Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: wieder serve.bannersdontwork.com etc.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.08.2013, 15:27   #1
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



moin!

ich bin neu hier und habe nicht so viel ahnung vom pc oder trojaner oder vieren etc.
ich glaube nur ich bin von diesem banner- trojaner oder wat auch immer das ist befallen. ich habe dazu schon einen beitrag gelesen und bin soweit vorangekommen, dass ich hier mal den otl- scan gemacht habe und hier mal poste:

(falls ich hier falsch bin, korrigiert das bitte; und erklärt die nachfolgenden schritte idiotensicher )


1)
_____________________________________________________________________________OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.08.2013 15:03:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maddin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,70% Memory free
4,24 Gb Paging File | 2,83 Gb Available in Paging File | 66,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 171,37 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 17,24 Gb Free Space | 11,44% Space Free | Partition Type: NTFS
Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Maddin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Windows\vVX3000.exe (Microsoft Corporation)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Web Assistant) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ClipInc003) -- D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (ClipInc002) -- D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (ClipInc001) -- D:\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ddxgb) -- C:\Users\Maddin\AppData\Local\Temp\ddxgb.sys ()
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (VX3000) -- C:\Windows\System32\drivers\VX3000.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA_de
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
IE - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.bild.de/"
FF - prefs.js..extensions.enabledAddons: %7B8E9E3331-D360-4f87-8803-52DE43566502%7D:2.0.0.604
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013.07.31 15:24:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502}: C:\Program Files\Web Assistant\Firefox [2013.07.31 15:24:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.07.03 17:35:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Mozilla Thunderbird\components [2013.03.03 21:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Mozilla Thunderbird\plugins
 
[2010.01.12 23:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Extensions
[2010.01.12 23:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.28 17:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Firefox\Profiles\6c21kh5d.default\extensions
[2010.04.27 22:34:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Maddin\AppData\Roaming\mozilla\Firefox\Profiles\6c21kh5d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007.11.04 16:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maddin\AppData\Roaming\mozilla\Firefox\Profiles\vp5nahrp.default\extensions
[2012.08.31 18:52:32 | 000,002,203 | ---- | M] () -- C:\Users\Maddin\AppData\Roaming\mozilla\firefox\profiles\6c21kh5d.default\searchplugins\MyStart Search.xml
[2007.11.04 15:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2007.11.04 15:59:52 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Program Files\mozilla firefox\extensions\inspector@mozilla.org
[2007.11.04 15:59:52 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2013.07.31 15:24:01 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2006.08.24 23:07:50 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2006.08.24 23:07:50 | 000,001,063 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2006.11.10 13:42:00 | 000,000,998 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.11 00:32:03 | 000,000,815 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ClipIncSrvTray] "D:\Tobit ClipInc\Player\ClipIncTray.exe" File not found
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LifeChat] c:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab (EARTPatchX Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E455C09B-32B4-4207-B28A-7D913F3C5674}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011.08.11 04:04:53 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{ea2200f6-8a17-11dc-b94d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ea2200f6-8a17-11dc-b94d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.13 15:09:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.07.13 15:09:16 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.07.13 15:09:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.07.13 15:09:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.07.13 15:09:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.07.13 15:09:15 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.07.13 15:09:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.07.13 15:09:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.07.13 13:29:02 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.07.13 13:27:53 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013.07.13 13:27:53 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.07.13 13:27:53 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013.07.13 13:27:53 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013.07.13 13:27:53 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013.07.13 13:27:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013.07.13 13:27:53 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013.07.13 13:27:53 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.07.13 13:27:50 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013.07.13 13:27:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
 
========== Files - Modified Within 30 Days ==========
 
[2013.08.01 14:56:24 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.01 14:23:55 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013.08.01 14:23:46 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.01 14:23:45 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.01 14:23:45 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.01 14:23:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.01 14:23:18 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.21 11:26:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013.07.15 17:14:14 | 000,271,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.13 15:18:19 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.13 15:18:19 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.13 15:18:19 | 000,126,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.13 15:18:19 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.07.23 21:07:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.07.23 20:57:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.07.23 20:57:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.02.06 17:57:19 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.12.15 17:04:55 | 000,000,439 | ---- | C] () -- C:\Windows\wiso.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.24 21:53:25 | 015,321,068 | R--- | C] () -- C:\Users\Maddin\2009-08-24 Nokia N95 8GB.nbu
[2008.09.26 15:51:05 | 000,022,328 | ---- | C] () -- C:\Users\Maddin\AppData\Roaming\PnkBstrK.sys
[2008.08.20 01:40:16 | 000,201,243 | ---- | C] () -- C:\Users\Maddin\AppData\Roaming\NMM-MetaData.db
[2008.05.22 23:19:26 | 000,217,088 | R--- | C] () -- C:\Users\Maddin\AppData\Roaming\MafiaSetup.exe
[2008.04.07 12:57:03 | 000,001,100 | ---- | C] () -- C:\Users\Maddin\AppData\Local\d3d8caps.dat
[2007.12.22 19:08:30 | 000,015,100 | ---- | C] () -- C:\Users\Maddin\AppData\Local\d3d9caps.dat
[2007.11.04 17:37:49 | 000,029,184 | ---- | C] () -- C:\Users\Maddin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
< End of report >
         
--- --- ---

_____________________________________________________________________________


2)

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 01.08.2013 15:03:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maddin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,70% Memory free
4,24 Gb Paging File | 2,83 Gb Available in Paging File | 66,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 171,37 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 17,24 Gb Free Space | 11,44% Space Free | Partition Type: NTFS
Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: *** |User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3820498202-1458107328-1573072948-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BUDNI Fotowelt] -- "C:\Users\Maddin\BUDNI Fotowelt\BUDNI Fotowelt.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Users\Maddin\BUDNI Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{82AC7AAE-8FC5-433E-B89F-D4BFEF0C7BE0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B106B7B7-09DE-4A2B-8F67-1305DD7172CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C2D839-135E-468A-8B04-01FB7DC427EC}" = protocol=17 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx9.exe | 
"{080C8D05-E321-4533-8F15-E673F08C460A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{093AB51B-4DC2-4CB4-B710-1059555BFBF2}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{0F70759F-BF34-420E-962F-D70B02FEC5A3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{12F09C1D-7C3F-4A18-ACBA-FE921F865ED3}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | 
"{16A4DC92-F79A-4BC7-AF82-6EB160883AA3}" = protocol=17 | dir=in | app=d:\ spiele\grand theft auto iv\launchgtaiv.exe | 
"{188FC9A5-8429-48D6-B09D-42EB39D72895}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{1AFC0178-44F3-4A97-AC52-BCA410A6B0F4}" = protocol=6 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx9.exe | 
"{1D6D4527-CE55-4337-9929-FB72F8DD3F9A}" = protocol=17 | dir=in | app=d:\spiele\kane and lynch dead men\kaneandlynch.exe | 
"{1E1EA7AE-E685-41F5-9771-6F298EDA2D1E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{211FE7D9-1444-4CD5-8137-8C0758FFF752}" = protocol=6 | dir=in | app=d:\spiele\world in conflict\wic_ds.exe | 
"{224346CD-7B1D-438F-BFF0-BDE8601E28F2}" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"{2756802D-C1B3-44A5-A299-5118A2FE3A73}" = protocol=6 | dir=in | app=d:\spiele\kane and lynch dead men\kaneandlynch.exe | 
"{2A72617E-DAD4-4958-8BCB-3E22EA6352B8}" = protocol=6 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_launcher.exe | 
"{2F1B6A62-CF62-4486-8805-FB434210EAD8}" = protocol=6 | dir=in | app=d:\ spiele\grand theft auto iv\launchgtaiv.exe | 
"{33E5CAE1-E418-4A9E-80C9-B547D0EAE0A3}" = protocol=17 | dir=in | app=d:\spiele\sid meier's civilization 4\civilization4.exe | 
"{34AC58B2-D6CD-4A77-AEE3-6E9D47DA282A}" = protocol=17 | dir=in | app=d:\spiele\ein quantum trost\jb_liveengine_s.exe | 
"{39111A20-39D7-4A86-A558-E4290CBCAEA9}" = protocol=6 | dir=in | app=d:\spiele\call of duty 5\codwawmp.exe | 
"{3CEF191C-FC36-4162-80DB-91E8C970A6DF}" = protocol=6 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx10.exe | 
"{3FBE7BC3-6C6F-47F1-A363-A37ED630EDCE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{4098CAC4-C76B-42AC-827F-7EF112A58F2E}" = protocol=17 | dir=in | app=d:\spiele\gta 4\rockstar games social club\rgsclauncher.exe | 
"{441F6C15-79DF-4D6B-AF79-9D61869CCE47}" = protocol=17 | dir=in | app=d:\spiele\world in conflict\wic.exe | 
"{4B353425-F9AA-4B27-8012-B72AABC4E474}" = protocol=6 | dir=in | app=d:\spiele\ein quantum trost\jb_liveengine_s.exe | 
"{4EA50AD3-BA6F-459E-911A-0E805E010513}" = protocol=17 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"{5CE0DD52-D6B9-4DF2-AAA8-159AE710172E}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{604084B9-3A2F-4A65-9975-FD5B1149591F}" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"{6F49918D-47D9-4F11-87CD-50877CF41B24}" = protocol=6 | dir=in | app=d:\spiele\zt.exe | 
"{71C05D2E-F286-4B1D-9F02-D6CF529292F7}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{731C04CD-E010-4A31-BAA1-CFAA3A37957A}" = protocol=17 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_dx10.exe | 
"{74E8D058-FC77-489A-8DA4-B0B647A54DC7}" = protocol=17 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\launchgtaiv.exe | 
"{7E34DC3C-5692-4EB6-9267-B4FE0AA8952E}" = protocol=17 | dir=in | app=d:\spiele\zt.exe | 
"{7EF1CABC-132B-44D0-9EB7-75E428B187DD}" = protocol=6 | dir=in | app=d:\spiele\medal of honor airborne\unrealengine3\binaries\moha.exe | 
"{8002E1E0-A33C-4B72-95C8-1EC4D0089EC0}" = protocol=17 | dir=in | app=d:\spiele\world in conflict\wic_ds.exe | 
"{80C3C9C4-AA94-428E-896C-BD3F70DD5AE5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{8B09E18A-E42D-4BB0-B85E-F0B64174FCB3}" = protocol=6 | dir=in | app=d:\spiele\world in conflict\wic_online.exe | 
"{8C57024A-E393-4932-8399-219E06B34900}" = protocol=17 | dir=in | app=d:\spiele\call of duty 5\codwaw.exe | 
"{92C20766-F3FB-4BE7-A518-255A34567A40}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{9AE4CCFB-6EC3-464B-8123-5BDE852D1BA7}" = protocol=6 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\launchgtaiv.exe | 
"{AA682179-D14B-4C97-9C59-56433D166011}" = protocol=6 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"{AB3FA699-970E-4D00-9BE8-CF34EE99493C}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{AC905074-F06C-496E-8E08-6ED9AE37E5EE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{AD0D9869-3DEC-4DDD-97E9-68A95356F5C6}" = protocol=6 | dir=in | app=e:\alicecd.exe | 
"{B1ED0B9F-B9C2-4F7A-8D90-2A64516F43CF}" = protocol=17 | dir=in | app=d:\spiele\assassin´s creed\assassinscreed_launcher.exe | 
"{BA1ED9BD-4BFC-49C7-BBE3-EF71615709A5}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{BB816250-40E4-4421-9F7F-FD948D88592E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{BFBAC5D2-4891-4027-BC10-394F8BE0ED9C}" = protocol=6 | dir=in | app=d:\spiele\gta 4\rockstar games social club\rgsclauncher.exe | 
"{C021B9F4-69CE-4EF5-9869-6CA4A39DD5CE}" = protocol=17 | dir=in | app=e:\alicecd.exe | 
"{C3AFB358-44BE-471D-B29B-A01EE180A655}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{C9F57CF7-D1CB-4BA0-B783-A069DFB9A402}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{CBAB03C4-176E-4287-9228-D87A5E74B71E}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | 
"{D07E34BF-C8B4-48E9-B47B-738620D014D6}" = protocol=6 | dir=in | app=d:\spiele\sid meier's civilization 4\civilization4.exe | 
"{D3640BA7-F368-457D-829F-C99E4BE532FF}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe | 
"{DBA502FC-0E6E-4925-A5BB-E5B77386337C}" = protocol=17 | dir=in | app=d:\spiele\world in conflict\wic_online.exe | 
"{DE9ED7E6-22EF-4482-A844-F6D2C9C49FAB}" = protocol=6 | dir=in | app=d:\spiele\call of duty 5\codwaw.exe | 
"{DF45B9C3-5688-4172-9DEC-E2D197E8EF14}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{E103E9C2-2825-4F72-8611-AAB7082445BB}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\xrengine.exe | 
"{E821BD41-D2DD-48BD-87E9-DEAFC75DD6D4}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe | 
"{E8677B9F-7FFC-417D-896D-0D7791BBA5EA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{E947E39C-CF47-4587-860A-6C865ABD0362}" = protocol=6 | dir=in | app=d:\spiele\world in conflict\wic.exe | 
"{EAAAB48E-75DB-4D29-8D7A-0925E7BCB145}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{EB2FCAEA-89FA-4D17-9633-EBC73C9AFB9C}" = protocol=17 | dir=in | app=d:\spiele\call of duty 5\codwawmp.exe | 
"{EC9345A4-7CFA-4F33-B8B0-68070DE35800}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - clear sky\bin\dedicated\xrengine.exe | 
"{EEBB1664-EBE7-4C61-807D-B8729EAE2DA1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{FC75F3A9-17F7-4C4B-90ED-2E3370624CC2}" = protocol=17 | dir=in | app=d:\spiele\medal of honor airborne\unrealengine3\binaries\moha.exe | 
"TCP Query User{03803038-C2F7-4E9A-BB6C-4544E00FB286}D:\tobit clipinc\player\clipinc-player.exe" = protocol=6 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe | 
"TCP Query User{03960696-A232-4B1A-9D73-C4627D159949}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{0D5A2A78-4004-456F-9A8E-8D195606D1DD}D:\spiele\medal of honor pacific assault\mohpa.exe" = protocol=6 | dir=in | app=d:\spiele\medal of honor pacific assault\mohpa.exe | 
"TCP Query User{206C9806-3A48-4225-9B6D-B0AB7E1B4149}C:\users\maddin\desktop\pes2011.exe" = protocol=6 | dir=in | app=c:\users\maddin\desktop\pes2011.exe | 
"TCP Query User{27F7AF23-6BF7-408E-91F2-E66738509811}C:\spiele\gta 4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\gtaiv.exe | 
"TCP Query User{311ABE75-51CB-4549-B757-837A303D1EB5}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{4B1D03B3-665F-4EDF-835E-62B14EB8C946}D:\spiele\pes 2008\pes2008.exe" = protocol=6 | dir=in | app=d:\spiele\pes 2008\pes2008.exe | 
"TCP Query User{570B4F93-091F-4359-83BB-ABF9AB7FF2DE}D:\ spiele\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\ spiele\grand theft auto iv\gtaiv.exe | 
"TCP Query User{6054369A-CECC-4EA3-8949-151CDB7AFF8C}D:\spiele\pro evolution soccer 2009\pes2009.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2009\pes2009.exe | 
"TCP Query User{6934C9CF-82BC-4F9C-BAE3-0EDC62BADC7E}D:\spiele\anno 1701\anno1701addon.exe" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"TCP Query User{815D8194-E2B4-4480-8406-D60A7D6BAA0C}D:\spiele\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\spiele\xfire\xfire.exe | 
"TCP Query User{8BC28FC7-591C-4ECC-A1D1-79A6A7B55A1B}D:\spiele\pes 2011\pes2011.exe" = protocol=6 | dir=in | app=d:\spiele\pes 2011\pes2011.exe | 
"TCP Query User{8E215009-52A5-4BCC-BF2B-5132F20B9B98}D:\spiele\pro evolution soccer 6\pes6.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 6\pes6.exe | 
"TCP Query User{93253A28-EB58-40FD-9D0A-E73C6618345B}D:\spielemohaa\mohaa.exe" = protocol=6 | dir=in | app=d:\spielemohaa\mohaa.exe | 
"TCP Query User{9E2B75FA-183F-4400-ADFD-F246FB431299}D:\spiele\call of duty 4\iw3mp.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"TCP Query User{A323390C-0FDB-47DD-A2C4-BFE733084E4D}D:\spiele\anno 1701\anno1701.exe" = protocol=6 | dir=in | app=d:\spiele\anno 1701\anno1701.exe | 
"TCP Query User{A3A3B5F6-23D2-444B-873C-6576569AE6C0}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{AE26583F-B90F-4741-82F4-3AFC77E81534}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{B394BE51-FB2E-4F60-948F-31240C92E8B7}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"TCP Query User{BC844D6F-B99B-4821-A786-14C83136136F}D:\spiele\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=d:\spiele\far cry\bin32\farcry.exe | 
"TCP Query User{C2FEE5FE-B101-40E9-878F-9860ADF0F134}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C41AC622-7DE2-4134-87C1-5A90067C1FBC}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=6 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"TCP Query User{D29E1C3C-4BF7-4721-AE5D-D2898A077CA1}D:\spiele\hidden & dangerous 2\hd2.exe" = protocol=6 | dir=in | app=d:\spiele\hidden & dangerous 2\hd2.exe | 
"TCP Query User{D42D0CDB-B3C3-4FD5-99FA-27DFD1EB4F58}D:\spiele\call of duty 4\admin\modernrcon_v0.8.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 4\admin\modernrcon_v0.8.exe | 
"TCP Query User{E454FD91-BAE0-4701-A6E5-29C62570AA09}D:\spiele\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=d:\spiele\battlefield 1942\bf1942.exe | 
"UDP Query User{0F8D42EB-C37B-4892-8CDE-399C9929249C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{1A4B4D7B-E067-40A3-9CED-5C7D0FF2D399}D:\spiele\anno 1701\anno1701addon.exe" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701addon.exe | 
"UDP Query User{20565B86-C15E-4B87-BD66-21A822F40116}C:\spiele\gta 4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\spiele\gta 4\grand theft auto iv\gtaiv.exe | 
"UDP Query User{29045E5C-271B-4272-81FC-9734050511FC}D:\ spiele\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\ spiele\grand theft auto iv\gtaiv.exe | 
"UDP Query User{2C198860-E282-46E2-AD7D-FBEB0C9F4D7F}D:\spiele\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=d:\spiele\far cry\bin32\farcry.exe | 
"UDP Query User{32BB6747-0314-42EF-BBD0-F90DAB902196}D:\spiele\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\spiele\xfire\xfire.exe | 
"UDP Query User{41725B82-B5C0-4AE4-A34A-B7869BD6E06B}D:\spiele\medal of honor pacific assault\mohpa.exe" = protocol=17 | dir=in | app=d:\spiele\medal of honor pacific assault\mohpa.exe | 
"UDP Query User{46F9ACF4-97D7-465A-9A7F-11828461FF63}D:\spiele\call of duty 4\admin\modernrcon_v0.8.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 4\admin\modernrcon_v0.8.exe | 
"UDP Query User{52B681E8-30DE-41C7-BDDD-C3D162FB565A}D:\spiele\pes 2011\pes2011.exe" = protocol=17 | dir=in | app=d:\spiele\pes 2011\pes2011.exe | 
"UDP Query User{5A20F2E0-7C25-47E3-86F9-3347E336577C}D:\spiele\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=d:\spiele\battlefield 1942\bf1942.exe | 
"UDP Query User{60B7F24E-6E46-4BA9-9382-A7E52870B1D7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{61DD9F0F-AE2B-4A24-84E0-43BC5BE80864}D:\spiele\call of duty 4\iw3mp.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 4\iw3mp.exe | 
"UDP Query User{6DB1A4F4-76E0-4A4D-B78E-0061D3A9794A}D:\spielemohaa\mohaa.exe" = protocol=17 | dir=in | app=d:\spielemohaa\mohaa.exe | 
"UDP Query User{6F5FABCE-1AE1-482B-843A-BBE7F95F75E6}D:\spiele\pro evolution soccer 2009\pes2009.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2009\pes2009.exe | 
"UDP Query User{777F1ED2-2685-4AA9-B50A-CA43C0E0974E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{8DD4F691-2184-4A30-9885-8A74F377B0DA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{8E36D74D-2494-4002-A324-A0B74B7C46B8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{A0698C70-7ED7-4F4C-9328-7B89FF0E8AB3}D:\spiele\pes 2008\pes2008.exe" = protocol=17 | dir=in | app=d:\spiele\pes 2008\pes2008.exe | 
"UDP Query User{BC16AC66-2F4D-4FD5-9F24-82557C7626CF}D:\spiele\pro evolution soccer 6\pes6.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 6\pes6.exe | 
"UDP Query User{C2556B6A-B4A0-43BB-9C5E-FBD6C68DF75A}D:\spiele\anno 1701\anno1701.exe" = protocol=17 | dir=in | app=d:\spiele\anno 1701\anno1701.exe | 
"UDP Query User{D49E23FD-4938-4B1E-84E3-BB8BFBFE665A}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"UDP Query User{D4C87391-964C-4794-AC9C-260D2CA029F6}D:\tobit clipinc\player\clipinc-player.exe" = protocol=17 | dir=in | app=d:\tobit clipinc\player\clipinc-player.exe | 
"UDP Query User{E7D3BC8A-F145-4F79-AAFA-B9419FA7E15C}D:\spiele\hidden & dangerous 2\hd2.exe" = protocol=17 | dir=in | app=d:\spiele\hidden & dangerous 2\hd2.exe | 
"UDP Query User{ECB0F7A5-6FD3-48CA-8417-9021B7E4FB43}D:\spiele\pro evolution soccer 2012\pes2012.exe" = protocol=17 | dir=in | app=d:\spiele\pro evolution soccer 2012\pes2012.exe | 
"UDP Query User{FD9EFF5E-8800-48EB-9186-D328672DC9DC}C:\users\maddin\desktop\pes2011.exe" = protocol=17 | dir=in | app=c:\users\maddin\desktop\pes2011.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D33BCF7-B5B6-4148-B888-9CC2EC208556}" = Konz 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.604
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE2F517-3EAC-4155-A832-EA969628FEC1}" = IronStorm
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}" = Steuer 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{66039B36-96AE-40D1-8A32-071F7A61B738}" = Microsoft LifeChat
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6E5BC38E-F22B-4197-00A2-CD8E58EF139C}" = Fussball Manager 2004
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{726DBFE3-BE2B-4FFA-9787-D6495765CFD2}" = Microsoft LifeCam
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{934528B2-09B3-C6E5-288A-4E554E6DF2B9}" = ATI Catalyst Install Manager
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{96E94E18-54D6-42C1-8FC4-24DACEDC3395}" = Nokia NSeries System Utilities
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A8C856AD-63CD-4613-AA29-E6C85607EA06}" = Nokia Software Launcher
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}" = Activision(R)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier
"{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager
"{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlecraft 19422.1" = Battlecraft 1942
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BUDNI Fotowelt" = BUDNI Fotowelt
"Cradle of Rome" = Cradle of Rome (remove only)
"Diablo II" = Diablo II
"F1CB0AC2D40DDCFCA6933082B115073476C155DE" = Windows-Treiberpaket - Nokia Modem (08/03/2007 3.2)
"Google Updater" = Google Updater
"Hidden & Dangerous 2 Patch" = Hidden & Dangerous 2 Patch
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}" = Konz 2012
"InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}" = Ein Quantum Trost(TM)
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mafia Game" = Mafia Game
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"MDT" = Battlefield Mod Development Toolkit 2.0 Beta
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ModernRcon v0.8" = ModernRcon v0.8
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Photo Viewer_is1" = Photo Viewer 2.0.2.5
"Poker Superstars II" = Poker Superstars II (remove only)
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky [v1.0004]
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tobit ClipInc Server" = Tobit.Software ClipInc.
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.0
"Virtual Villagers" = Virtual Villagers (remove only)
"Xfire" = Xfire (remove only)
"Zoo Tycoon 2" = Zoo Tycoon 2
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:04 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 31.07.2013 10:35:05 | Computer Name = Schildi | Source = Windows Search Service | ID = 3013
Description = 
 
[ System Events ]
Error - 16.07.2013 09:33:45 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 16.07.2013 09:33:45 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 17.07.2013 09:49:25 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 17.07.2013 09:49:25 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 21.07.2013 04:33:35 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 21.07.2013 04:33:35 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 31.07.2013 09:24:52 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 31.07.2013 09:24:52 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 01.08.2013 08:25:04 | Computer Name = Schildi | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 01.08.2013 08:25:04 | Computer Name = Schildi | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >
         
--- --- ---

Alt 01.08.2013, 15:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.08.2013, 15:56   #3
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



danke für die schnelle antwort!

habe mit avira versucht einen scan zu machen. hat nach ca. 15 % jedoch gestoppt und nicht weitergescant.

hier die farbar`s scans (hoffe das sind die richtigen):

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-07-2013 04
Ran by Maddin at 2013-08-01 15:50:38
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activision(R) (Version: 1.00.0000)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 8.3.0 - Deutsch (Version: 8.3.0)
Adobe® Photoshop® Album Starter Edition 3.0 (Version: 3.00.000)
Anno 1701 - Der Fluch des Drachen (Version: 2.03)
Anno 1701 (Version: 1.00)
Ask Toolbar (Version: 1.12.5.0)
Assassin's Creed (Version: 1.02)
ATI Catalyst Install Manager (Version: 3.0.754.0)
Avira Free Antivirus (Version: 12.1.9.2400)
Battlecraft 1942
Battlefield 1942: The Road To Rome
Battlefield Mod Development Toolkit 2.0 Beta
Big Fish Games Center (remove only)
Big Fish Games Sudoku (remove only)
BUDNI Fotowelt (Version: 5.0.1)
Call of Duty(R) - World at War(TM) (Version: 1.0)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Command & Conquer Die ersten 10 Jahre (Version: 1.00.0000)
Cradle of Rome (remove only)
Diablo II
DivX Web Player (Version: 1.4.0)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Ein Quantum Trost(TM) (Version: 1.00.0000)
Far Cry (Patch 1.4) (Version: 1.00.0000)
Far Cry (Version: 1.00.0000)
FirstSteps Diagnostics (Version: 1.00)
Fussball Manager 2004
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Grand Theft Auto IV (Version: 1.0.0011.131)
Grand Theft Auto IV (Version: 1.0.0013.131)
Grand Theft Auto IV (Version: 1.00.0000)
Grand Theft Auto San Andreas (Version: 1.00.00001)
Grand Theft Auto Vice City (Version: 1.00.000)
Hidden & Dangerous 2  (Version: 1.00.0001)
Hidden & Dangerous 2 Patch
Hitman Blood Money (Version: 1.00.0000)
IronStorm (Version: 1.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 6 (Version: 1.6.0.60)
JavaFX 2.1.1 (Version: 2.1.1)
Kane and Lynch: Dead Men (Version: 1.00.0000)
Konz 2012 (Version: 1.00.0000)
Luxor Amun Rising (remove only)
Mafia Game
Mahjong Towers Eternity EU (remove only)
Medal of Honor Airborne (Version: 1.0.1.0)
Medal of Honor Allied Assault
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft LifeChat (Version: 1.30.196.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
ModernRcon v0.8
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Thunderbird 17.0 (x86 de) (Version: 17.0)
MSVC80_x86 (Version: 1.0.1.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files - Prime Suspects (remove only)
Nokia Connectivity Cable Driver (Version: 7.1.17.0)
Nokia Lifeblog 2.5 (Version: 2.5.224)
Nokia NSeries Application Installer (Version: 6.82.15)
Nokia NSeries Content Copier (Version: 6.82.15)
Nokia NSeries Multimedia Player (Version: 6.82.15)
Nokia NSeries Music Manager (Version: 6.82.15)
Nokia NSeries One Touch Access (Version: 6.82.15)
Nokia NSeries System Utilities (Version: 6.82.16)
Nokia Nseries Video Manager (Version: 1.1.9)
Nokia PC Suite (Version: 6.86.9.3)
Nokia Software Launcher (Version: 1.6.80)
Nokia Software Updater (Version: 01.07.003.39060)
NVIDIA Drivers
NVIDIA PhysX v8.09.04 (Version: 8.09.04)
OpenAL
PC Connectivity Solution (Version: 8.15.0.0)
Photo Viewer 2.0.2.5
Poker Superstars II (remove only)
Pro Evolution Soccer 2009 (Version: 1.10.0000)
Pro Evolution Soccer 2011 (Version: 1.03.0000)
Pro Evolution Soccer 2012 (Version: 1.00.0000)
Pro Evolution Soccer 6 (Version: 1.00.0000)
PunkBuster für Battlefield 1942
PunkBuster Services (Version: 0.986)
Realtek High Definition Audio Driver
S.T.A.L.K.E.R. - Clear Sky [v1.0004] (Version: 1.0004)
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Spybot - Search & Destroy (Version: 1.6.0)
Steam (Version: 1.0.0.0)
Steuer 2011 (Version: 19.00.7304)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
Tobit.Software ClipInc.
Tomb Raider: Anniversary 1.0
Tomb Raider: Underworld 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Virtual Villagers (remove only)
Web Assistant 2.0.0.604 (Version: 2.0.0.604)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows-Treiberpaket - Nokia Modem  (08/03/2007 3.2) (Version: 08/03/2007 3.2)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WORLD IN CONFLICT (Version: 1.0.0.0)
Xfire (remove only)
Zoo Tycoon 2 (Version: 1.0)
 

==================== Restore Points  =========================

30-04-2013 15:42:50 Windows Update
05-05-2013 15:02:25 Windows Update
10-05-2013 10:34:16 Windows Update
25-05-2013 11:34:16 Windows Update
25-05-2013 13:00:14 Windows Update
30-05-2013 14:51:53 Windows Update
04-06-2013 15:14:38 Windows Update
10-06-2013 17:44:17 Windows Update
12-06-2013 14:58:40 Windows Update
15-06-2013 12:18:57 Geplanter Prüfpunkt
18-06-2013 14:10:21 Windows Update
22-06-2013 10:43:00 Windows Update
29-06-2013 16:00:11 Windows Update
29-06-2013 16:06:10 Installed Java 7 Update 25
03-07-2013 13:38:04 Windows Update
04-07-2013 17:39:54 Geplanter Prüfpunkt
07-07-2013 15:33:55 Geplanter Prüfpunkt
13-07-2013 11:27:08 Windows Update
13-07-2013 13:00:32 Windows Update
16-07-2013 13:39:11 Windows Update
21-07-2013 08:41:16 Windows Update
31-07-2013 13:31:26 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02CD9845-F210-43BB-8C12-86D5998E6D65} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {191261FD-E565-45A6-B91E-30F13CB8C41A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-04] (Google)
Task: {1C82EA94-6313-4118-89FE-0991D6F59BF0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {23B1D120-11E6-4B1E-A626-86EF2C832342} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {2D5C814F-6DFE-4679-8F20-5D5BD505B9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5C5CF4C0-7D0B-4A80-A54F-11CC25956064} - System32\Tasks\LifeChatTask => c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21] (Microsoft Corporation)
Task: {6B5E694A-9307-4C41-9D7A-7E1143801ABD} - System32\Tasks\Microsoft\Windows\RestartManager\{989043AB-CF62-4e79-9C94-D5C12C2E1024} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {7CEEA9F7-63B6-438C-8038-3561A7707A3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {998C17FE-3A57-4B37-AC18-97BAAB678C1A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {A2FDE529-BC45-4E8F-924A-1BDFC97D2461} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {CBC24ADC-49ED-4BB4-876B-7E9263CF6942} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2007-04-10] (Microsoft Corporation)
Task: {DAF8155E-DB71-4286-A174-A2E4F62B349D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EC9C7005-3C4A-407E-A013-584F356C7803} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #11
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #29
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #40
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #88
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #105
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #116
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #123
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #134
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #5
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #22
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #50
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #66
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #122
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #134
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #170
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2013 04:35:05 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\GOOG-PHISH-SHAVAR-1.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\GOOG-PHISH-SHAVAR-1.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.PSET> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.PSET> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-MALWARE-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-MALWARE-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (08/01/2013 02:25:04 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/01/2013 02:25:04 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/31/2013 03:24:52 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/31/2013 03:24:52 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/21/2013 10:33:35 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/21/2013 10:33:35 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/17/2013 03:49:25 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/17/2013 03:49:25 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/16/2013 03:33:45 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/16/2013 03:33:45 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-07-24 17:57:27.748
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.592
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.436
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.327
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 84%
Total physical RAM: 2046.58 MB
Available physical RAM: 324.88 MB
Total Pagefile: 4338.2 MB
Available Pagefile: 2018.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.99 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:303.35 GB) (Free:171.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:150.69 GB) (Free:17.24 GB) NTFS
Drive e: (PES2012) (CDROM) (Total:6.33 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 6676021D)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=303 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=151 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04
Ran by Maddin (administrator) on 01-08-2013 15:50:17
Running from C:\Users\Maddin\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
({StringFileInfo_CompanyName}) C:\Program Files\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Windows\system32\PnkBstrA.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\system32\werfault.exe
(Mozilla Corporation) C:\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [ClipIncSrvTray] - "D:\Tobit ClipInc\Player\ClipIncTray.exe" [x]
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [279912 2007-05-17] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [709992 2007-04-10] (Microsoft Corporation)
HKLM\...\Run: [NSLauncher] - C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-23] (Adobe Systems Incorporated)
HKLM\...\Run: [LifeChat] - c:\Program Files\Microsoft LifeChat\LifeChat.exe [267296 2008-08-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-05-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [397992 2011-07-27] ({StringFileInfo_CompanyName})
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-08-12] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
MountPoints2: {ea2200f6-8a17-11dc-b94d-806e6f6e6963} - E:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default
FF user.js: detected! => C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\user.js
FF Homepage: hxxp://www.bild.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DOM Inspector - C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org
FF Extension: Talkback - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
FF Extension: Firefox (default) - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox\firefox.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 ClipInc001; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc002; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc003; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-11-24] ()
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] ()
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2008-09-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-09-16] (Avira GmbH)
S3 ddxgb; C:\Users\Maddin\AppData\Local\Temp\ddxgb.sys [31744 2012-01-18] ()
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2008-09-17] ()
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [136704 2009-03-19] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8320 2009-03-19] (Nokia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-01 15:47 - 2013-08-01 15:50 - 00026807 _____ C:\Users\Maddin\Downloads\Addition.txt
2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:45 - 2013-08-01 15:46 - 01222064 _____ (Farbar) C:\Users\Maddin\Downloads\FRST.exe
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-13 15:09 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:09 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:09 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-13 15:09 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:09 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-13 15:09 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:09 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-13 15:09 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:09 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-13 15:09 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 13:29 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-13 13:27 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 13:27 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 13:27 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-13 13:27 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-13 13:27 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-13 13:27 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

==================== One Month Modified Files and Folders =======

2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:46 - 2013-08-01 15:45 - 01222064 _____ (Farbar) C:\Users\Maddin\Downloads\FRST.exe
2013-08-01 15:39 - 2007-11-03 16:24 - 01391738 _____ C:\Windows\WindowsUpdate.log
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
2013-08-01 14:56 - 2010-01-07 15:07 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-08-01 14:23 - 2010-01-07 15:07 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 14:23 - 2008-01-16 17:36 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-01 14:23 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 14:23 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 14:23 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-31 20:25 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-31 16:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2013-07-31 15:24 - 2012-08-31 18:52 - 00000000 ____D C:\Program Files\Web Assistant
2013-07-21 11:26 - 2009-03-25 21:47 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-07-15 17:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-15 17:14 - 2006-11-02 14:47 - 00271040 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-15 17:11 - 2012-07-24 20:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 15:20 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-13 15:18 - 2006-11-02 12:33 - 01467644 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 15:11 - 2007-10-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-13 15:11 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-13 15:01 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-04 16:28 - 2007-10-19 16:56 - 00000000 ____D C:\Programme

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 14:30

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-07-2013 04
Ran by Maddin at 2013-08-01 15:50:00
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activision(R) (Version: 1.00.0000)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 8.3.0 - Deutsch (Version: 8.3.0)
Adobe® Photoshop® Album Starter Edition 3.0 (Version: 3.00.000)
Anno 1701 - Der Fluch des Drachen (Version: 2.03)
Anno 1701 (Version: 1.00)
Ask Toolbar (Version: 1.12.5.0)
Assassin's Creed (Version: 1.02)
ATI Catalyst Install Manager (Version: 3.0.754.0)
Avira Free Antivirus (Version: 12.1.9.2400)
Battlecraft 1942
Battlefield 1942: The Road To Rome
Battlefield Mod Development Toolkit 2.0 Beta
Big Fish Games Center (remove only)
Big Fish Games Sudoku (remove only)
BUDNI Fotowelt (Version: 5.0.1)
Call of Duty(R) - World at War(TM) (Version: 1.0)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Command & Conquer Die ersten 10 Jahre (Version: 1.00.0000)
Cradle of Rome (remove only)
Diablo II
DivX Web Player (Version: 1.4.0)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Ein Quantum Trost(TM) (Version: 1.00.0000)
Far Cry (Patch 1.4) (Version: 1.00.0000)
Far Cry (Version: 1.00.0000)
FirstSteps Diagnostics (Version: 1.00)
Fussball Manager 2004
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Grand Theft Auto IV (Version: 1.0.0011.131)
Grand Theft Auto IV (Version: 1.0.0013.131)
Grand Theft Auto IV (Version: 1.00.0000)
Grand Theft Auto San Andreas (Version: 1.00.00001)
Grand Theft Auto Vice City (Version: 1.00.000)
Hidden & Dangerous 2  (Version: 1.00.0001)
Hidden & Dangerous 2 Patch
Hitman Blood Money (Version: 1.00.0000)
IronStorm (Version: 1.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 6 (Version: 1.6.0.60)
JavaFX 2.1.1 (Version: 2.1.1)
Kane and Lynch: Dead Men (Version: 1.00.0000)
Konz 2012 (Version: 1.00.0000)
Luxor Amun Rising (remove only)
Mafia Game
Mahjong Towers Eternity EU (remove only)
Medal of Honor Airborne (Version: 1.0.1.0)
Medal of Honor Allied Assault
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft LifeChat (Version: 1.30.196.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
ModernRcon v0.8
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Thunderbird 17.0 (x86 de) (Version: 17.0)
MSVC80_x86 (Version: 1.0.1.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files - Prime Suspects (remove only)
Nokia Connectivity Cable Driver (Version: 7.1.17.0)
Nokia Lifeblog 2.5 (Version: 2.5.224)
Nokia NSeries Application Installer (Version: 6.82.15)
Nokia NSeries Content Copier (Version: 6.82.15)
Nokia NSeries Multimedia Player (Version: 6.82.15)
Nokia NSeries Music Manager (Version: 6.82.15)
Nokia NSeries One Touch Access (Version: 6.82.15)
Nokia NSeries System Utilities (Version: 6.82.16)
Nokia Nseries Video Manager (Version: 1.1.9)
Nokia PC Suite (Version: 6.86.9.3)
Nokia Software Launcher (Version: 1.6.80)
Nokia Software Updater (Version: 01.07.003.39060)
NVIDIA Drivers
NVIDIA PhysX v8.09.04 (Version: 8.09.04)
OpenAL
PC Connectivity Solution (Version: 8.15.0.0)
Photo Viewer 2.0.2.5
Poker Superstars II (remove only)
Pro Evolution Soccer 2009 (Version: 1.10.0000)
Pro Evolution Soccer 2011 (Version: 1.03.0000)
Pro Evolution Soccer 2012 (Version: 1.00.0000)
Pro Evolution Soccer 6 (Version: 1.00.0000)
PunkBuster für Battlefield 1942
PunkBuster Services (Version: 0.986)
Realtek High Definition Audio Driver
S.T.A.L.K.E.R. - Clear Sky [v1.0004] (Version: 1.0004)
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Spybot - Search & Destroy (Version: 1.6.0)
Steam (Version: 1.0.0.0)
Steuer 2011 (Version: 19.00.7304)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
Tobit.Software ClipInc.
Tomb Raider: Anniversary 1.0
Tomb Raider: Underworld 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Virtual Villagers (remove only)
Web Assistant 2.0.0.604 (Version: 2.0.0.604)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows-Treiberpaket - Nokia Modem  (08/03/2007 3.2) (Version: 08/03/2007 3.2)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WORLD IN CONFLICT (Version: 1.0.0.0)
Xfire (remove only)
Zoo Tycoon 2 (Version: 1.0)
 

==================== Restore Points  =========================

30-04-2013 15:42:50 Windows Update
05-05-2013 15:02:25 Windows Update
10-05-2013 10:34:16 Windows Update
25-05-2013 11:34:16 Windows Update
25-05-2013 13:00:14 Windows Update
30-05-2013 14:51:53 Windows Update
04-06-2013 15:14:38 Windows Update
10-06-2013 17:44:17 Windows Update
12-06-2013 14:58:40 Windows Update
15-06-2013 12:18:57 Geplanter Prüfpunkt
18-06-2013 14:10:21 Windows Update
22-06-2013 10:43:00 Windows Update
29-06-2013 16:00:11 Windows Update
29-06-2013 16:06:10 Installed Java 7 Update 25
03-07-2013 13:38:04 Windows Update
04-07-2013 17:39:54 Geplanter Prüfpunkt
07-07-2013 15:33:55 Geplanter Prüfpunkt
13-07-2013 11:27:08 Windows Update
13-07-2013 13:00:32 Windows Update
16-07-2013 13:39:11 Windows Update
21-07-2013 08:41:16 Windows Update
31-07-2013 13:31:26 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02CD9845-F210-43BB-8C12-86D5998E6D65} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {191261FD-E565-45A6-B91E-30F13CB8C41A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-04] (Google)
Task: {1C82EA94-6313-4118-89FE-0991D6F59BF0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {23B1D120-11E6-4B1E-A626-86EF2C832342} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {2D5C814F-6DFE-4679-8F20-5D5BD505B9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5C5CF4C0-7D0B-4A80-A54F-11CC25956064} - System32\Tasks\LifeChatTask => c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21] (Microsoft Corporation)
Task: {6B5E694A-9307-4C41-9D7A-7E1143801ABD} - System32\Tasks\Microsoft\Windows\RestartManager\{989043AB-CF62-4e79-9C94-D5C12C2E1024} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {7CEEA9F7-63B6-438C-8038-3561A7707A3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {998C17FE-3A57-4B37-AC18-97BAAB678C1A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {A2FDE529-BC45-4E8F-924A-1BDFC97D2461} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {CBC24ADC-49ED-4BB4-876B-7E9263CF6942} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2007-04-10] (Microsoft Corporation)
Task: {DAF8155E-DB71-4286-A174-A2E4F62B349D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EC9C7005-3C4A-407E-A013-584F356C7803} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #11
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #29
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #40
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #88
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #105
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #116
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #123
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #134
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #5
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #22
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #50
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #66
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #122
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #134
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #170
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2013 04:35:05 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\GOOG-PHISH-SHAVAR-1.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\GOOG-PHISH-SHAVAR-1.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.PSET> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.PSET> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-MALWARE-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-MALWARE-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (08/01/2013 02:25:04 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/01/2013 02:25:04 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/31/2013 03:24:52 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/31/2013 03:24:52 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/21/2013 10:33:35 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/21/2013 10:33:35 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/17/2013 03:49:25 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/17/2013 03:49:25 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/16/2013 03:33:45 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/16/2013 03:33:45 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-07-24 17:57:27.748
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.592
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.436
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.327
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 80%
Total physical RAM: 2046.58 MB
Available physical RAM: 391.85 MB
Total Pagefile: 4338.2 MB
Available Pagefile: 2103.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.99 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:303.35 GB) (Free:171.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:150.69 GB) (Free:17.24 GB) NTFS
Drive e: (PES2012) (CDROM) (Total:6.33 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 6676021D)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=303 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=151 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04
Ran by Maddin (administrator) on 01-08-2013 15:49:39
Running from C:\Users\Maddin\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
({StringFileInfo_CompanyName}) C:\Program Files\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Windows\system32\PnkBstrA.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\system32\werfault.exe
(Mozilla Corporation) C:\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [ClipIncSrvTray] - "D:\Tobit ClipInc\Player\ClipIncTray.exe" [x]
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [279912 2007-05-17] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [709992 2007-04-10] (Microsoft Corporation)
HKLM\...\Run: [NSLauncher] - C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-23] (Adobe Systems Incorporated)
HKLM\...\Run: [LifeChat] - c:\Program Files\Microsoft LifeChat\LifeChat.exe [267296 2008-08-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-05-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [397992 2011-07-27] ({StringFileInfo_CompanyName})
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-08-12] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
MountPoints2: {ea2200f6-8a17-11dc-b94d-806e6f6e6963} - E:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default
FF user.js: detected! => C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\user.js
FF Homepage: hxxp://www.bild.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DOM Inspector - C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org
FF Extension: Talkback - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
FF Extension: Firefox (default) - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox\firefox.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 ClipInc001; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc002; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc003; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-11-24] ()
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] ()
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2008-09-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-09-16] (Avira GmbH)
S3 ddxgb; C:\Users\Maddin\AppData\Local\Temp\ddxgb.sys [31744 2012-01-18] ()
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2008-09-17] ()
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [136704 2009-03-19] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8320 2009-03-19] (Nokia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-01 15:47 - 2013-08-01 15:49 - 00026807 _____ C:\Users\Maddin\Downloads\Addition.txt
2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:45 - 2013-08-01 15:46 - 01222064 _____ (Farbar) C:\Users\Maddin\Downloads\FRST.exe
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-13 15:09 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:09 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:09 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-13 15:09 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:09 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-13 15:09 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:09 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-13 15:09 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:09 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-13 15:09 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 13:29 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-13 13:27 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 13:27 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 13:27 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-13 13:27 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-13 13:27 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-13 13:27 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

==================== One Month Modified Files and Folders =======

2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:46 - 2013-08-01 15:45 - 01222064 _____ (Farbar) C:\Users\Maddin\Downloads\FRST.exe
2013-08-01 15:39 - 2007-11-03 16:24 - 01391738 _____ C:\Windows\WindowsUpdate.log
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
2013-08-01 14:56 - 2010-01-07 15:07 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-08-01 14:23 - 2010-01-07 15:07 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 14:23 - 2008-01-16 17:36 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-01 14:23 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 14:23 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 14:23 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-31 20:25 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-31 16:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2013-07-31 15:24 - 2012-08-31 18:52 - 00000000 ____D C:\Program Files\Web Assistant
2013-07-21 11:26 - 2009-03-25 21:47 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-07-15 17:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-15 17:14 - 2006-11-02 14:47 - 00271040 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-15 17:11 - 2012-07-24 20:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 15:20 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-13 15:18 - 2006-11-02 12:33 - 01467644 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 15:11 - 2007-10-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-13 15:11 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-13 15:01 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-04 16:28 - 2007-10-19 16:56 - 00000000 ____D C:\Programme

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 14:30

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 01.08.2013, 15:57   #4
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-07-2013 04
Ran by Maddin at 2013-08-01 15:47:56
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activision(R) (Version: 1.00.0000)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 8.3.0 - Deutsch (Version: 8.3.0)
Adobe® Photoshop® Album Starter Edition 3.0 (Version: 3.00.000)
Anno 1701 - Der Fluch des Drachen (Version: 2.03)
Anno 1701 (Version: 1.00)
Ask Toolbar (Version: 1.12.5.0)
Assassin's Creed (Version: 1.02)
ATI Catalyst Install Manager (Version: 3.0.754.0)
Avira Free Antivirus (Version: 12.1.9.2400)
Battlecraft 1942
Battlefield 1942: The Road To Rome
Battlefield Mod Development Toolkit 2.0 Beta
Big Fish Games Center (remove only)
Big Fish Games Sudoku (remove only)
BUDNI Fotowelt (Version: 5.0.1)
Call of Duty(R) - World at War(TM) (Version: 1.0)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Command & Conquer Die ersten 10 Jahre (Version: 1.00.0000)
Cradle of Rome (remove only)
Diablo II
DivX Web Player (Version: 1.4.0)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Ein Quantum Trost(TM) (Version: 1.00.0000)
Far Cry (Patch 1.4) (Version: 1.00.0000)
Far Cry (Version: 1.00.0000)
FirstSteps Diagnostics (Version: 1.00)
Fussball Manager 2004
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Grand Theft Auto IV (Version: 1.0.0011.131)
Grand Theft Auto IV (Version: 1.0.0013.131)
Grand Theft Auto IV (Version: 1.00.0000)
Grand Theft Auto San Andreas (Version: 1.00.00001)
Grand Theft Auto Vice City (Version: 1.00.000)
Hidden & Dangerous 2  (Version: 1.00.0001)
Hidden & Dangerous 2 Patch
Hitman Blood Money (Version: 1.00.0000)
IronStorm (Version: 1.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 6 (Version: 1.6.0.60)
JavaFX 2.1.1 (Version: 2.1.1)
Kane and Lynch: Dead Men (Version: 1.00.0000)
Konz 2012 (Version: 1.00.0000)
Luxor Amun Rising (remove only)
Mafia Game
Mahjong Towers Eternity EU (remove only)
Medal of Honor Airborne (Version: 1.0.1.0)
Medal of Honor Allied Assault
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft LifeChat (Version: 1.30.196.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
ModernRcon v0.8
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Thunderbird 17.0 (x86 de) (Version: 17.0)
MSVC80_x86 (Version: 1.0.1.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files - Prime Suspects (remove only)
Nokia Connectivity Cable Driver (Version: 7.1.17.0)
Nokia Lifeblog 2.5 (Version: 2.5.224)
Nokia NSeries Application Installer (Version: 6.82.15)
Nokia NSeries Content Copier (Version: 6.82.15)
Nokia NSeries Multimedia Player (Version: 6.82.15)
Nokia NSeries Music Manager (Version: 6.82.15)
Nokia NSeries One Touch Access (Version: 6.82.15)
Nokia NSeries System Utilities (Version: 6.82.16)
Nokia Nseries Video Manager (Version: 1.1.9)
Nokia PC Suite (Version: 6.86.9.3)
Nokia Software Launcher (Version: 1.6.80)
Nokia Software Updater (Version: 01.07.003.39060)
NVIDIA Drivers
NVIDIA PhysX v8.09.04 (Version: 8.09.04)
OpenAL
PC Connectivity Solution (Version: 8.15.0.0)
Photo Viewer 2.0.2.5
Poker Superstars II (remove only)
Pro Evolution Soccer 2009 (Version: 1.10.0000)
Pro Evolution Soccer 2011 (Version: 1.03.0000)
Pro Evolution Soccer 2012 (Version: 1.00.0000)
Pro Evolution Soccer 6 (Version: 1.00.0000)
PunkBuster für Battlefield 1942
PunkBuster Services (Version: 0.986)
Realtek High Definition Audio Driver
S.T.A.L.K.E.R. - Clear Sky [v1.0004] (Version: 1.0004)
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Spybot - Search & Destroy (Version: 1.6.0)
Steam (Version: 1.0.0.0)
Steuer 2011 (Version: 19.00.7304)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
Tobit.Software ClipInc.
Tomb Raider: Anniversary 1.0
Tomb Raider: Underworld 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Virtual Villagers (remove only)
Web Assistant 2.0.0.604 (Version: 2.0.0.604)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows-Treiberpaket - Nokia Modem  (08/03/2007 3.2) (Version: 08/03/2007 3.2)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WORLD IN CONFLICT (Version: 1.0.0.0)
Xfire (remove only)
Zoo Tycoon 2 (Version: 1.0)
 

==================== Restore Points  =========================

30-04-2013 15:42:50 Windows Update
05-05-2013 15:02:25 Windows Update
10-05-2013 10:34:16 Windows Update
25-05-2013 11:34:16 Windows Update
25-05-2013 13:00:14 Windows Update
30-05-2013 14:51:53 Windows Update
04-06-2013 15:14:38 Windows Update
10-06-2013 17:44:17 Windows Update
12-06-2013 14:58:40 Windows Update
15-06-2013 12:18:57 Geplanter Prüfpunkt
18-06-2013 14:10:21 Windows Update
22-06-2013 10:43:00 Windows Update
29-06-2013 16:00:11 Windows Update
29-06-2013 16:06:10 Installed Java 7 Update 25
03-07-2013 13:38:04 Windows Update
04-07-2013 17:39:54 Geplanter Prüfpunkt
07-07-2013 15:33:55 Geplanter Prüfpunkt
13-07-2013 11:27:08 Windows Update
13-07-2013 13:00:32 Windows Update
16-07-2013 13:39:11 Windows Update
21-07-2013 08:41:16 Windows Update
31-07-2013 13:31:26 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02CD9845-F210-43BB-8C12-86D5998E6D65} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {191261FD-E565-45A6-B91E-30F13CB8C41A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-04] (Google)
Task: {1C82EA94-6313-4118-89FE-0991D6F59BF0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {23B1D120-11E6-4B1E-A626-86EF2C832342} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {2D5C814F-6DFE-4679-8F20-5D5BD505B9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5C5CF4C0-7D0B-4A80-A54F-11CC25956064} - System32\Tasks\LifeChatTask => c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21] (Microsoft Corporation)
Task: {6B5E694A-9307-4C41-9D7A-7E1143801ABD} - System32\Tasks\Microsoft\Windows\RestartManager\{989043AB-CF62-4e79-9C94-D5C12C2E1024} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {7CEEA9F7-63B6-438C-8038-3561A7707A3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {998C17FE-3A57-4B37-AC18-97BAAB678C1A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {A2FDE529-BC45-4E8F-924A-1BDFC97D2461} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {CBC24ADC-49ED-4BB4-876B-7E9263CF6942} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2007-04-10] (Microsoft Corporation)
Task: {DAF8155E-DB71-4286-A174-A2E4F62B349D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EC9C7005-3C4A-407E-A013-584F356C7803} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #11
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #29
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #40
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #88
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #105
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #116
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #123
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #134
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #5
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #22
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #50
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #66
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #122
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #134
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #170
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2013 04:35:05 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\GOOG-PHISH-SHAVAR-1.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\GOOG-PHISH-SHAVAR-1.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.PSET> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.PSET> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-PHISH-SIMPLE.CACHE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-MALWARE-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/31/2013 04:35:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MADDIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6C21KH5D.DEFAULT\SAFEBROWSING\TEST-MALWARE-SIMPLE.SBSTORE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (08/01/2013 02:25:04 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/01/2013 02:25:04 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/31/2013 03:24:52 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/31/2013 03:24:52 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/21/2013 10:33:35 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/21/2013 10:33:35 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/17/2013 03:49:25 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/17/2013 03:49:25 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058

Error: (07/16/2013 03:33:45 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (07/16/2013 03:33:45 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-07-24 17:57:27.748
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.592
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.436
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.327
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 83%
Total physical RAM: 2046.58 MB
Available physical RAM: 343.79 MB
Total Pagefile: 4338.2 MB
Available Pagefile: 2070.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.99 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:303.35 GB) (Free:171.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:150.69 GB) (Free:17.24 GB) NTFS
Drive e: (PES2012) (CDROM) (Total:6.33 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 6676021D)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=303 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=151 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04
Ran by Maddin (administrator) on 01-08-2013 15:47:20
Running from C:\Users\Maddin\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
({StringFileInfo_CompanyName}) C:\Program Files\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Windows\system32\PnkBstrA.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\system32\werfault.exe
(Mozilla Corporation) C:\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [ClipIncSrvTray] - "D:\Tobit ClipInc\Player\ClipIncTray.exe" [x]
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [279912 2007-05-17] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [709992 2007-04-10] (Microsoft Corporation)
HKLM\...\Run: [NSLauncher] - C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-23] (Adobe Systems Incorporated)
HKLM\...\Run: [LifeChat] - c:\Program Files\Microsoft LifeChat\LifeChat.exe [267296 2008-08-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-05-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [397992 2011-07-27] ({StringFileInfo_CompanyName})
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-08-12] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
MountPoints2: {ea2200f6-8a17-11dc-b94d-806e6f6e6963} - E:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8DLB51Zt&i=26
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default
FF user.js: detected! => C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\user.js
FF Homepage: hxxp://www.bild.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DOM Inspector - C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org
FF Extension: Talkback - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
FF Extension: Firefox (default) - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox\firefox.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 ClipInc001; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc002; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc003; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-11-24] ()
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] ()
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2008-09-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-09-16] (Avira GmbH)
S3 ddxgb; C:\Users\Maddin\AppData\Local\Temp\ddxgb.sys [31744 2012-01-18] ()
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2008-09-17] ()
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [136704 2009-03-19] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8320 2009-03-19] (Nokia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:45 - 2013-08-01 15:46 - 01222064 _____ (Farbar) C:\Users\Maddin\Downloads\FRST.exe
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-13 15:09 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:09 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:09 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-13 15:09 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:09 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-13 15:09 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:09 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-13 15:09 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:09 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-13 15:09 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 13:29 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-13 13:27 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 13:27 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 13:27 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-13 13:27 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-13 13:27 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-13 13:27 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

==================== One Month Modified Files and Folders =======

2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:46 - 2013-08-01 15:45 - 01222064 _____ (Farbar) C:\Users\Maddin\Downloads\FRST.exe
2013-08-01 15:26 - 2007-11-03 16:24 - 01391738 _____ C:\Windows\WindowsUpdate.log
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\OTL.exe
2013-08-01 14:56 - 2010-01-07 15:07 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-08-01 14:23 - 2010-01-07 15:07 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 14:23 - 2008-01-16 17:36 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-01 14:23 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 14:23 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 14:23 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-31 20:25 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-31 16:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2013-07-31 15:24 - 2012-08-31 18:52 - 00000000 ____D C:\Program Files\Web Assistant
2013-07-21 11:26 - 2009-03-25 21:47 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-07-15 17:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-15 17:14 - 2006-11-02 14:47 - 00271040 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-15 17:11 - 2012-07-24 20:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 15:20 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-13 15:18 - 2006-11-02 12:33 - 01467644 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 15:11 - 2007-10-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-13 15:11 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-13 15:01 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-04 16:28 - 2007-10-19 16:56 - 00000000 ____D C:\Programme

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 14:30

==================== End Of Log ============================
         
--- --- ---

Alt 01.08.2013, 16:04   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



Zitat:
habe mit avira versucht einen scan zu machen. hat nach ca. 15 % jedoch gestoppt und nicht weitergescant.
Wann hast du das versucht?
Schau nach ob Logs existieren:


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.08.2013, 16:11   #6
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



kurz bevor ich mich verzweifelt an euch gewendet habe.

es wurden keine logs bei avira gefunden

Alt 01.08.2013, 16:22   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Danach eine Kontrolle mit Farbars Tool bitte:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.08.2013, 17:05   #8
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



beim Junkware Removal Tool stand gerade " nicht genügend systemreessourcen" und es hat sich dann selbst beendet

jetzt hats funktioniert :

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Maddin on 01.08.2013 at 16:49:03,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.08.2013 at 16:51:00,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 01/08/2013 um 16:54:26 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Maddin - SCHILDI
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Maddin\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Web Assistant

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\searchplugins\MyStart Search.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\Maddin\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Maddin\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\prefs.js

C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\user.js ... Gelöscht !
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04
Ran by Maddin (administrator) on 01-08-2013 17:02:53
Running from C:\Users\Maddin\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
() D:\Tobit ClipInc\Server\ClipInc-Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Windows\system32\PnkBstrA.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [ClipIncSrvTray] - "D:\Tobit ClipInc\Player\ClipIncTray.exe" [x]
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [279912 2007-05-17] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [709992 2007-04-10] (Microsoft Corporation)
HKLM\...\Run: [NSLauncher] - C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-23] (Adobe Systems Incorporated)
HKLM\...\Run: [LifeChat] - c:\Program Files\Microsoft LifeChat\LifeChat.exe [267296 2008-08-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-05-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-08-12] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
MountPoints2: {ea2200f6-8a17-11dc-b94d-806e6f6e6963} - E:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldde-de.cab
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default
FF Homepage: hxxp://www.bild.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Maddin\AppData\Roaming\Mozilla\Firefox\Profiles\6c21kh5d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DOM Inspector - C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org
FF Extension: Talkback - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
FF Extension: Firefox (default) - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Web Assistant\Firefox
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox\firefox.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 ClipInc001; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc002; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 ClipInc003; D:\Tobit ClipInc\Server\ClipInc-Server.exe [1064960 2007-12-20] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-11-24] ()
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2008-09-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-09-16] (Avira GmbH)
S3 ddxgb; C:\Users\Maddin\AppData\Local\Temp\ddxgb.sys [31744 2012-01-18] ()
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2008-09-17] ()
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [136704 2009-03-19] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8320 2009-03-19] (Nokia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-01 16:54 - 2013-08-01 16:55 - 00013241 _____ C:\AdwCleaner[S1].txt
2013-08-01 16:53 - 2013-08-01 16:53 - 00666633 _____ C:\Users\Maddin\Desktop\adwcleaner.exe
2013-08-01 16:51 - 2013-08-01 16:51 - 00000952 _____ C:\Users\Maddin\Desktop\JRT.txt
2013-08-01 16:27 - 2013-08-01 16:27 - 00000000 ____D C:\Windows\ERUNT
2013-08-01 16:25 - 2013-08-01 16:25 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Maddin\Desktop\JRT.exe
2013-08-01 16:21 - 2013-08-01 16:21 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-01 16:20 - 2013-08-01 16:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-01 15:53 - 2013-08-01 16:20 - 00000000 ____D C:\Mozilla Thunderbird
2013-08-01 15:50 - 2013-08-01 15:50 - 00023520 _____ C:\Users\Maddin\Downloads\FRST.txt
2013-08-01 15:47 - 2013-08-01 15:50 - 00026807 _____ C:\Users\Maddin\Downloads\Addition.txt
2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:45 - 2013-08-01 15:46 - 01222064 _____ (Farbar) C:\Users\Maddin\Desktop\FRST.exe
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Desktop\OTL.exe
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Desktop\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-13 15:09 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 15:09 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 15:09 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-13 15:09 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 15:09 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 15:09 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-13 15:09 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 15:09 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-13 15:09 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 15:09 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 15:09 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 15:09 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-13 15:09 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 13:29 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-13 13:27 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 13:27 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 13:27 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-13 13:27 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-13 13:27 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-13 13:27 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-13 13:27 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 13:27 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

==================== One Month Modified Files and Folders =======

2013-08-01 16:57 - 2010-01-07 15:07 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 16:57 - 2008-01-16 17:36 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-01 16:57 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 16:57 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 16:57 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-01 16:56 - 2007-11-03 16:24 - 01400661 _____ C:\Windows\WindowsUpdate.log
2013-08-01 16:56 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-01 16:55 - 2013-08-01 16:54 - 00013241 _____ C:\AdwCleaner[S1].txt
2013-08-01 16:55 - 2010-01-07 15:07 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 16:53 - 2013-08-01 16:53 - 00666633 _____ C:\Users\Maddin\Desktop\adwcleaner.exe
2013-08-01 16:51 - 2013-08-01 16:51 - 00000952 _____ C:\Users\Maddin\Desktop\JRT.txt
2013-08-01 16:27 - 2013-08-01 16:27 - 00000000 ____D C:\Windows\ERUNT
2013-08-01 16:25 - 2013-08-01 16:25 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Maddin\Desktop\JRT.exe
2013-08-01 16:21 - 2013-08-01 16:21 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-01 16:21 - 2013-08-01 16:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-01 16:20 - 2013-08-01 15:53 - 00000000 ____D C:\Mozilla Thunderbird
2013-08-01 15:50 - 2013-08-01 15:50 - 00023520 _____ C:\Users\Maddin\Downloads\FRST.txt
2013-08-01 15:50 - 2013-08-01 15:47 - 00026807 _____ C:\Users\Maddin\Downloads\Addition.txt
2013-08-01 15:46 - 2013-08-01 15:46 - 00000000 ____D C:\FRST
2013-08-01 15:46 - 2013-08-01 15:45 - 01222064 _____ (Farbar) C:\Users\Maddin\Desktop\FRST.exe
2013-08-01 15:12 - 2013-08-01 15:12 - 00073906 _____ C:\Users\Maddin\Downloads\Extras.Txt
2013-08-01 15:10 - 2013-08-01 15:10 - 00055676 _____ C:\Users\Maddin\Downloads\OTL.Txt
2013-08-01 15:01 - 2013-08-01 15:01 - 00602112 _____ (OldTimer Tools) C:\Users\Maddin\Desktop\OTL.exe
2013-08-01 14:41 - 2013-08-01 14:41 - 01067456 _____ (Solid State Networks) C:\Users\Maddin\Desktop\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-31 16:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2013-07-21 11:26 - 2009-03-25 21:47 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-07-15 17:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-15 17:14 - 2006-11-02 14:47 - 00271040 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-15 17:11 - 2012-07-24 20:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 15:20 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-13 15:18 - 2006-11-02 12:33 - 01467644 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 15:11 - 2007-10-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-13 15:11 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-13 15:01 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-04 16:28 - 2007-10-19 16:56 - 00000000 ____D C:\Programme

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 17:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-07-2013 04
Ran by Maddin at 2013-08-01 17:03:31
Running from C:\Users\Maddin\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activision(R) (Version: 1.00.0000)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 8.3.0 - Deutsch (Version: 8.3.0)
Adobe® Photoshop® Album Starter Edition 3.0 (Version: 3.00.000)
Anno 1701 - Der Fluch des Drachen (Version: 2.03)
Anno 1701 (Version: 1.00)
Assassin's Creed (Version: 1.02)
ATI Catalyst Install Manager (Version: 3.0.754.0)
Avira Free Antivirus (Version: 12.1.9.2400)
Battlecraft 1942
Battlefield 1942: The Road To Rome
Battlefield Mod Development Toolkit 2.0 Beta
Big Fish Games Center (remove only)
Big Fish Games Sudoku (remove only)
BUDNI Fotowelt (Version: 5.0.1)
Call of Duty(R) - World at War(TM) (Version: 1.0)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: 1.7)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Command & Conquer Die ersten 10 Jahre (Version: 1.00.0000)
Cradle of Rome (remove only)
Diablo II
DivX Web Player (Version: 1.4.0)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Ein Quantum Trost(TM) (Version: 1.00.0000)
Far Cry (Patch 1.4) (Version: 1.00.0000)
Far Cry (Version: 1.00.0000)
FirstSteps Diagnostics (Version: 1.00)
Fussball Manager 2004
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Grand Theft Auto IV (Version: 1.0.0011.131)
Grand Theft Auto IV (Version: 1.0.0013.131)
Grand Theft Auto IV (Version: 1.00.0000)
Grand Theft Auto San Andreas (Version: 1.00.00001)
Grand Theft Auto Vice City (Version: 1.00.000)
Hidden & Dangerous 2  (Version: 1.00.0001)
Hidden & Dangerous 2 Patch
Hitman Blood Money (Version: 1.00.0000)
IronStorm (Version: 1.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 6 (Version: 1.6.0.60)
JavaFX 2.1.1 (Version: 2.1.1)
Kane and Lynch: Dead Men (Version: 1.00.0000)
Konz 2012 (Version: 1.00.0000)
Luxor Amun Rising (remove only)
Mafia Game
Mahjong Towers Eternity EU (remove only)
Medal of Honor Airborne (Version: 1.0.1.0)
Medal of Honor Allied Assault
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft LifeChat (Version: 1.30.196.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
ModernRcon v0.8
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 17.0.4)
Mozilla Thunderbird 17.0.4 (x86 de) (Version: 17.0.4)
MSVC80_x86 (Version: 1.0.1.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files - Prime Suspects (remove only)
Nokia Connectivity Cable Driver (Version: 7.1.17.0)
Nokia Lifeblog 2.5 (Version: 2.5.224)
Nokia NSeries Application Installer (Version: 6.82.15)
Nokia NSeries Content Copier (Version: 6.82.15)
Nokia NSeries Multimedia Player (Version: 6.82.15)
Nokia NSeries Music Manager (Version: 6.82.15)
Nokia NSeries One Touch Access (Version: 6.82.15)
Nokia NSeries System Utilities (Version: 6.82.16)
Nokia Nseries Video Manager (Version: 1.1.9)
Nokia PC Suite (Version: 6.86.9.3)
Nokia Software Launcher (Version: 1.6.80)
Nokia Software Updater (Version: 01.07.003.39060)
NVIDIA Drivers
NVIDIA PhysX v8.09.04 (Version: 8.09.04)
OpenAL
PC Connectivity Solution (Version: 8.15.0.0)
Photo Viewer 2.0.2.5
Poker Superstars II (remove only)
Pro Evolution Soccer 2009 (Version: 1.10.0000)
Pro Evolution Soccer 2011 (Version: 1.03.0000)
Pro Evolution Soccer 2012 (Version: 1.00.0000)
Pro Evolution Soccer 6 (Version: 1.00.0000)
PunkBuster für Battlefield 1942
PunkBuster Services (Version: 0.986)
Realtek High Definition Audio Driver
S.T.A.L.K.E.R. - Clear Sky [v1.0004] (Version: 1.0004)
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Spybot - Search & Destroy (Version: 1.6.0)
Steam (Version: 1.0.0.0)
Steuer 2011 (Version: 19.00.7304)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
Tobit.Software ClipInc.
Tomb Raider: Anniversary 1.0
Tomb Raider: Underworld 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Virtual Villagers (remove only)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows-Treiberpaket - Nokia Modem  (08/03/2007 3.2) (Version: 08/03/2007 3.2)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WORLD IN CONFLICT (Version: 1.0.0.0)
Xfire (remove only)
Zoo Tycoon 2 (Version: 1.0)
 

==================== Restore Points  =========================

30-04-2013 15:42:50 Windows Update
05-05-2013 15:02:25 Windows Update
10-05-2013 10:34:16 Windows Update
25-05-2013 11:34:16 Windows Update
25-05-2013 13:00:14 Windows Update
30-05-2013 14:51:53 Windows Update
04-06-2013 15:14:38 Windows Update
10-06-2013 17:44:17 Windows Update
12-06-2013 14:58:40 Windows Update
15-06-2013 12:18:57 Geplanter Prüfpunkt
18-06-2013 14:10:21 Windows Update
22-06-2013 10:43:00 Windows Update
29-06-2013 16:00:11 Windows Update
29-06-2013 16:06:10 Installed Java 7 Update 25
03-07-2013 13:38:04 Windows Update
04-07-2013 17:39:54 Geplanter Prüfpunkt
07-07-2013 15:33:55 Geplanter Prüfpunkt
13-07-2013 11:27:08 Windows Update
13-07-2013 13:00:32 Windows Update
16-07-2013 13:39:11 Windows Update
21-07-2013 08:41:16 Windows Update
31-07-2013 13:31:26 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {191261FD-E565-45A6-B91E-30F13CB8C41A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-04] (Google)
Task: {1C82EA94-6313-4118-89FE-0991D6F59BF0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {23B1D120-11E6-4B1E-A626-86EF2C832342} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {2D5C814F-6DFE-4679-8F20-5D5BD505B9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5C5CF4C0-7D0B-4A80-A54F-11CC25956064} - System32\Tasks\LifeChatTask => c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21] (Microsoft Corporation)
Task: {6B5E694A-9307-4C41-9D7A-7E1143801ABD} - System32\Tasks\Microsoft\Windows\RestartManager\{989043AB-CF62-4e79-9C94-D5C12C2E1024} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {7CEEA9F7-63B6-438C-8038-3561A7707A3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-07] (Google Inc.)
Task: {998C17FE-3A57-4B37-AC18-97BAAB678C1A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {A42713D3-7FB0-404C-A114-EA96D88031D2} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AD53ACC5-75E3-4FEB-9E9C-EBD532A11344} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {CBC24ADC-49ED-4BB4-876B-7E9263CF6942} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2007-04-10] (Microsoft Corporation)
Task: {DAF8155E-DB71-4286-A174-A2E4F62B349D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F7D2F919-2C8D-4928-B60A-FB75EDA51558} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #11
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #29
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #40
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #88
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #105
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #116
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #123
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #134
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #5
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #22
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #50
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #64
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #66
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #122
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #134
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #170
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (08/01/2013 04:58:58 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/01/2013 04:58:58 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Servicenvlddmkm%%1058


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-07-24 17:57:27.748
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.592
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.436
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.327
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-24 17:57:27.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 2046.58 MB
Available physical RAM: 1067.55 MB
Total Pagefile: 4338.2 MB
Available Pagefile: 3169.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.1 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:303.35 GB) (Free:171.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:150.69 GB) (Free:17.24 GB) NTFS
Drive e: (PES2012) (CDROM) (Total:6.33 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 6676021D)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=303 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=151 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Alt 02.08.2013, 01:10   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.08.2013, 14:24   #10
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



geht los

bin dabei

hier der malewarebytes - quickscan:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.02.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Maddin :: SCHILDI [Administrator]

Schutz: Aktiviert

02.08.2013 14:11:34
mbam-log-2013-08-02 (14-11-34).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 218776
Laufzeit: 11 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Maddin\AppData\Local\Temp\Vid-Saver-rs.exe (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
hier der 1. scan:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.02.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Maddin :: SCHILDI [Administrator]

Schutz: Aktiviert

02.08.2013 14:11:34
mbam-log-2013-08-02 (14-11-34).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 218776
Laufzeit: 11 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Maddin\AppData\Local\Temp\Vid-Saver-rs.exe (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 02.08.2013, 14:44   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



Ist nur ein Adware-Rest. Nun fehlt noch ESET
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.08.2013, 16:36   #12
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



der eset- scan dauert bischen länger und läuft noch...

Alt 02.08.2013, 16:39   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



Ok, poste einfach wieder wenn es fertig ist oder Probleme auftauchen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.08.2013, 17:14   #14
schildi0507
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



endlich :

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9c9efbfb7bb73740b7ab7d343e8c50c5
# engine=14623
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-02 02:43:26
# local_time=2013-08-02 04:43:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 100 93254 121225090 83689 0
# compatibility_mode=5892 16776573 100 100 9587 212987334 0 0
# scanned=212645
# found=0
# cleaned=0
# scan_time=7688
         
scheint alles wieder in ordnung zu sein oder?

was war es denn ???

Alt 03.08.2013, 02:26   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
wieder serve.bannersdontwork.com etc. - Standard

wieder serve.bannersdontwork.com etc.



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu wieder serve.bannersdontwork.com etc.
antivir, avira, bho, desktop, downloader, error, firefox, flash player, grand theft auto, home, iexplore.exe, install.exe, logfile, mozilla, object, realtek, registry, rundll, safer networking, scan, security, senden, server, software, svchost.exe, teamspeak, trojaner, vista



Ähnliche Themen: wieder serve.bannersdontwork.com etc.


  1. Probleme mit serve.bannersdontwork.com
    Log-Analyse und Auswertung - 07.12.2013 (7)
  2. bannersdontwork - Problem
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (9)
  3. Windows 8 - serve.bannersdontwork
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (7)
  4. Windows 8: Server.bannersdontwork
    Plagegeister aller Art und deren Bekämpfung - 06.10.2013 (13)
  5. N°1 serve.bannersdontwork.com
    Log-Analyse und Auswertung - 26.09.2013 (7)
  6. Problem mit serve.bannersdontwork.com
    Log-Analyse und Auswertung - 25.09.2013 (4)
  7. N°2 serve.bannersdontwork.com
    Mülltonne - 25.09.2013 (1)
  8. serve.bannersdontwork.com
    Log-Analyse und Auswertung - 17.09.2013 (13)
  9. Problem mit http://serve.bannersdontwork.com
    Log-Analyse und Auswertung - 22.08.2013 (9)
  10. falsche Links in Internetseiten und PopUps von bannersdontwork.com (Windows 8)
    Log-Analyse und Auswertung - 17.08.2013 (14)
  11. serve.bannersdontwork.com
    Log-Analyse und Auswertung - 15.08.2013 (15)
  12. Win7 - 64bit: Öffnen von http://serve.bannersdontwork.com/text/javascript und http://serve.bannersdontwork.com/&m=true in Firefox
    Log-Analyse und Auswertung - 14.08.2013 (17)
  13. Firefox öffnet websites wie serve.bannersdontwork
    Log-Analyse und Auswertung - 13.08.2013 (7)
  14. Wie entferne ich http://serve.bannersdontwork.com/text/javascript http://serve.bannersdontwork.com/&m=true
    Log-Analyse und Auswertung - 18.06.2013 (10)
  15. bannersdontwork und survey.central öffnen sich im Firefox - OTL Logfiles gepostet
    Log-Analyse und Auswertung - 12.06.2013 (9)
  16. bannersdontwork und survey.central öffnen sich im Firefox - OTL Logfiles gepostet
    Mülltonne - 11.06.2013 (1)
  17. IE & Firefox öffnen eigenständig Seiten http://serve.bannersdontwork.com etc.
    Log-Analyse und Auswertung - 10.06.2013 (23)

Zum Thema wieder serve.bannersdontwork.com etc. - moin! ich bin neu hier und habe nicht so viel ahnung vom pc oder trojaner oder vieren etc. ich glaube nur ich bin von diesem banner- trojaner oder wat auch - wieder serve.bannersdontwork.com etc....
Archiv
Du betrachtest: wieder serve.bannersdontwork.com etc. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.