003187 ____C C:\Windows\System32\dllcache\tour.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00001771 ____C C:\Windows\System32\dllcache\wmptour.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00001148 ____C C:\Windows\System32\dllcache\snd.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00000420 ____C C:\Windows\System32\dllcache\wmploc.js
2013-07-04 21:52 - 2007-06-26 11:29 - 00097117 ____C C:\Windows\System32\dllcache\mplayer2.hlp
2013-07-04 21:52 - 2007-06-26 11:29 - 00001885 ____C C:\Windows\System32\dllcache\mplayer2.cnt
2013-07-04 21:52 - 2007-06-26 11:26 - 00000403 ____C C:\Windows\System32\dllcache\npdrmv2.zip
2013-07-04 21:52 - 2007-02-21 10:45 - 00076456 ____C C:\Windows\System32\dllcache\wmplayer.adm
2013-07-04 21:52 - 2007-02-21 10:36 - 00026141 ____C C:\Windows\System32\dllcache\wmplay.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00660224 ____C C:\Windows\System32\dllcache\wmplayer.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00184109 ____C C:\Windows\System32\dllcache\compact.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00084531 ____C C:\Windows\System32\dllcache\plyr_err.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00066132 ____C C:\Windows\System32\dllcache\revert.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00001476 ____C C:\Windows\System32\dllcache\plylst5.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst6.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst12.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001469 ____C C:\Windows\System32\dllcache\plylst3.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001467 ____C C:\Windows\System32\dllcache\plylst4.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001261 ____C C:\Windows\System32\dllcache\plylst1.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001055 ____C C:\Windows\System32\dllcache\plylst2.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001047 ____C C:\Windows\System32\dllcache\plylst7.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001038 ____C C:\Windows\System32\dllcache\plylst8.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000807 ____C C:\Windows\System32\dllcache\plylst11.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000800 ____C C:\Windows\System32\dllcache\plylst10.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000782 ____C C:\Windows\System32\dllcache\plylst9.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000779 ____C C:\Windows\System32\dllcache\plylst13.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000778 ____C C:\Windows\System32\dllcache\plylst14.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000725 ____C C:\Windows\System32\dllcache\plylst15.wpl
2013-07-04 21:49 - 2008-04-14 07:53 - 00278559 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmv8ds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00258048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmvds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00221184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msadds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00069632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msscds32.ax
2013-07-04 21:49 - 2008-04-14 07:52 - 00303616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmstream.dll
2013-07-04 21:49 - 2008-04-14 07:52 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlimport.exe
2013-07-04 21:49 - 2008-04-14 07:51 - 00847898 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxm.ocx
2013-07-04 21:49 - 2008-04-14 07:51 - 00004126 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxmlc.dll
2013-07-04 21:48 - 2013-07-05 15:00 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00059069 ____A C:\Windows\ocgen.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00046238 ____A C:\Windows\tsoc.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00038302 ____A C:\Windows\comsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00018674 ____A C:\Windows\iis6.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-04 21:48 - 2013-07-05 14:58 - 00014614 ____A C:\Windows\updspapi.log
2013-07-04 21:48 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\004243_.tmp
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-05 22:50 - 00000060 ____A C:\Windows\setupact.log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:41 - 2013-07-05 15:00 - 00039520 ____A C:\Windows\setupapi.log
2013-07-04 21:41 - 2013-07-04 22:08 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-04 13:37 - 2013-07-04 21:56 - 00034059 ____A C:\Windows\KB956744.log

==================== One Month Modified Files and Folders ========

2013-07-08 10:11 - 2011-12-29 17:37 - 00000000 ____D C:\allewebprojekte
2013-07-08 09:54 - 2009-03-04 13:42 - 00000000 ____A C:\Windows\System32\nmp.log
2013-07-08 09:53 - 2009-03-04 13:49 - 00182038 ____A C:\Windows\System32\nvapps.xml
2013-07-08 09:52 - 2010-02-02 12:22 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-08 09:52 - 2009-03-04 13:34 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-08 09:52 - 2009-03-04 13:20 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-08 09:52 - 2009-03-04 13:20 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-08 09:52 - 2008-04-14 14:00 - 00013646 ____A C:\Windows\System32\wpa.dbl
2013-07-06 19:42 - 2010-02-08 13:58 - 02084926 ____A C:\Windows\WindowsUpdate.log
2013-07-06 19:42 - 2010-02-02 12:22 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-06 19:42 - 2009-03-04 13:34 - 00032610 ____A C:\Windows\SchedLgU.Txt
2013-07-06 19:27 - 2012-04-09 12:41 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 19:18 - 2009-03-04 13:18 - 00000000 ___RD C:\Programme
2013-07-06 18:38 - 2011-01-11 21:09 - 00000000 ____D C:\Windows\System32\NtmsData
2013-07-06 18:34 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\Registration
2013-07-06 18:33 - 2013-07-06 18:33 - 00060928 ____A C:\Windows\System32\Drivers\5b1c0562b57cda28.sys
2013-07-06 12:33 - 2013-07-05 21:45 - 00000000 ____D C:\JRT
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 22:50 - 2013-07-04 21:42 - 00000060 ____A C:\Windows\setupact.log
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 21:06 - 2009-03-04 14:14 - 00000211 _RASH C:\boot.ini
2013-07-05 21:06 - 2008-04-14 14:00 - 00000664 ____A C:\Windows\win.ini
2013-07-05 21:06 - 2008-04-14 14:00 - 00000227 ____A C:\Windows\system.ini
2013-07-05 19:37 - 2009-05-15 19:54 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-05 18:14 - 2009-03-04 13:15 - 01594864 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-05 15:03 - 2009-03-04 13:18 - 01279496 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 15:00 - 2013-07-05 10:31 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 15:00 - 2013-07-05 10:31 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00059069 ____A C:\Windows\ocgen.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00046238 ____A C:\Windows\tsoc.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00038302 ____A C:\Windows\comsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00018674 ____A C:\Windows\iis6.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-05 15:00 - 2013-07-04 21:41 - 00039520 ____A C:\Windows\setupapi.log
2013-07-05 15:00 - 2009-03-04 14:25 - 00253254 ____A C:\Windows\System32\TZLog.log
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:59 - 2013-07-05 10:31 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:58 - 2013-07-05 14:57 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:58 - 2013-07-05 10:30 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 14:58 - 2013-07-04 21:48 - 00014614 ____A C:\Windows\updspapi.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:57 - 2013-07-05 10:30 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 14:57 - 2009-03-04 14:19 - 00000000 ___HD C:\Windows\$hf_mig$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:56 - 2013-07-05 14:55 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 14:55 - 2013-07-05 10:29 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-05 14:55 - 2009-09-12 12:09 - 00000000 ____D C:\Windows\ie8updates
2013-07-05 12:57 - 2013-07-05 12:55 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:13 - 2013-07-04 22:11 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:13 - 2013-07-04 21:53 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 22:13 - 2009-03-04 13:31 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 22:11 - 2012-12-05 13:41 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-07-04 22:09 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\security
2013-07-04 22:08 - 2013-07-04 21:41 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:56 - 2013-07-04 13:37 - 00034059 ____A C:\Windows\KB956744.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\PeerNet
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Help
2013-07-04 21:49 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\System32\usmt
2013-07-04 21:49 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\System32\Restore
2013-07-04 21:49 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\srchasst
2013-07-04 21:48 - 2012-12-05 11:51 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-07-04 21:48 - 2009-03-04 13:41 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:16 - 2009-07-28 17:51 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-04 21:14 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Provisioning
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-03 13:47 - 2013-03-08 15:19 - 00000000 ____D C:\vue
2013-06-13 10:27 - 2012-04-09 12:41 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 10:27 - 2011-12-28 17:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-08 21:10 - 2012-12-18 12:10 - 00000000 ____D C:\canopy
2013-06-08 21:00 - 2012-09-12 12:44 - 00000000 ____D C:\dänemark0912

ZeroAccess:
C:\RECYCLER\S-1-5-21-1275210071-926492609-682003330-1004\$d6f0497ef4d323fcbc4a52237e3baa9b

ZeroAccess:
C:\RECYCLER\S-1-5-18\$d6f0497ef4d323fcbc4a52237e3baa9b

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---

Alt 08.07.2013, 09:38   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
    Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die End Nutzer Lizenz.
    Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls was schief geht.
    Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.


Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
__________________

__________________

Alt 08.07.2013, 10:06   #18
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, hier die gewünschte Datei, es wurde eine Infektion gefunden habe ich zwischenzeitig gelesen:
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-07-08.02 - Dust 08.07.2013  10:54:57.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.2047.1393 [GMT 2:00]
ausgeführt von:: c:\allewebprojekte\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\8ed1dc61-0202-0000-fb05-000087371d04\8ed1dc61-0202-0000-fb05-000087371d04.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\Dust\49572.exe
c:\dokumente und einstellungen\Dust\Anwendungsdaten\desktop.ini
c:\dokumente und einstellungen\Dust\Anwendungsdaten\ntuser.dat
c:\dokumente und einstellungen\Dust\Anwendungsdaten\WMPRWISE.EXE
c:\dokumente und einstellungen\Dust\ceegaix.exe
c:\dokumente und einstellungen\Dust\WINDOWS
c:\programme\100_226_DJ_SF_03_D1500_Full_NonNet_deu.exe
c:\programme\chrome_installer_27.0.1453.116.exe
c:\programme\cjb2300GE.exe
c:\programme\SoftonicDownloader_fuer_c-builder-2010-architect.exe
c:\windows\IsUn0407.exe
c:\windows\system32\aosmtp.dll
c:\windows\system32\drivers\5b1c0562b57cda28.sys
c:\windows\unin0407.exe
c:\windows\wininit.ini
.
Infizierte Kopie von c:\windows\system32\Version.dll wurde gefunden und desinfiziert 
Kopie von - c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\version.dll wurde wiederhergestellt 
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SYSHOST32
-------\Service_syshost32
-------\Legacy_5b1c0562b57cda28
-------\Service_5b1c0562b57cda28
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-08 bis 2013-07-08  ))))))))))))))))))))))))))))))
.
.
2013-07-06 16:38 . 2013-07-08 08:58	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\8ed1dc61-0202-0000-fb05-000087371d04
2013-07-06 12:16 . 2013-07-06 12:16	--------	d-----w-	c:\programme\ESET
2013-07-06 09:19 . 2013-07-06 09:19	--------	d-----w-	C:\FRST
2013-07-05 19:46 . 2013-07-05 19:46	--------	d-----w-	c:\windows\ERUNT
2013-07-05 19:45 . 2013-07-06 10:33	--------	d-----w-	C:\JRT
2013-07-05 08:30 . 2013-02-12 00:32	12928	-c----w-	c:\windows\system32\dllcache\usb8023x.sys
2013-07-04 19:52 . 2007-03-28 16:27	908504	------w-	c:\programme\MSN\MSNCoreFiles\Install\msnsusii.exe
2013-07-04 19:52 . 2007-03-28 16:25	888808	------w-	c:\programme\MSN\MSNCoreFiles\Install\MSN9Components\digcore.exe
2013-07-04 19:52 . 2007-03-28 16:26	11089384	------w-	c:\programme\MSN\MSNCoreFiles\Install\MSN9Components\msncli.exe
2013-07-04 19:52 . 2013-07-04 19:52	--------	d-----w-	c:\windows\system32\bits
2013-07-04 19:49 . 2008-04-14 05:52	294912	------w-	c:\programme\Windows Media Player\dlimport.exe
2013-07-04 19:49 . 2008-04-14 05:52	294912	-c----w-	c:\windows\system32\dllcache\dlimport.exe
2013-07-04 19:49 . 2008-04-14 05:51	4126	-c----w-	c:\windows\system32\dllcache\msdxmlc.dll
2013-07-04 19:49 . 2008-04-14 05:52	303616	-c----w-	c:\windows\system32\dllcache\wmstream.dll
2013-07-04 19:48 . 2006-12-28 22:31	19569	----a-w-	c:\windows\004243_.tmp
2013-07-04 19:03 . 2013-07-04 19:03	--------	d-----w-	c:\dokumente und einstellungen\Dust\Anwendungsdaten\Malwarebytes
2013-07-04 19:03 . 2013-07-04 19:03	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2013-07-04 18:19 . 2013-07-04 18:19	--------	d-----w-	c:\dokumente und einstellungen\Dust\Anwendungsdaten\TeamViewer
2013-07-04 09:06 . 2013-07-04 09:22	--------	d-----w-	c:\dokumente und einstellungen\Dust\Anwendungsdaten\Vidalia
2013-07-03 20:47 . 2013-07-03 20:47	--------	d-----w-	c:\programme\TeamViewer
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 08:27 . 2012-04-09 10:41	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-06-13 08:27 . 2011-12-28 15:10	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-07 22:28 . 2008-04-14 12:00	920064	----a-w-	c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2008-04-14 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2008-04-14 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2008-04-14 12:00	385024	----a-w-	c:\windows\system32\html.iec
2013-05-03 05:39 . 2008-04-14 12:00	2152448	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2008-04-14 07:30	2031104	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-04-12 14:00 . 2008-04-14 12:00	1876480	----a-w-	c:\windows\system32\win32k.sys
2011-04-16 16:22 . 2011-04-16 16:22	885024	----a-w-	c:\programme\jre-6u24-windows-i586-iftw.exe
2011-04-14 10:48 . 2011-04-14 10:48	1029000	----a-w-	c:\programme\SkypeSetup.exe
2010-11-18 10:02 . 2009-11-28 19:23	44151368	----a-w-	c:\programme\avira_antivir_personal_de.exe
2010-10-27 09:01 . 2010-10-27 09:01	2288616	----a-w-	c:\programme\ParetoLogic FileCure.exe
2010-10-07 10:14 . 2010-10-07 10:13	327168	----a-w-	c:\programme\Facemoods.exe
2010-07-07 09:27 . 2010-02-11 09:33	28534656	----a-w-	c:\programme\AdbeRdr930_de_DE.exe
2010-05-04 14:28 . 2010-05-04 14:28	4076719	----a-w-	c:\programme\FileZilla_3.2.7.1_win32-setup.exe
2010-01-03 14:45 . 2010-01-03 14:45	2470416	----a-w-	c:\programme\ParetoLogic FileCure_ifo_.exe
2010-01-03 14:44 . 2010-01-03 14:44	2470416	----a-w-	c:\programme\ParetoLogic FileCure_bup_.exe
2009-11-28 19:20 . 2009-11-28 19:20	31066056	----a-w-	c:\programme\avira_antivir_personal415_de.exe
2009-10-17 11:31 . 2009-10-17 11:31	28565216	----a-w-	c:\programme\AdbeRdr920_de_DE.exe
2009-07-21 18:39 . 2009-04-16 15:14	18699392	----a-w-	c:\programme\setupDE.exe
2009-05-15 17:51 . 2009-05-15 17:51	3485376	----a-w-	c:\programme\PhotomatixPro313de.exe
2009-05-14 13:36 . 2009-05-14 13:35	2707968	----a-w-	c:\programme\cooliris-win-iefull-release-1.10.0.25085.en-US.msi
2009-04-17 14:43 . 2009-04-17 14:43	18458240	----a-w-	c:\programme\turbolister.exe
2009-04-16 16:45 . 2009-04-16 16:45	627297	----a-w-	c:\programme\etopelister-install.exe
2009-04-14 16:05 . 2009-04-14 16:05	8862548	----a-w-	c:\programme\rawtherapee23.exe
2009-04-14 15:30 . 2009-04-14 15:30	2063321	----a-w-	c:\programme\ablerawer14_setup.exe
2009-04-08 10:57 . 2009-04-08 10:57	11969419	----a-w-	c:\programme\rawtherapee24rc2.exe
2009-03-19 12:02 . 2009-03-19 12:02	6409944	----a-w-	c:\programme\Install_PDFR_v228.exe
2009-03-11 16:10 . 2009-03-11 16:10	2708156	----a-w-	c:\programme\Apo202b.exe
2009-03-11 16:09 . 2009-03-11 16:09	393042	----a-w-	c:\programme\Apomap1b.exe
2009-03-11 16:09 . 2009-03-11 16:09	596860	----a-w-	c:\programme\Apoph101b.exe
2009-03-07 18:26 . 2009-03-07 18:26	32453152	----a-w-	c:\programme\zoombrowser2.exe
2009-03-07 10:37 . 2009-03-07 10:37	32440072	----a-w-	c:\programme\K690aenx.exe
2009-03-07 10:36 . 2009-03-07 10:36	5055560	----a-w-	c:\programme\zoombrw.exe
2009-03-07 10:35 . 2009-03-07 10:35	5055560	----a-w-	c:\programme\k620cenx.exe
2009-03-07 10:17 . 2009-03-07 10:17	32453152	----a-w-	c:\programme\zoom browser ex.exe
2009-03-07 10:10 . 2009-03-07 10:09	39235584	----a-w-	c:\programme\k4b03dex.exe
2009-03-07 09:59 . 2009-03-07 09:59	32453152	----a-w-	c:\programme\K690adexb.exe
2009-03-06 19:38 . 2009-03-06 19:38	16006800	----a-w-	c:\programme\gimp-2.6.5-i686-setup.exe
2009-03-06 19:36 . 2009-03-06 19:36	47828912	----a-w-	c:\programme\ashampoo_photo_commander_7_710_sm.exe
2009-03-06 19:35 . 2009-03-06 19:35	9934392	----a-w-	c:\programme\picasa3-setup.exe
2009-03-06 19:29 . 2009-03-06 19:29	10473064	----a-w-	c:\programme\fotoworks_setup.exe
2009-03-06 17:11 . 2009-03-06 17:11	393042	----a-w-	c:\programme\Apomap1.exe
2009-03-06 17:11 . 2009-03-06 17:11	596860	----a-w-	c:\programme\Apoph101.exe
2009-03-06 17:10 . 2009-03-06 17:10	2708156	----a-w-	c:\programme\Apo202.exe
2009-03-06 17:05 . 2009-03-06 17:05	5062814	----a-w-	c:\programme\k620cdex.exe
2009-03-06 16:32 . 2009-03-06 16:32	32440072	----a-w-	c:\programme\K690aenxm.exe
2009-03-06 16:27 . 2009-03-06 16:27	32453152	----a-w-	c:\programme\K690adex.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"SkyTel"="SkyTel.EXE" [2007-10-11 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"nwiz"="nwiz.exe" [2008-05-03 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-09-17 254896]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
AutoCAD-Startbeschleuniger.lnk - c:\programme\Gemeinsame Dateien\Autodesk Shared\acstart16.exe [2005-3-5 10872]
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^McAfee Security Scan Plus.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06	958576	----a-w-	c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-09-15 23:37	57344	----a-w-	c:\programme\Adobe\Photoshop Elements 4.0\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2013-05-08 21:20	41056	----a-w-	c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00	15360	----a-w-	c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 10:50	155648	----a-w-	c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-03-05 14:44	98304	----a-w-	c:\programme\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2009-01-21 02:59	4033618	----a-w-	c:\programme\Vidalia Bundle\Vidalia\vidalia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WajamUpdater"=2 (0x2)
"McComponentHostService"=3 (0x3)
"idsvc"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 TeamViewer8;TeamViewer 8;c:\programme\TeamViewer\Version8\TeamViewer_Service.exe [03.07.2013 22:47 4150112]
S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe" /TEMPSTART:""c:\windows\TEMP\AVSETUP_4f5a43dc\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" --> c:\windows\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe [?]
S3 CFcatchme;CFcatchme;\??\c:\combofix\CFcatchme.sys --> c:\combofix\CFcatchme.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 08:27]
.
2013-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-02 10:22]
.
2013-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-02 10:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} - hxxp://www.cltnet.de/login/dplaunch.cab
.
.
------- Dateityp-Verknüpfung -------
.
.scr=AutoCADScriptFile
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-ceegaix - c:\dokumente und einstellungen\Dust\ceegaix.exe
HKCU-Run-Microsoft Firewall 2.9 - c:\dokumente und einstellungen\Dust\Anwendungsdaten\WMPRWISE.EXE
MSConfigStartUp-Google Update - c:\dokumente und einstellungen\Dust\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
MSConfigStartUp-swg - c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-ActiveTouchMeetingClient - c:\dokume~1\Dust\LOKALE~1\ANWEND~1\Google\Chrome\APPLIC~1\plugins\atcliun.exe
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0407.EXE
AddRemove-lyricsmonkey@mendoni.net - c:\programme\LyricsMonkey\uninstall.exe
AddRemove-Schulbuch - c:\windows\unin0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-07-08 11:02
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\adsldpc.dll
.
- - - - - - - > 'explorer.exe'(252)
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\wdfmgr.exe
c:\programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\programme\HP\Digital Imaging\bin\hpqSTE08.exe
c:\programme\HP\Digital Imaging\bin\hpqbam08.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-08  11:04:06 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-08 09:03
.
Vor Suchlauf: 57 Verzeichnis(se), 445.837.434.880 Bytes frei
Nach Suchlauf: 59 Verzeichnis(se), 446.288.142.336 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 74BB33B0C991AF95B53F9A9BBBDAFDDA
         
--- --- ---
72B8CE41AF0DE751C946802B3ED844B4
__________________

Alt 08.07.2013, 11:19   #19
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.07.2013, 11:50   #20
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



man oh man, das nimmt ja gar kein Ende, hier die vier gewünschten Dateien:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 08/07/2013 um 12:39:09 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Dust - DUST
# Bootmodus : Normal
# Ausgeführt unter : C:\allewebprojekte\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Datei : C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Firefox\Profiles\bq0opndw.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Opera v [Version kann nicht ermittelt werden]

Datei : C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [30024 octets] - [05/07/2013 21:15:12]
AdwCleaner[S1].txt - [29922 octets] - [05/07/2013 21:16:07]
AdwCleaner[S2].txt - [364 octets] - [06/07/2013 12:20:52]
AdwCleaner[S3].txt - [1478 octets] - [06/07/2013 12:21:16]
AdwCleaner[S4].txt - [1176 octets] - [08/07/2013 12:39:09]

########## EOF - C:\AdwCleaner[S4].txt - [1236 octets] ##########
         
--- --- ---

und dann:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.7 (07.08.2013:2)
OS: Microsoft Windows XP x86
Ran by Dust on 08.07.2013 at 12:43:33,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\APNSTUB.EXE-07FCD9AD.pf



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.07.2013 at 12:46:21,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


und dann:

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.08.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Dust :: DUST [Administrator]

Schutz: Deaktiviert

08.07.2013 12:26:42
MBAM-log-2013-07-08 (12-33-14).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 325410
Laufzeit: 6 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\WINDOWS\Installer\{AA4EC929-9F4C-F92F-E21B-A65FC2029741}\syshost.exe (Trojan.Agent.RRE) -> Keine Aktion durchgeführt.

(Ende)


und dann:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Dust (administrator) on 08-07-2013 12:47:14
Running from C:\allewebprojekte
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(Apple Computer, Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [13529088 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] nwiz.exe /install [x]
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [86016 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll (LeapWare)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: No Name - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Programme\PicLensIE\cooliris.dll (Cooliris Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Firefox\Profiles\bq0opndw.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SpeedAnalysis.com - C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-06] (Adobe Systems)
R2 AdobeActiveFileMonitor4.0; C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-10-03] ()
S3 Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-12-14] (Autodesk)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-07-18] (Macrovision Europe Ltd.)
R2 ForcewareWebInterface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 nSvcIp; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation)
R2 nSvcLog; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [242544 2007-02-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [89968 2007-02-10] (Microsoft Corporation)
R2 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4150112 2013-06-13] (TeamViewer GmbH)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S2 AviraUpgradeService; "C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2009-03-05] (Windows (R) 2000 DDK provider)
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-06-18] (Avanquest Software)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 DCamUSBSQTECH; C:\Windows\System32\Drivers\SQcaptur.sys [29744 2003-10-28] (Service & Quality Technology.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CFcatchme; \??\C:\ComboFix\CFcatchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:25 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:52 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-08 10:51 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-08 10:51 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-08 10:51 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-08 10:45 - 2013-07-08 11:04 - 00000000 ____D C:\Qoobox
2013-07-08 10:45 - 2013-07-08 11:03 - 00000000 ____D C:\Windows\erdnt
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:45 - 2013-07-08 12:43 - 00000000 ____D C:\JRT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:57 - 2013-07-05 14:58 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:55 - 2013-07-05 14:56 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 12:55 - 2013-07-05 12:57 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-05 10:31 - 2013-07-05 15:00 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 10:31 - 2013-07-05 15:00 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 10:31 - 2013-07-05 14:59 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 10:30 - 2013-07-05 14:58 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 10:30 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-07-05 10:29 - 2013-07-05 14:55 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:11 - 2013-07-04 22:13 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:53 - 2013-07-04 22:13 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2008-04-14 07:51 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\Windows\System32\dllcache\sl_anet.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msaud32.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\dllcache\l3codeca.acm
2013-07-04 21:52 - 2007-06-26 11:30 - 00572557 ____C C:\Windows\System32\dllcache\rtuner.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00457607 ____C C:\Windows\System32\dllcache\mdlib.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00381425 ____C C:\Windows\System32\dllcache\copycd.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00375519 ____C C:\Windows\System32\dllcache\nuskin.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00354468 ____C C:\Windows\System32\dllcache\wmpaud1.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud7.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud6.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00300969 ____C C:\Windows\System32\dllcache\viz.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud9.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud8.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud3.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086196 ____C C:\Windows\System32\dllcache\wmpaud5.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud4.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud2.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00022060 ____C C:\Windows\System32\dllcache\npds.zip
2013-07-04 21:52 - 2007-06-26 11:30 - 00010457 ____C C:\Windows\System32\dllcache\wmptour.hta
2013-07-04 21:52 - 2007-06-26 11:30 - 00009585 ____C C:\Windows\System32\dllcache\controls.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00008298 ____C C:\Windows\System32\dllcache\contents.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00006878 ____C C:\Windows\System32\dllcache\controls.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00005971 ____C C:\Windows\System32\dllcache\events.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00003187 ____C C:\Windows\System32\dllcache\tour.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00001771 ____C C:\Windows\System32\dllcache\wmptour.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00001148 ____C C:\Windows\System32\dllcache\snd.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00000420 ____C C:\Windows\System32\dllcache\wmploc.js
2013-07-04 21:52 - 2007-06-26 11:29 - 00097117 ____C C:\Windows\System32\dllcache\mplayer2.hlp
2013-07-04 21:52 - 2007-06-26 11:29 - 00001885 ____C C:\Windows\System32\dllcache\mplayer2.cnt
2013-07-04 21:52 - 2007-06-26 11:26 - 00000403 ____C C:\Windows\System32\dllcache\npdrmv2.zip
2013-07-04 21:52 - 2007-02-21 10:45 - 00076456 ____C C:\Windows\System32\dllcache\wmplayer.adm
2013-07-04 21:52 - 2007-02-21 10:36 - 00026141 ____C C:\Windows\System32\dllcache\wmplay.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00660224 ____C C:\Windows\System32\dllcache\wmplayer.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00184109 ____C C:\Windows\System32\dllcache\compact.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00084531 ____C C:\Windows\System32\dllcache\plyr_err.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00066132 ____C C:\Windows\System32\dllcache\revert.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00001476 ____C C:\Windows\System32\dllcache\plylst5.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst6.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst12.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001469 ____C C:\Windows\System32\dllcache\plylst3.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001467 ____C C:\Windows\System32\dllcache\plylst4.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001261 ____C C:\Windows\System32\dllcache\plylst1.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001055 ____C C:\Windows\System32\dllcache\plylst2.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001047 ____C C:\Windows\System32\dllcache\plylst7.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001038 ____C C:\Windows\System32\dllcache\plylst8.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000807 ____C C:\Windows\System32\dllcache\plylst11.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000800 ____C C:\Windows\System32\dllcache\plylst10.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000782 ____C C:\Windows\System32\dllcache\plylst9.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000779 ____C C:\Windows\System32\dllcache\plylst13.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000778 ____C C:\Windows\System32\dllcache\plylst14.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000725 ____C C:\Windows\System32\dllcache\plylst15.wpl
2013-07-04 21:49 - 2008-04-14 07:53 - 00278559 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmv8ds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00258048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmvds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00221184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msadds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00069632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msscds32.ax
2013-07-04 21:49 - 2008-04-14 07:52 - 00303616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmstream.dll
2013-07-04 21:49 - 2008-04-14 07:52 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlimport.exe
2013-07-04 21:49 - 2008-04-14 07:51 - 00847898 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxm.ocx
2013-07-04 21:49 - 2008-04-14 07:51 - 00004126 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxmlc.dll
2013-07-04 21:48 - 2013-07-05 15:00 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00059069 ____A C:\Windows\ocgen.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00046238 ____A C:\Windows\tsoc.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00038302 ____A C:\Windows\comsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00018674 ____A C:\Windows\iis6.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-04 21:48 - 2013-07-05 14:58 - 00014614 ____A C:\Windows\updspapi.log
2013-07-04 21:48 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\004243_.tmp
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-05 22:50 - 00000060 ____A C:\Windows\setupact.log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:41 - 2013-07-08 10:50 - 00040855 ____A C:\Windows\setupapi.log
2013-07-04 21:41 - 2013-07-04 22:08 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-04 13:37 - 2013-07-04 21:56 - 00034059 ____A C:\Windows\KB956744.log

==================== One Month Modified Files and Folders ========

2013-07-08 12:47 - 2011-12-29 17:37 - 00000000 ____D C:\allewebprojekte
2013-07-08 12:43 - 2013-07-05 21:45 - 00000000 ____D C:\JRT
2013-07-08 12:42 - 2010-02-02 12:22 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-08 12:42 - 2009-03-04 13:42 - 00000000 ____A C:\Windows\System32\nmp.log
2013-07-08 12:41 - 2010-02-08 13:58 - 01058922 ____A C:\Windows\WindowsUpdate.log
2013-07-08 12:41 - 2010-02-02 12:22 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-08 12:41 - 2009-03-04 13:49 - 00182038 ____A C:\Windows\System32\nvapps.xml
2013-07-08 12:40 - 2009-03-04 13:34 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-08 12:40 - 2009-03-04 13:20 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-08 12:40 - 2009-03-04 13:20 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:39 - 2009-03-04 13:34 - 00032400 ____A C:\Windows\SchedLgU.Txt
2013-07-08 12:27 - 2012-04-09 12:41 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 12:25 - 2009-03-04 13:18 - 00000000 ___RD C:\Programme
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 11:04 - 2013-07-08 10:45 - 00000000 ____D C:\Qoobox
2013-07-08 11:03 - 2013-07-08 10:45 - 00000000 ____D C:\Windows\erdnt
2013-07-08 11:00 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\System32\Restore
2013-07-08 11:00 - 2008-04-14 14:00 - 00000227 ____A C:\Windows\system.ini
2013-07-08 10:59 - 2009-03-04 14:14 - 46399488 ____A C:\Windows\System32\config\software.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 04980736 ____A C:\Windows\System32\config\system.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 00524288 ____A C:\Windows\System32\config\default.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00028672 ____A C:\Windows\System32\config\SAM.bak
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:50 - 2013-07-04 21:41 - 00040855 ____A C:\Windows\setupapi.log
2013-07-08 09:52 - 2008-04-14 14:00 - 00013646 ____A C:\Windows\System32\wpa.dbl
2013-07-06 18:38 - 2011-01-11 21:09 - 00000000 ____D C:\Windows\System32\NtmsData
2013-07-06 18:34 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\Registration
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 22:50 - 2013-07-04 21:42 - 00000060 ____A C:\Windows\setupact.log
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 21:06 - 2009-03-04 14:14 - 00000211 _RASH C:\boot.ini
2013-07-05 21:06 - 2008-04-14 14:00 - 00000664 ____A C:\Windows\win.ini
2013-07-05 19:37 - 2009-05-15 19:54 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-05 18:14 - 2009-03-04 13:15 - 01594864 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-05 15:03 - 2009-03-04 13:18 - 01279496 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 15:00 - 2013-07-05 10:31 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 15:00 - 2013-07-05 10:31 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00059069 ____A C:\Windows\ocgen.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00046238 ____A C:\Windows\tsoc.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00038302 ____A C:\Windows\comsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00018674 ____A C:\Windows\iis6.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-05 15:00 - 2009-03-04 14:25 - 00253254 ____A C:\Windows\System32\TZLog.log
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:59 - 2013-07-05 10:31 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:58 - 2013-07-05 14:57 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:58 - 2013-07-05 10:30 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 14:58 - 2013-07-04 21:48 - 00014614 ____A C:\Windows\updspapi.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:57 - 2013-07-05 10:30 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 14:57 - 2009-03-04 14:19 - 00000000 ___HD C:\Windows\$hf_mig$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:56 - 2013-07-05 14:55 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 14:55 - 2013-07-05 10:29 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-05 14:55 - 2009-09-12 12:09 - 00000000 ____D C:\Windows\ie8updates
2013-07-05 12:57 - 2013-07-05 12:55 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:13 - 2013-07-04 22:11 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:13 - 2013-07-04 21:53 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 22:13 - 2009-03-04 13:31 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 22:11 - 2012-12-05 13:41 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-07-04 22:09 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\security
2013-07-04 22:08 - 2013-07-04 21:41 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:56 - 2013-07-04 13:37 - 00034059 ____A C:\Windows\KB956744.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\PeerNet
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Help
2013-07-04 21:49 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\System32\usmt
2013-07-04 21:49 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\srchasst
2013-07-04 21:48 - 2012-12-05 11:51 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-07-04 21:48 - 2009-03-04 13:41 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:16 - 2009-07-28 17:51 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-04 21:14 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Provisioning
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-03 13:47 - 2013-03-08 15:19 - 00000000 ____D C:\vue
2013-06-13 10:27 - 2012-04-09 12:41 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 10:27 - 2011-12-28 17:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-08 21:10 - 2012-12-18 12:10 - 00000000 ____D C:\canopy
2013-06-08 21:00 - 2012-09-12 12:44 - 00000000 ____D C:\dänemark0912

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---


Alt 08.07.2013, 17:46   #21
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Malwarebytes nochmal laufen lassen, Funde löschen lassen, log posten. Und dann wieder ein frisches FRST Log
__________________
--> Webseite bizcoaching öffnet sich ständig ungefragt

Alt 08.07.2013, 19:13   #22
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, es wurden keine weitere Infizierungen gefunden, hier die beiden Dateien:

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.08.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Dust :: DUST [Administrator]

Schutz: Aktiviert

08.07.2013 19:49:41
mbam-log-2013-07-08 (19-49-41).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 325357
Laufzeit: 6 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

und dann:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Dust (administrator) on 08-07-2013 20:11:13
Running from C:\allewebprojekte
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(Apple Computer, Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
(Adobe Systems Incorporated) C:\Programme\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [13529088 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] nwiz.exe /install [x]
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [86016 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll (LeapWare)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: No Name - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Programme\PicLensIE\cooliris.dll (Cooliris Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Firefox\Profiles\bq0opndw.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SpeedAnalysis.com - C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-06] (Adobe Systems)
R2 AdobeActiveFileMonitor4.0; C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-10-03] ()
S3 Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-12-14] (Autodesk)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-07-18] (Macrovision Europe Ltd.)
R2 ForcewareWebInterface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 nSvcIp; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation)
R2 nSvcLog; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [242544 2007-02-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [89968 2007-02-10] (Microsoft Corporation)
R2 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4150112 2013-06-13] (TeamViewer GmbH)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S2 AviraUpgradeService; "C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2009-03-05] (Windows (R) 2000 DDK provider)
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-06-18] (Avanquest Software)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 DCamUSBSQTECH; C:\Windows\System32\Drivers\SQcaptur.sys [29744 2003-10-28] (Service & Quality Technology.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CFcatchme; \??\C:\ComboFix\CFcatchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:25 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:52 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-08 10:51 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-08 10:51 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-08 10:51 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-08 10:45 - 2013-07-08 11:04 - 00000000 ____D C:\Qoobox
2013-07-08 10:45 - 2013-07-08 11:03 - 00000000 ____D C:\Windows\erdnt
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:45 - 2013-07-08 12:43 - 00000000 ____D C:\JRT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:57 - 2013-07-05 14:58 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:55 - 2013-07-05 14:56 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 12:55 - 2013-07-05 12:57 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-05 10:31 - 2013-07-05 15:00 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 10:31 - 2013-07-05 15:00 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 10:31 - 2013-07-05 14:59 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 10:30 - 2013-07-05 14:58 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 10:30 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-07-05 10:29 - 2013-07-05 14:55 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:11 - 2013-07-04 22:13 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:53 - 2013-07-04 22:13 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2008-04-14 07:51 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\Windows\System32\dllcache\sl_anet.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msaud32.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\dllcache\l3codeca.acm
2013-07-04 21:52 - 2007-06-26 11:30 - 00572557 ____C C:\Windows\System32\dllcache\rtuner.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00457607 ____C C:\Windows\System32\dllcache\mdlib.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00381425 ____C C:\Windows\System32\dllcache\copycd.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00375519 ____C C:\Windows\System32\dllcache\nuskin.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00354468 ____C C:\Windows\System32\dllcache\wmpaud1.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud7.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud6.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00300969 ____C C:\Windows\System32\dllcache\viz.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud9.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud8.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud3.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086196 ____C C:\Windows\System32\dllcache\wmpaud5.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud4.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud2.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00022060 ____C C:\Windows\System32\dllcache\npds.zip
2013-07-04 21:52 - 2007-06-26 11:30 - 00010457 ____C C:\Windows\System32\dllcache\wmptour.hta
2013-07-04 21:52 - 2007-06-26 11:30 - 00009585 ____C C:\Windows\System32\dllcache\controls.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00008298 ____C C:\Windows\System32\dllcache\contents.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00006878 ____C C:\Windows\System32\dllcache\controls.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00005971 ____C C:\Windows\System32\dllcache\events.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00003187 ____C C:\Windows\System32\dllcache\tour.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00001771 ____C C:\Windows\System32\dllcache\wmptour.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00001148 ____C C:\Windows\System32\dllcache\snd.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00000420 ____C C:\Windows\System32\dllcache\wmploc.js
2013-07-04 21:52 - 2007-06-26 11:29 - 00097117 ____C C:\Windows\System32\dllcache\mplayer2.hlp
2013-07-04 21:52 - 2007-06-26 11:29 - 00001885 ____C C:\Windows\System32\dllcache\mplayer2.cnt
2013-07-04 21:52 - 2007-06-26 11:26 - 00000403 ____C C:\Windows\System32\dllcache\npdrmv2.zip
2013-07-04 21:52 - 2007-02-21 10:45 - 00076456 ____C C:\Windows\System32\dllcache\wmplayer.adm
2013-07-04 21:52 - 2007-02-21 10:36 - 00026141 ____C C:\Windows\System32\dllcache\wmplay.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00660224 ____C C:\Windows\System32\dllcache\wmplayer.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00184109 ____C C:\Windows\System32\dllcache\compact.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00084531 ____C C:\Windows\System32\dllcache\plyr_err.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00066132 ____C C:\Windows\System32\dllcache\revert.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00001476 ____C C:\Windows\System32\dllcache\plylst5.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst6.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst12.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001469 ____C C:\Windows\System32\dllcache\plylst3.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001467 ____C C:\Windows\System32\dllcache\plylst4.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001261 ____C C:\Windows\System32\dllcache\plylst1.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001055 ____C C:\Windows\System32\dllcache\plylst2.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001047 ____C C:\Windows\System32\dllcache\plylst7.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001038 ____C C:\Windows\System32\dllcache\plylst8.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000807 ____C C:\Windows\System32\dllcache\plylst11.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000800 ____C C:\Windows\System32\dllcache\plylst10.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000782 ____C C:\Windows\System32\dllcache\plylst9.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000779 ____C C:\Windows\System32\dllcache\plylst13.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000778 ____C C:\Windows\System32\dllcache\plylst14.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000725 ____C C:\Windows\System32\dllcache\plylst15.wpl
2013-07-04 21:49 - 2008-04-14 07:53 - 00278559 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmv8ds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00258048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmvds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00221184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msadds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00069632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msscds32.ax
2013-07-04 21:49 - 2008-04-14 07:52 - 00303616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmstream.dll
2013-07-04 21:49 - 2008-04-14 07:52 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlimport.exe
2013-07-04 21:49 - 2008-04-14 07:51 - 00847898 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxm.ocx
2013-07-04 21:49 - 2008-04-14 07:51 - 00004126 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxmlc.dll
2013-07-04 21:48 - 2013-07-05 15:00 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00059069 ____A C:\Windows\ocgen.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00046238 ____A C:\Windows\tsoc.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00038302 ____A C:\Windows\comsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00018674 ____A C:\Windows\iis6.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-04 21:48 - 2013-07-05 14:58 - 00014614 ____A C:\Windows\updspapi.log
2013-07-04 21:48 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\004243_.tmp
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-05 22:50 - 00000060 ____A C:\Windows\setupact.log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:41 - 2013-07-08 10:50 - 00040855 ____A C:\Windows\setupapi.log
2013-07-04 21:41 - 2013-07-04 22:08 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-04 13:37 - 2013-07-04 21:56 - 00034059 ____A C:\Windows\KB956744.log

==================== One Month Modified Files and Folders ========

2013-07-08 20:11 - 2011-12-29 17:37 - 00000000 ____D C:\allewebprojekte
2013-07-08 19:48 - 2009-03-04 13:42 - 00000000 ____A C:\Windows\System32\nmp.log
2013-07-08 19:47 - 2010-02-08 13:58 - 01062443 ____A C:\Windows\WindowsUpdate.log
2013-07-08 19:46 - 2010-02-02 12:22 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-08 19:46 - 2009-03-04 13:49 - 00182038 ____A C:\Windows\System32\nvapps.xml
2013-07-08 19:46 - 2009-03-04 13:34 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-08 19:46 - 2009-03-04 13:20 - 00000157 ____A C:\Windows\wiadebug.log
2013-07-08 19:46 - 2009-03-04 13:20 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-08 14:54 - 2009-03-04 13:34 - 00032400 ____A C:\Windows\SchedLgU.Txt
2013-07-08 14:42 - 2010-02-02 12:22 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-08 14:27 - 2012-04-09 12:41 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 12:43 - 2013-07-05 21:45 - 00000000 ____D C:\JRT
2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:25 - 2009-03-04 13:18 - 00000000 ___RD C:\Programme
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 11:04 - 2013-07-08 10:45 - 00000000 ____D C:\Qoobox
2013-07-08 11:03 - 2013-07-08 10:45 - 00000000 ____D C:\Windows\erdnt
2013-07-08 11:00 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\System32\Restore
2013-07-08 11:00 - 2008-04-14 14:00 - 00000227 ____A C:\Windows\system.ini
2013-07-08 10:59 - 2009-03-04 14:14 - 46399488 ____A C:\Windows\System32\config\software.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 04980736 ____A C:\Windows\System32\config\system.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 00524288 ____A C:\Windows\System32\config\default.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00028672 ____A C:\Windows\System32\config\SAM.bak
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:50 - 2013-07-04 21:41 - 00040855 ____A C:\Windows\setupapi.log
2013-07-08 09:52 - 2008-04-14 14:00 - 00013646 ____A C:\Windows\System32\wpa.dbl
2013-07-06 18:38 - 2011-01-11 21:09 - 00000000 ____D C:\Windows\System32\NtmsData
2013-07-06 18:34 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\Registration
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 22:50 - 2013-07-04 21:42 - 00000060 ____A C:\Windows\setupact.log
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 21:06 - 2009-03-04 14:14 - 00000211 _RASH C:\boot.ini
2013-07-05 21:06 - 2008-04-14 14:00 - 00000664 ____A C:\Windows\win.ini
2013-07-05 19:37 - 2009-05-15 19:54 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-05 18:14 - 2009-03-04 13:15 - 01594864 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-05 15:03 - 2009-03-04 13:18 - 01279496 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 15:00 - 2013-07-05 10:31 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 15:00 - 2013-07-05 10:31 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00059069 ____A C:\Windows\ocgen.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00046238 ____A C:\Windows\tsoc.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00038302 ____A C:\Windows\comsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00018674 ____A C:\Windows\iis6.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-05 15:00 - 2009-03-04 14:25 - 00253254 ____A C:\Windows\System32\TZLog.log
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:59 - 2013-07-05 10:31 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:58 - 2013-07-05 14:57 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:58 - 2013-07-05 10:30 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 14:58 - 2013-07-04 21:48 - 00014614 ____A C:\Windows\updspapi.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:57 - 2013-07-05 10:30 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 14:57 - 2009-03-04 14:19 - 00000000 ___HD C:\Windows\$hf_mig$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:56 - 2013-07-05 14:55 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 14:55 - 2013-07-05 10:29 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-05 14:55 - 2009-09-12 12:09 - 00000000 ____D C:\Windows\ie8updates
2013-07-05 12:57 - 2013-07-05 12:55 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:13 - 2013-07-04 22:11 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:13 - 2013-07-04 21:53 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 22:13 - 2009-03-04 13:31 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 22:11 - 2012-12-05 13:41 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-07-04 22:09 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\security
2013-07-04 22:08 - 2013-07-04 21:41 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:56 - 2013-07-04 13:37 - 00034059 ____A C:\Windows\KB956744.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\PeerNet
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Help
2013-07-04 21:49 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\System32\usmt
2013-07-04 21:49 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\srchasst
2013-07-04 21:48 - 2012-12-05 11:51 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-07-04 21:48 - 2009-03-04 13:41 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:16 - 2009-07-28 17:51 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-04 21:14 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Provisioning
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-03 13:47 - 2013-03-08 15:19 - 00000000 ____D C:\vue
2013-06-13 10:27 - 2012-04-09 12:41 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 10:27 - 2011-12-28 17:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-08 21:10 - 2012-12-18 12:10 - 00000000 ____D C:\canopy
2013-06-08 21:00 - 2012-09-12 12:44 - 00000000 ____D C:\dänemark0912

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---

Alt 08.07.2013, 21:15   #23
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 11:45   #24
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, ja das wäre schön wenn es keine Probleme mehr gebe, aber der Esetscan hat neun Bedrohungen gefunden. Hier die drei gewünschten Dateien:

C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\61\54e5cf7d-285d954c Variante von Win32/Injector.AJBT Trojaner
C:\Dokumente und Einstellungen\Dust\Eigene Dateien\Downloads\pcfix-v302-de(2).exe Win32/Adware.PCFixCleaner Anwendung
C:\Dokumente und Einstellungen\Dust\Eigene Dateien\Downloads\pcfix-v302-de.exe Win32/Adware.PCFixCleaner Anwendung
C:\FRST\Quarantine\LyricsMonkey\chrome.crx Win32/Adware.AddLyrics.F Anwendung
C:\FRST\Quarantine\LyricsMonkey\FF\chrome\content\main.js Win32/Adware.AddLyrics.F Anwendung
C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\All Users\Anwendungsdaten\8ed1dc61-0202-0000-fb05-000087371d04\8ed1dc61-0202-0000-fb05-000087371d04.exe.vir Variante von Win32/Kryptik.BFHQ Trojaner
C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Dust\49572.exe.vir Variante von Win32/Kryptik.BFHQ Trojaner
C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Dust\ceegaix.exe.vir Win32/Pronny.MB Wurm
C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Dust\Anwendungsdaten\WMPRWISE.EXE.vir Variante von Win32/Injector.AJBM Trojaner


und dann:

Results of screen317's Security Check version 0.99.68
Windows XP Service Pack 3 x86
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
ESET Online Scanner v3
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
Java(TM) 6 Update 37
Java(TM) 6 Update 3
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````


und dann:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Dust (administrator) on 09-07-2013 12:42:34
Running from C:\allewebprojekte
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(Apple Computer, Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Programme\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [13529088 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] nwiz.exe /install [x]
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [86016 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll (LeapWare)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: No Name - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Programme\PicLensIE\cooliris.dll (Cooliris Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Firefox\Profiles\bq0opndw.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SpeedAnalysis.com - C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-06] (Adobe Systems)
R2 AdobeActiveFileMonitor4.0; C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-10-03] ()
S3 Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-12-14] (Autodesk)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-07-18] (Macrovision Europe Ltd.)
R2 ForcewareWebInterface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 nSvcIp; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation)
R2 nSvcLog; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [242544 2007-02-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [89968 2007-02-10] (Microsoft Corporation)
R2 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4150112 2013-06-13] (TeamViewer GmbH)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S2 AviraUpgradeService; "C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2009-03-05] (Windows (R) 2000 DDK provider)
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-06-18] (Avanquest Software)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 DCamUSBSQTECH; C:\Windows\System32\Drivers\SQcaptur.sys [29744 2003-10-28] (Service & Quality Technology.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CFcatchme; \??\C:\ComboFix\CFcatchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:25 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:52 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-08 10:51 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-08 10:51 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-08 10:51 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-08 10:45 - 2013-07-08 11:04 - 00000000 ____D C:\Qoobox
2013-07-08 10:45 - 2013-07-08 11:03 - 00000000 ____D C:\Windows\erdnt
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:45 - 2013-07-08 12:43 - 00000000 ____D C:\JRT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:57 - 2013-07-05 14:58 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:55 - 2013-07-05 14:56 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 12:55 - 2013-07-05 12:57 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-05 10:31 - 2013-07-05 15:00 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 10:31 - 2013-07-05 15:00 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 10:31 - 2013-07-05 14:59 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 10:30 - 2013-07-05 14:58 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 10:30 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-07-05 10:29 - 2013-07-05 14:55 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:11 - 2013-07-04 22:13 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:53 - 2013-07-04 22:13 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2008-04-14 07:51 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\Windows\System32\dllcache\sl_anet.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msaud32.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\dllcache\l3codeca.acm
2013-07-04 21:52 - 2007-06-26 11:30 - 00572557 ____C C:\Windows\System32\dllcache\rtuner.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00457607 ____C C:\Windows\System32\dllcache\mdlib.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00381425 ____C C:\Windows\System32\dllcache\copycd.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00375519 ____C C:\Windows\System32\dllcache\nuskin.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00354468 ____C C:\Windows\System32\dllcache\wmpaud1.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud7.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud6.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00300969 ____C C:\Windows\System32\dllcache\viz.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud9.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud8.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud3.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086196 ____C C:\Windows\System32\dllcache\wmpaud5.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud4.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud2.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00022060 ____C C:\Windows\System32\dllcache\npds.zip
2013-07-04 21:52 - 2007-06-26 11:30 - 00010457 ____C C:\Windows\System32\dllcache\wmptour.hta
2013-07-04 21:52 - 2007-06-26 11:30 - 00009585 ____C C:\Windows\System32\dllcache\controls.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00008298 ____C C:\Windows\System32\dllcache\contents.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00006878 ____C C:\Windows\System32\dllcache\controls.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00005971 ____C C:\Windows\System32\dllcache\events.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00003187 ____C C:\Windows\System32\dllcache\tour.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00001771 ____C C:\Windows\System32\dllcache\wmptour.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00001148 ____C C:\Windows\System32\dllcache\snd.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00000420 ____C C:\Windows\System32\dllcache\wmploc.js
2013-07-04 21:52 - 2007-06-26 11:29 - 00097117 ____C C:\Windows\System32\dllcache\mplayer2.hlp
2013-07-04 21:52 - 2007-06-26 11:29 - 00001885 ____C C:\Windows\System32\dllcache\mplayer2.cnt
2013-07-04 21:52 - 2007-06-26 11:26 - 00000403 ____C C:\Windows\System32\dllcache\npdrmv2.zip
2013-07-04 21:52 - 2007-02-21 10:45 - 00076456 ____C C:\Windows\System32\dllcache\wmplayer.adm
2013-07-04 21:52 - 2007-02-21 10:36 - 00026141 ____C C:\Windows\System32\dllcache\wmplay.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00660224 ____C C:\Windows\System32\dllcache\wmplayer.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00184109 ____C C:\Windows\System32\dllcache\compact.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00084531 ____C C:\Windows\System32\dllcache\plyr_err.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00066132 ____C C:\Windows\System32\dllcache\revert.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00001476 ____C C:\Windows\System32\dllcache\plylst5.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst6.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst12.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001469 ____C C:\Windows\System32\dllcache\plylst3.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001467 ____C C:\Windows\System32\dllcache\plylst4.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001261 ____C C:\Windows\System32\dllcache\plylst1.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001055 ____C C:\Windows\System32\dllcache\plylst2.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001047 ____C C:\Windows\System32\dllcache\plylst7.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001038 ____C C:\Windows\System32\dllcache\plylst8.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000807 ____C C:\Windows\System32\dllcache\plylst11.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000800 ____C C:\Windows\System32\dllcache\plylst10.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000782 ____C C:\Windows\System32\dllcache\plylst9.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000779 ____C C:\Windows\System32\dllcache\plylst13.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000778 ____C C:\Windows\System32\dllcache\plylst14.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000725 ____C C:\Windows\System32\dllcache\plylst15.wpl
2013-07-04 21:49 - 2008-04-14 07:53 - 00278559 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmv8ds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00258048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmvds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00221184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msadds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00069632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msscds32.ax
2013-07-04 21:49 - 2008-04-14 07:52 - 00303616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmstream.dll
2013-07-04 21:49 - 2008-04-14 07:52 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlimport.exe
2013-07-04 21:49 - 2008-04-14 07:51 - 00847898 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxm.ocx
2013-07-04 21:49 - 2008-04-14 07:51 - 00004126 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxmlc.dll
2013-07-04 21:48 - 2013-07-05 15:00 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00059069 ____A C:\Windows\ocgen.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00046238 ____A C:\Windows\tsoc.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00038302 ____A C:\Windows\comsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00018674 ____A C:\Windows\iis6.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-04 21:48 - 2013-07-05 14:58 - 00014614 ____A C:\Windows\updspapi.log
2013-07-04 21:48 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\004243_.tmp
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-05 22:50 - 00000060 ____A C:\Windows\setupact.log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:41 - 2013-07-08 10:50 - 00040855 ____A C:\Windows\setupapi.log
2013-07-04 21:41 - 2013-07-04 22:08 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-04 13:37 - 2013-07-04 21:56 - 00034059 ____A C:\Windows\KB956744.log

==================== One Month Modified Files and Folders ========

2013-07-09 12:42 - 2011-12-29 17:37 - 00000000 ____D C:\allewebprojekte
2013-07-09 12:42 - 2010-02-02 12:22 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-09 12:27 - 2012-04-09 12:41 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-09 11:16 - 2010-02-08 13:58 - 01080536 ____A C:\Windows\WindowsUpdate.log
2013-07-09 11:16 - 2009-03-04 13:42 - 00000000 ____A C:\Windows\System32\nmp.log
2013-07-09 11:14 - 2010-02-02 12:22 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-09 11:14 - 2009-03-04 13:49 - 00182038 ____A C:\Windows\System32\nvapps.xml
2013-07-09 11:14 - 2009-03-04 13:34 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 11:14 - 2009-03-04 13:20 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-09 11:14 - 2009-03-04 13:20 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-08 22:53 - 2009-03-04 13:34 - 00032400 ____A C:\Windows\SchedLgU.Txt
2013-07-08 12:43 - 2013-07-05 21:45 - 00000000 ____D C:\JRT
2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:34 - 2012-09-12 10:50 - 00000000 __HDC C:\Windows\$NtUninstallKB2736233$
2013-07-08 12:25 - 2009-03-04 13:18 - 00000000 ___RD C:\Programme
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 11:04 - 2013-07-08 10:45 - 00000000 ____D C:\Qoobox
2013-07-08 11:03 - 2013-07-08 10:45 - 00000000 ____D C:\Windows\erdnt
2013-07-08 11:00 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\System32\Restore
2013-07-08 11:00 - 2008-04-14 14:00 - 00000227 ____A C:\Windows\system.ini
2013-07-08 10:59 - 2009-03-04 14:14 - 46399488 ____A C:\Windows\System32\config\software.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 04980736 ____A C:\Windows\System32\config\system.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 00524288 ____A C:\Windows\System32\config\default.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00028672 ____A C:\Windows\System32\config\SAM.bak
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:50 - 2013-07-04 21:41 - 00040855 ____A C:\Windows\setupapi.log
2013-07-08 09:52 - 2008-04-14 14:00 - 00013646 ____A C:\Windows\System32\wpa.dbl
2013-07-06 18:38 - 2011-01-11 21:09 - 00000000 ____D C:\Windows\System32\NtmsData
2013-07-06 18:34 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\Registration
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 22:50 - 2013-07-04 21:42 - 00000060 ____A C:\Windows\setupact.log
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 21:06 - 2009-03-04 14:14 - 00000211 _RASH C:\boot.ini
2013-07-05 21:06 - 2008-04-14 14:00 - 00000664 ____A C:\Windows\win.ini
2013-07-05 19:37 - 2009-05-15 19:54 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-05 18:14 - 2009-03-04 13:15 - 01594864 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-05 15:03 - 2009-03-04 13:18 - 01279496 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 15:00 - 2013-07-05 10:31 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 15:00 - 2013-07-05 10:31 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00059069 ____A C:\Windows\ocgen.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00046238 ____A C:\Windows\tsoc.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00038302 ____A C:\Windows\comsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00018674 ____A C:\Windows\iis6.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-05 15:00 - 2009-03-04 14:25 - 00253254 ____A C:\Windows\System32\TZLog.log
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:59 - 2013-07-05 10:31 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:58 - 2013-07-05 14:57 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:58 - 2013-07-05 10:30 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 14:58 - 2013-07-04 21:48 - 00014614 ____A C:\Windows\updspapi.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:57 - 2013-07-05 10:30 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 14:57 - 2009-03-04 14:19 - 00000000 ___HD C:\Windows\$hf_mig$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:56 - 2013-07-05 14:55 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 14:55 - 2013-07-05 10:29 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-05 14:55 - 2009-09-12 12:09 - 00000000 ____D C:\Windows\ie8updates
2013-07-05 12:57 - 2013-07-05 12:55 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:13 - 2013-07-04 22:11 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:13 - 2013-07-04 21:53 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 22:13 - 2009-03-04 13:31 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 22:11 - 2012-12-05 13:41 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-07-04 22:09 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\security
2013-07-04 22:08 - 2013-07-04 21:41 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:56 - 2013-07-04 13:37 - 00034059 ____A C:\Windows\KB956744.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\PeerNet
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Help
2013-07-04 21:49 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\System32\usmt
2013-07-04 21:49 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\srchasst
2013-07-04 21:48 - 2012-12-05 11:51 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-07-04 21:48 - 2009-03-04 13:41 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:16 - 2009-07-28 17:51 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-04 21:14 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Provisioning
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-03 13:47 - 2013-03-08 15:19 - 00000000 ____D C:\vue
2013-06-13 10:27 - 2012-04-09 12:41 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 10:27 - 2011-12-28 17:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---

Alt 09.07.2013, 11:48   #25
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Zitat:
C:\Dokumente und Einstellungen\Dust\Eigene Dateien\Downloads\pcfix-v302-de(2).exe Win32/Adware.PCFixCleaner Anwendung
C:\Dokumente und Einstellungen\Dust\Eigene Dateien\Downloads\pcfix-v302-de.exe Win32/Adware.PCFixCleaner Anwendung
Die beiden Downloads bitte löschen und den Papierkorb leeren. Rest ist schon in Quarantäne

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Java und Adobe updaten. Hast Du noch Probleme mit dem Rechner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 15:46   #26
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, vielen Dank, aber das Tool zum entfernen der temporären Dateien läuft jetzt schon über 2,5 STunden lang und nichts passiert, der Desktop ist leer- ist das normal, kann ich noch hoffen das was passiert? Leider ist inzwischen auch mein Emailkonto gehackt und ich komme nur nach jedem dritten neu gesetzten Passwort in meinen Account, welches Adobe soll denn upgedatet werden? Adobe REader habe ich gestern schon gemacht, viele Grüße

Alt 09.07.2013, 16:58   #27
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Beende TFC und poste ein frisches FRST Log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 17:02   #28
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, Vielen Dank, aber ich kann es wohl nur beenden wenn ich den Notschaltknopf betätige, ist das okey, kommt beim rauffahren der Desktop wieder? Grüße

Alt 09.07.2013, 17:10   #29
schrauber
/// the machine
/// TB-Ausbilder
 

Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Normalerweise schon
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 17:18   #30
evdust
 
Webseite bizcoaching öffnet sich ständig ungefragt - Standard

Webseite bizcoaching öffnet sich ständig ungefragt



Hallo, prima, wenigstens sind alle Daten und Programme wieder da. Das mein Emailaccount auch nicht mehr funktioniert seit gestern abend ist wohl Zufall, oder?
Hier die gewünschte Datei:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Dust (administrator) on 09-07-2013 18:14:09
Running from C:\allewebprojekte
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(Apple Computer, Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [13529088 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] nwiz.exe /install [x]
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [86016 2008-05-03] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll (LeapWare)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: No Name - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Programme\PicLensIE\cooliris.dll (Cooliris Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Firefox\Profiles\bq0opndw.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SpeedAnalysis.com - C:\Dokumente und Einstellungen\Dust\Anwendungsdaten\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-06] (Adobe Systems)
R2 AdobeActiveFileMonitor4.0; C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-10-03] ()
S3 Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-12-14] (Autodesk)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-07-18] (Macrovision Europe Ltd.)
R2 ForcewareWebInterface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 nSvcIp; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation)
R2 nSvcLog; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [242544 2007-02-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [89968 2007-02-10] (Microsoft Corporation)
R2 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4150112 2013-06-13] (TeamViewer GmbH)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S2 AviraUpgradeService; "C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4f5a43dc\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2009-03-05] (Windows (R) 2000 DDK provider)
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-06-18] (Avanquest Software)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 DCamUSBSQTECH; C:\Windows\System32\Drivers\SQcaptur.sys [29744 2003-10-28] (Service & Quality Technology.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CFcatchme; \??\C:\ComboFix\CFcatchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:25 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:52 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-08 10:51 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-08 10:51 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-08 10:51 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-08 10:51 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-08 10:45 - 2013-07-08 11:04 - 00000000 ____D C:\Qoobox
2013-07-08 10:45 - 2013-07-08 11:03 - 00000000 ____D C:\Windows\erdnt
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:45 - 2013-07-08 12:43 - 00000000 ____D C:\JRT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:57 - 2013-07-05 14:58 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:55 - 2013-07-05 14:56 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 12:55 - 2013-07-05 12:57 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-05 10:31 - 2013-07-05 15:00 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 10:31 - 2013-07-05 15:00 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 10:31 - 2013-07-05 14:59 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 10:30 - 2013-07-05 14:58 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 10:30 - 2013-07-05 14:57 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 10:30 - 2013-07-05 14:56 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 10:30 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-07-05 10:29 - 2013-07-05 14:55 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:11 - 2013-07-04 22:13 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:53 - 2013-07-04 22:13 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2008-04-14 07:51 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\Windows\System32\dllcache\sl_anet.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msaud32.acm
2013-07-04 21:52 - 2008-04-14 07:50 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\dllcache\l3codeca.acm
2013-07-04 21:52 - 2007-06-26 11:30 - 00572557 ____C C:\Windows\System32\dllcache\rtuner.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00457607 ____C C:\Windows\System32\dllcache\mdlib.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00381425 ____C C:\Windows\System32\dllcache\copycd.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00375519 ____C C:\Windows\System32\dllcache\nuskin.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00354468 ____C C:\Windows\System32\dllcache\wmpaud1.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud7.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud6.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00300969 ____C C:\Windows\System32\dllcache\viz.wmv
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud9.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud8.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud3.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086196 ____C C:\Windows\System32\dllcache\wmpaud5.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud4.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud2.wav
2013-07-04 21:52 - 2007-06-26 11:30 - 00022060 ____C C:\Windows\System32\dllcache\npds.zip
2013-07-04 21:52 - 2007-06-26 11:30 - 00010457 ____C C:\Windows\System32\dllcache\wmptour.hta
2013-07-04 21:52 - 2007-06-26 11:30 - 00009585 ____C C:\Windows\System32\dllcache\controls.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00008298 ____C C:\Windows\System32\dllcache\contents.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00006878 ____C C:\Windows\System32\dllcache\controls.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00005971 ____C C:\Windows\System32\dllcache\events.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00003187 ____C C:\Windows\System32\dllcache\tour.js
2013-07-04 21:52 - 2007-06-26 11:30 - 00001771 ____C C:\Windows\System32\dllcache\wmptour.css
2013-07-04 21:52 - 2007-06-26 11:30 - 00001148 ____C C:\Windows\System32\dllcache\snd.htm
2013-07-04 21:52 - 2007-06-26 11:30 - 00000420 ____C C:\Windows\System32\dllcache\wmploc.js
2013-07-04 21:52 - 2007-06-26 11:29 - 00097117 ____C C:\Windows\System32\dllcache\mplayer2.hlp
2013-07-04 21:52 - 2007-06-26 11:29 - 00001885 ____C C:\Windows\System32\dllcache\mplayer2.cnt
2013-07-04 21:52 - 2007-06-26 11:26 - 00000403 ____C C:\Windows\System32\dllcache\npdrmv2.zip
2013-07-04 21:52 - 2007-02-21 10:45 - 00076456 ____C C:\Windows\System32\dllcache\wmplayer.adm
2013-07-04 21:52 - 2007-02-21 10:36 - 00026141 ____C C:\Windows\System32\dllcache\wmplay.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00660224 ____C C:\Windows\System32\dllcache\wmplayer.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00184109 ____C C:\Windows\System32\dllcache\compact.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00084531 ____C C:\Windows\System32\dllcache\plyr_err.chm
2013-07-04 21:52 - 2007-02-21 10:25 - 00066132 ____C C:\Windows\System32\dllcache\revert.wmz
2013-07-04 21:52 - 2007-02-21 10:25 - 00001476 ____C C:\Windows\System32\dllcache\plylst5.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst6.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001471 ____C C:\Windows\System32\dllcache\plylst12.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001469 ____C C:\Windows\System32\dllcache\plylst3.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001467 ____C C:\Windows\System32\dllcache\plylst4.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001261 ____C C:\Windows\System32\dllcache\plylst1.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001055 ____C C:\Windows\System32\dllcache\plylst2.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001047 ____C C:\Windows\System32\dllcache\plylst7.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00001038 ____C C:\Windows\System32\dllcache\plylst8.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000807 ____C C:\Windows\System32\dllcache\plylst11.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000800 ____C C:\Windows\System32\dllcache\plylst10.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000782 ____C C:\Windows\System32\dllcache\plylst9.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000779 ____C C:\Windows\System32\dllcache\plylst13.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000778 ____C C:\Windows\System32\dllcache\plylst14.wpl
2013-07-04 21:52 - 2007-02-21 10:25 - 00000725 ____C C:\Windows\System32\dllcache\plylst15.wpl
2013-07-04 21:49 - 2008-04-14 07:53 - 00278559 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmv8ds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00258048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmvds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00221184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msadds32.ax
2013-07-04 21:49 - 2008-04-14 07:53 - 00069632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msscds32.ax
2013-07-04 21:49 - 2008-04-14 07:52 - 00303616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmstream.dll
2013-07-04 21:49 - 2008-04-14 07:52 - 00294912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlimport.exe
2013-07-04 21:49 - 2008-04-14 07:51 - 00847898 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxm.ocx
2013-07-04 21:49 - 2008-04-14 07:51 - 00004126 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdxmlc.dll
2013-07-04 21:48 - 2013-07-05 15:00 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00059069 ____A C:\Windows\ocgen.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00046238 ____A C:\Windows\tsoc.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00038302 ____A C:\Windows\comsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00018674 ____A C:\Windows\iis6.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.log
2013-07-04 21:48 - 2013-07-05 15:00 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-04 21:48 - 2013-07-05 14:58 - 00014614 ____A C:\Windows\updspapi.log
2013-07-04 21:48 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\004243_.tmp
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-05 22:50 - 00000060 ____A C:\Windows\setupact.log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:41 - 2013-07-08 10:50 - 00040855 ____A C:\Windows\setupapi.log
2013-07-04 21:41 - 2013-07-04 22:08 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-04 13:37 - 2013-07-04 21:56 - 00034059 ____A C:\Windows\KB956744.log

==================== One Month Modified Files and Folders ========

2013-07-09 18:14 - 2011-12-29 17:37 - 00000000 ____D C:\allewebprojekte
2013-07-09 18:13 - 2009-03-04 13:42 - 00000000 ____A C:\Windows\System32\nmp.log
2013-07-09 18:12 - 2010-02-08 13:58 - 01083310 ____A C:\Windows\WindowsUpdate.log
2013-07-09 18:12 - 2010-02-02 12:22 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-09 18:12 - 2009-03-04 13:49 - 00182038 ____A C:\Windows\System32\nvapps.xml
2013-07-09 18:12 - 2009-03-04 13:34 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-09 18:12 - 2009-03-04 13:20 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-09 18:12 - 2009-03-04 13:20 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-09 12:42 - 2010-02-02 12:22 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-09 12:27 - 2012-04-09 12:41 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 22:53 - 2009-03-04 13:34 - 00032400 ____A C:\Windows\SchedLgU.Txt
2013-07-08 12:43 - 2013-07-05 21:45 - 00000000 ____D C:\JRT
2013-07-08 12:39 - 2013-07-08 12:39 - 00001305 ____A C:\AdwCleaner[S4].txt
2013-07-08 12:34 - 2012-09-12 10:50 - 00000000 __HDC C:\Windows\$NtUninstallKB2736233$
2013-07-08 12:25 - 2009-03-04 13:18 - 00000000 ___RD C:\Programme
2013-07-08 11:04 - 2013-07-08 11:04 - 00017690 ____A C:\ComboFix.txt
2013-07-08 11:04 - 2013-07-08 10:45 - 00000000 ____D C:\Qoobox
2013-07-08 11:03 - 2013-07-08 10:45 - 00000000 ____D C:\Windows\erdnt
2013-07-08 11:00 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\System32\Restore
2013-07-08 11:00 - 2008-04-14 14:00 - 00000227 ____A C:\Windows\system.ini
2013-07-08 10:59 - 2009-03-04 14:14 - 46399488 ____A C:\Windows\System32\config\software.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 04980736 ____A C:\Windows\System32\config\system.bak
2013-07-08 10:59 - 2009-03-04 14:14 - 00524288 ____A C:\Windows\System32\config\default.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-08 10:59 - 2009-03-04 13:15 - 00028672 ____A C:\Windows\System32\config\SAM.bak
2013-07-08 10:58 - 2013-07-08 10:58 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-07-08 10:58 - 2013-07-08 10:58 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2013-07-08 10:52 - 2013-07-08 10:52 - 00000000 RASHD C:\cmdcons
2013-07-08 10:50 - 2013-07-04 21:41 - 00040855 ____A C:\Windows\setupapi.log
2013-07-08 09:52 - 2008-04-14 14:00 - 00013646 ____A C:\Windows\System32\wpa.dbl
2013-07-06 18:38 - 2011-01-11 21:09 - 00000000 ____D C:\Windows\System32\NtmsData
2013-07-06 18:34 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\Registration
2013-07-06 12:21 - 2013-07-06 12:21 - 00001478 ____A C:\AdwCleaner[S3].txt
2013-07-06 12:20 - 2013-07-06 12:20 - 00000364 ____A C:\AdwCleaner[S2].txt
2013-07-06 11:19 - 2013-07-06 11:19 - 00000000 ____D C:\FRST
2013-07-05 22:50 - 2013-07-04 21:42 - 00000060 ____A C:\Windows\setupact.log
2013-07-05 21:46 - 2013-07-05 21:46 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 21:16 - 2013-07-05 21:16 - 00029922 ____A C:\AdwCleaner[S1].txt
2013-07-05 21:15 - 2013-07-05 21:15 - 00030024 ____A C:\AdwCleaner[R1].txt
2013-07-05 21:06 - 2009-03-04 14:14 - 00000211 _RASH C:\boot.ini
2013-07-05 21:06 - 2008-04-14 14:00 - 00000664 ____A C:\Windows\win.ini
2013-07-05 19:37 - 2009-05-15 19:54 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-05 18:14 - 2009-03-04 13:15 - 01594864 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-05 15:03 - 2009-03-04 13:18 - 01279496 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 15:00 - 2013-07-05 15:00 - 00012506 ____A C:\Windows\KB2779562.log
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-07-05 15:00 - 2013-07-05 15:00 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-07-05 15:00 - 2013-07-05 10:31 - 00021367 ____A C:\Windows\KB2758857.log
2013-07-05 15:00 - 2013-07-05 10:31 - 00021004 ____A C:\Windows\KB2802968.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00123654 ____A C:\Windows\FaxSetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00059069 ____A C:\Windows\ocgen.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00046238 ____A C:\Windows\tsoc.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00038302 ____A C:\Windows\comsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00022951 ____A C:\Windows\ntdtcsetup.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00018674 ____A C:\Windows\iis6.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006317 ____A C:\Windows\ocmsn.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00006024 ____A C:\Windows\msgsocm.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.log
2013-07-05 15:00 - 2013-07-04 21:48 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-05 15:00 - 2009-03-04 14:25 - 00253254 ____A C:\Windows\System32\TZLog.log
2013-07-05 14:59 - 2013-07-05 14:59 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-07-05 14:59 - 2013-07-05 10:31 - 00020697 ____A C:\Windows\KB2780091.log
2013-07-05 14:58 - 2013-07-05 14:58 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-07-05 14:58 - 2013-07-05 14:57 - 00015709 ____A C:\Windows\KB2753842-v2.log
2013-07-05 14:58 - 2013-07-05 10:30 - 00019923 ____A C:\Windows\KB2719985.log
2013-07-05 14:58 - 2013-07-04 21:48 - 00014614 ____A C:\Windows\updspapi.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00015666 ____A C:\Windows\KB2807986.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00014415 ____A C:\Windows\KB2820197.log
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-07-05 14:57 - 2013-07-05 14:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-07-05 14:57 - 2013-07-05 10:30 - 00020327 ____A C:\Windows\KB2820917.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019512 ____A C:\Windows\KB2757638.log
2013-07-05 14:57 - 2013-07-05 10:30 - 00019488 ____A C:\Windows\KB2839229.log
2013-07-05 14:57 - 2009-03-04 14:19 - 00000000 ___HD C:\Windows\$hf_mig$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-07-05 14:56 - 2013-07-05 14:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-07-05 14:56 - 2013-07-05 14:55 - 00014196 ____A C:\Windows\KB2838727-IE8.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019619 ____A C:\Windows\KB2813345.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019495 ____A C:\Windows\KB2749655.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00019070 ____A C:\Windows\KB2661254-v2.log
2013-07-05 14:56 - 2013-07-05 10:30 - 00018650 ____A C:\Windows\KB2727528.log
2013-07-05 14:55 - 2013-07-05 14:55 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-07-05 14:55 - 2013-07-05 10:29 - 00013004 ____A C:\Windows\KB2829361.log
2013-07-05 14:55 - 2009-09-12 12:09 - 00000000 ____D C:\Windows\ie8updates
2013-07-05 12:57 - 2013-07-05 12:55 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-07-04 22:49 - 2013-07-04 22:49 - 00006220 ____A C:\Windows\KB946648.log
2013-07-04 22:49 - 2013-07-04 22:49 - 00006020 ____A C:\Windows\KB973687.log
2013-07-04 22:13 - 2013-07-04 22:13 - 00000236 ____A C:\Windows\DtcInstall.log
2013-07-04 22:13 - 2013-07-04 22:11 - 00002162 ____A C:\Windows\wmsetup.log
2013-07-04 22:13 - 2013-07-04 21:53 - 00069530 ____A C:\Windows\spupdsvc.log
2013-07-04 22:13 - 2009-03-04 13:31 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-07-04 22:11 - 2013-07-04 22:11 - 00000187 ____A C:\Windows\spupdsvc.log.1.log
2013-07-04 22:11 - 2012-12-05 13:41 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-07-04 22:09 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\security
2013-07-04 22:08 - 2013-07-04 21:41 - 00331707 ____A C:\Windows\svcpack.log
2013-07-04 21:56 - 2013-07-04 21:56 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2013-07-04 21:56 - 2013-07-04 13:37 - 00034059 ____A C:\Windows\KB956744.log
2013-07-04 21:53 - 2013-07-04 21:53 - 00000173 ____A C:\Windows\cmsetacl.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000311 ____A C:\Windows\sessmgr.setup.log
2013-07-04 21:52 - 2013-07-04 21:52 - 00000000 ____D C:\Windows\System32\bits
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\PeerNet
2013-07-04 21:52 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Help
2013-07-04 21:49 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\System32\usmt
2013-07-04 21:49 - 2009-03-04 13:29 - 00000000 ____D C:\Windows\srchasst
2013-07-04 21:48 - 2012-12-05 11:51 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-07-04 21:48 - 2009-03-04 13:41 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-07-04 21:47 - 2013-07-04 21:47 - 00000581 ____A C:\Windows\medctroc.Log
2013-07-04 21:42 - 2013-07-04 21:42 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 21:16 - 2009-07-28 17:51 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-04 21:14 - 2009-03-04 14:09 - 00000000 ____D C:\Windows\Provisioning
2013-07-04 20:43 - 2013-07-04 20:43 - 00000000 ____D C:\Windows\pss
2013-07-04 13:38 - 2013-07-04 13:38 - 00003221 ____A C:\Windows\KB935448.log
2013-07-03 13:47 - 2013-03-08 15:19 - 00000000 ____D C:\vue
2013-06-13 10:27 - 2012-04-09 12:41 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 10:27 - 2011-12-28 17:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---

Antwort

Themen zu Webseite bizcoaching öffnet sich ständig ungefragt
bizcoaching, download, edition, gefährliche, gelöscht, gen, google, home, installiert, klicke, laufen, links, mögliche, passwörter, problem, runter, scan, scanner, ungefragt, webseite, webseiten, windows, windows xp, xp home, öffnet, öffnet sich ständig



Ähnliche Themen: Webseite bizcoaching öffnet sich ständig ungefragt


  1. neues Fenster und Werbung öffnet sich in Chrome ungefragt
    Plagegeister aller Art und deren Bekämpfung - 04.03.2015 (41)
  2. Webseite http://www.98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnet sich von alleine
    Log-Analyse und Auswertung - 06.08.2014 (9)
  3. Windows 8: Chrome öffnet ständig ungefragt Fenster und Tabs
    Log-Analyse und Auswertung - 21.05.2014 (6)
  4. Nation Zoom öffnet sich ungefragt in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (12)
  5. Bei jedem klicken auf eine Webseite, öffnet sich ein neuer Tab.
    Lob, Kritik und Wünsche - 02.12.2013 (0)
  6. Bei jedem klicken auf eine Webseite, öffnet sich ein neuer Tab.
    Plagegeister aller Art und deren Bekämpfung - 01.12.2013 (17)
  7. Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)
    Plagegeister aller Art und deren Bekämpfung - 19.11.2013 (4)
  8. Unbekannte Webseite öffnet sich selbständig in regelmäßigen Abständen
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (2)
  9. Windows 7: IE öffnet sich mehrmals ungefragt (Delta Search -> bösartig)
    Log-Analyse und Auswertung - 29.08.2013 (7)
  10. ständig öffenen sich BIZCOACHING oder ähnliche Fenster...
    Plagegeister aller Art und deren Bekämpfung - 08.07.2013 (13)
  11. bizcoaching Popup öffnet sich bei fast jedem Klick im IE10
    Mülltonne - 04.07.2013 (1)
  12. Firefox öffnet ständig neue Fenster und leitet auf immer die selbe Webseite um
    Plagegeister aller Art und deren Bekämpfung - 24.06.2011 (20)
  13. Internetexplorer öffnet sich ungefragt, Trojaner wird vermutet.
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (23)
  14. IE öffnet ungefragt / Ton schaltetet sich ab
    Plagegeister aller Art und deren Bekämpfung - 12.07.2010 (8)
  15. IE-Explorer öffnet sich ungefragt! Hier die Logfile...
    Log-Analyse und Auswertung - 04.06.2010 (7)
  16. prunnet.exe >> IE öffnet sich ungefragt
    Log-Analyse und Auswertung - 11.01.2009 (10)
  17. Beim PC-Start öffnet sich eine webseite
    Log-Analyse und Auswertung - 16.01.2005 (11)

Zum Thema Webseite bizcoaching öffnet sich ständig ungefragt - Hallo, entschuldigen Sie dass ich mich nicht mehr gemeldet habe, aber mir ging es zu schlecht ich habe Urlaub vorm Computer gemacht...hier das frische FRST FRST Logfile: Code: Alles auswählen - Webseite bizcoaching öffnet sich ständig ungefragt...
Archiv
Du betrachtest: Webseite bizcoaching öffnet sich ständig ungefragt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.