Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.09.2013, 10:48   #1
mmmari
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden



Hallo an die Helfer des Trojaner-Boards,
nachdem heute Vormittag mein Browser (Firefox) immer wieder abstürzte, habe ich einen Scan mit dem Spybot durchgeführt. Der Fund ist: Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll).
Auf der Suche nach Hilfe bin ich auf euer Forum gestoßen und hoffe nun sehr auf Hilfe von euch.
Ich habe mich an eure Anleitung gehalten und hoffe das ich alle relevanten Logs zusammen habe, falls etwas fehlen sollte, reiche ich es so schnell wie möglich nach.
Leider sind die Logfiles zum Teil zu groß um sie anzuhängen und auch zu groß um sie alle in CODE-Tags zu posten. Deshalb habe ich die großen Logfiles (Gmer.txt & Spybot.Result) in einer ZIP-Datei angehängt.
Vielen Dank schon einmal im voraus und freundliche Grüße.
Mari

Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013
Ran by Flores at 2013-09-24 10:50:45
Running from C:\Users\Flores\Desktop\tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Aware (Disabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: avast! Antivirus (Enabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Disabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Ad-Aware Antivirus (x32 Version: 10.5.3.4405)
Ad-Aware Browsing Protection (x32 Version: 1.0.1.110)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
AI Suite (x32 Version: 1.06.20)
AllDup 3.4.12 (x32 Version: 3.4.12)
AMD OverDrive (x32 Version: 3.2.2.0452)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
ASUSUpdate (x32 Version: 7.18.03)
Audials (x32 Version: 8.0.54300.0)
Audials TV (x32 Version: 1.3.10803.300)
AudibleManager (x32 Version: 2001481840.48.56.6425834)
avast! Free Antivirus (x32 Version: 7.0.1426.0)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Browser Configuration Utility (x32 Version: 1.0.10.0)
BufferChm (x32 Version: 130.0.331.000)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MP Navigator EX 4.0 (x32)
Canon Solution Menu EX (x32)
CanoScan LiDE 110 Scanner Driver
CDDRV_Installer (Version: 4.60)
C-Media PCI Audio Device
Conduit Engine (x32 Version: )
D1300 (x32 Version: 130.0.365.000)
D1300_Help (x32 Version: 82.0.233.000)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.41.3.0173)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DeviceDiscovery (x32 Version: 130.0.465.000)
Diablo III (x32 Version: 1.0.7.14633)
ElsterFormular (x32 Version: 14.1.11318)
ElsterFormular-Upgrade (x32 Version: 14.3.11574)
EPU (x32 Version: 1.02.20)
erLT (x32 Version: 1.20.0137)
Express Gate (x32 Version: 1.5.17.9)
Flatrate Player (x32)
Free Video Flip and Rotate version 2.0.8.706 (x32 Version: 2.0.8.706)
GIMP 2.6.8
GoldWave v5.58 (x32)
Google Chrome (HKCU Version: 29.0.1547.76)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet & Photosmart Printer Driver Software 13.0 Rel. A (Version: 13.0)
HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät (Version: 22.0.334.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo Creations (x32 Version: 1.0.0.3341)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Update (x32 Version: 5.002.005.003)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPSSupply (x32 Version: 130.0.371.000)
ImageMagick 6.8.5-3 Q16 (32-bit) (2013-05-01) (x32 Version: 6.8.5)
ImgBurn (x32 Version: 2.5.6.0)
Java 7 Update 11 (x32 Version: 7.0.110)
Java Auto Updater (x32 Version: 2.1.9.0)
JMicron JMB36X Driver (x32 Version: 1.00.0000)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 2.00.0000)
Lexware buchhalter 2011 (x32 Version: 16.22.00.0155)
Lexware Elster (x32 Version: 9.10.00.0041)
Logitech SetPoint (x32 Version: 4.80)
MarketResearch (x32 Version: 130.0.374.000)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)
Microsoft Search Enhancement Pack (x32 Version: 3.0.126.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Mobile Partner (x32 Version: 16.002.03.02.705)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Napster Download Manager (HKCU Version: 1.0.0.105)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.11.1111)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Origin (x32 Version: 9.1.10.2728)
PC Probe II (x32 Version: 1.04.86)
PDFCreator (x32 Version: 1.2.0)
Photo Stamp Remover 5.1 (x32 Version: 5.1)
QuickTime (x32 Version: 7.74.80.86)
RCT3 Soaked (x32 Version: 1.00.000)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.21.531.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6037)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0)
RewardsArcade (HKCU)
RollerCoaster Tycoon 3 (x32 Version: 1.00.000)
SF_CDA_ProductContext (x32 Version: 130.0.365.000)
SF_CDA_Software (x32 Version: 130.0.396.000)
Shop for HP Supplies (Version: 13.0)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.6 (x32 Version: 6.6.106)
SmartWebPrinting (x32 Version: 130.0.457.000)
Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Status (x32 Version: 130.0.469.000)
Steam (x32 Version: 1.0.0.0)
Studie zur Verbesserung von HP Deskjet 3000 J310 series Produkten (Version: 22.0.334.0)
System Requirements Lab (x32)
TeamSpeak 3 Client (x32 Version: 3.0.8)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
Trillian (x32)
TurboV EVO (x32 Version: 1.02.32)
UnloadSupport (x32 Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Vuze (x32 Version: 4.7)
Vuze Remote Toolbar (x32 Version: 6.3.3.3)
WebReg (x32 Version: 130.0.132.017)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0)
World of Warcraft (x32 Version: 5.3.0.17128)

==================== Restore Points  =========================

22-09-2013 17:00:52 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-09-03 00:42 - 00437269 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {1B712A91-B742-4886-A45A-CE91A8640BB6} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {20C39E93-7527-4706-9763-567C1C1DC56B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {3179F163-FE8C-49B2-B857-8216FF2DD4C0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3217E8AC-BEF3-4365-9A23-4D2A22AE2031} - System32\Tasks\HPCustParticipation HP Deskjet 3000 J310 series => C:\Program Files\HP\HP Deskjet 3000 J310 series\Bin\HPCustPartic.exe
Task: {3A981153-E95F-4DED-BE15-DF77B903BD3E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {55B2203A-F840-46B1-BEC3-190E459EF9DE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5D076674-443F-437E-A3AE-1D7E1D122CB5} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.05\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {740C714D-E2D2-4D17-97D8-6B025FE1E6F1} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {9275AFD1-FE64-4A91-A848-01F520537E44} - System32\Tasks\{CA5D7B44-FDA6-4C21-955E-B2FB1E3B8EFD} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {96363FD6-BE88-4A6A-A1C8-8D754A5AD4C9} - System32\Tasks\{30D933E0-2F8C-4FA5-B965-113B2F0D709E} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {9D6674EC-2C20-4245-9408-554E763BD0BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21] (Adobe Systems Incorporated)
Task: {A18576BC-DE5B-4B67-92A0-2E0A782C14AD} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {A658B115-7F1D-4262-8D90-E6DCFD7E7221} - System32\Tasks\Google Updater and Installer => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {B388D6FC-6BAB-469C-91B3-A7A1BC12B3CB} - System32\Tasks\{5F4609D4-FE2F-4FEB-94FB-AB13871FBB24} => F:\Autorun.exe
Task: {C1C47A0A-D86E-4B44-B7D4-3CAC6117083D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {C4874D9D-0CDE-4EF9-8ED6-167ACF72E524} - System32\Tasks\{A21C703B-B1FE-4BE9-AFA5-24644F86F2AA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {ED8A0E5F-530D-4929-A255-6FDED7FDD80D} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-06-13] (Lavasoft Limited)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core.job => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA.job => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-18 20:36 - 2009-07-20 13:37 - 00056848 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\lgscroll.dll
2012-01-18 20:36 - 2009-07-20 13:33 - 00055824 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\GameHook.dll
2011-02-27 17:49 - 2013-02-26 00:32 - 15053264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2010-10-16 14:13 - 2013-01-18 17:00 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2011-07-15 21:05 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-01-18 20:36 - 2009-07-20 13:35 - 00096272 _____ (Logitech, Inc.) C:\Windows\system32\KemXML.dll
2012-01-18 20:36 - 2009-07-20 13:34 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\kemutb.dll
2012-01-18 20:36 - 2009-07-20 13:34 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\KemUtil.dll
2012-01-18 20:36 - 2009-07-20 13:34 - 00159248 _____ (Logitech, Inc.) C:\Windows\system32\KemWnd.dll
2012-01-18 20:36 - 2009-07-20 13:39 - 00039952 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\SetPointCOM.dll
2012-01-18 20:36 - 2009-07-20 13:35 - 00018960 _____ () G:\mausscheisse\SetPoint\khalwrapper.dll
2012-01-18 20:36 - 2009-07-20 13:40 - 01596944 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\Macros\MacroCore.dll
2012-01-18 20:36 - 2009-07-20 13:33 - 00019472 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\IMHook.dll
2012-01-18 20:36 - 2009-07-20 13:39 - 00363536 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\WebBrowserSupport.dll
2012-01-18 20:36 - 2009-07-20 13:40 - 00207888 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\Macros\MacroAppSwitch.dll
2012-01-18 20:36 - 2009-07-20 13:35 - 00104464 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\kgame.dll
2012-01-18 20:36 - 2009-07-20 13:36 - 00189968 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\LCabHandler.dll
2012-06-11 13:48 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-03-17 10:27 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2013-03-17 10:27 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll
2009-07-14 01:24 - 2009-07-14 03:11 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00310784 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll
2013-01-17 01:18 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2012-06-11 13:46 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2009-07-14 02:20 - 2009-07-14 03:14 - 00640000 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2009-07-14 01:11 - 2009-07-14 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2009-07-14 01:12 - 2009-07-14 03:11 - 00662528 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-10-20 15:27 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll
2009-07-14 01:12 - 2009-07-14 03:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll
2012-10-20 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2009-07-14 01:39 - 2009-07-14 03:16 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2011-02-28 09:46 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\syswow64\OLE32.DLL
2011-12-23 00:22 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.DLL
2009-07-14 01:28 - 2009-07-14 03:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2009-07-14 01:16 - 2009-07-14 03:16 - 01668608 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-07-14 13:51 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll
2011-07-14 13:51 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll
2011-02-27 18:06 - 2010-02-08 18:19 - 00053248 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
2011-02-27 18:06 - 2010-06-01 11:38 - 00253952 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
2011-02-28 09:46 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2012-06-11 14:34 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll
2011-12-23 00:22 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2009-07-14 01:34 - 2009-07-14 03:16 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\USERENV.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2009-07-14 02:18 - 2009-07-14 03:14 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSPOOL.DRV
2009-07-14 01:55 - 2009-07-14 03:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPR.dll
2013-03-17 10:27 - 2013-01-04 06:43 - 00044032 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcWow64.DLL
2009-07-14 01:41 - 2009-07-14 03:16 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VERSION.dll
2011-12-30 17:26 - 2009-05-11 03:57 - 08126464 ____R (C-Media Corporation) C:\Windows\Syswow64\CMICNFG3.dll
2009-07-14 02:03 - 2009-07-14 03:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\Syswow64\WINMM.dll
2009-07-14 01:39 - 2009-07-14 03:15 - 00486912 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll
2009-07-14 01:24 - 2009-07-14 03:15 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2012-10-20 15:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll
2012-10-20 15:28 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll
2011-02-28 09:43 - 2009-08-29 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll
2009-07-14 02:03 - 2009-07-14 03:15 - 00453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2009-07-14 01:16 - 2009-07-14 03:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POWRPROF.dll
2009-07-14 01:44 - 2009-07-14 03:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2009-07-14 02:03 - 2009-07-14 03:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOSES.DLL
2012-01-18 20:36 - 2009-07-20 05:00 - 00038912 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\lgscroll.dll
2009-07-14 01:34 - 2009-07-14 03:16 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntmarta.dll
2009-07-14 01:38 - 2009-07-14 03:16 - 00268800 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00057344 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\GameHook.dll
2011-12-23 00:22 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\oleaut32.dll
2012-10-20 15:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\syswow64\wintrust.dll
2013-04-12 22:33 - 2013-02-22 05:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\syswow64\URLMON.DLL
2013-04-12 22:33 - 2013-02-22 05:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2013-04-12 22:33 - 2013-02-22 05:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2009-07-14 01:15 - 2009-07-14 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\Normaliz.dll
2012-10-20 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\syswow64\shell32.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00206336 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2009-07-14 02:03 - 2009-07-14 03:15 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2013-01-17 01:18 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2011-12-23 00:21 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XmlLite.dll
2009-07-14 01:27 - 2009-07-14 03:16 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2013-04-12 22:33 - 2013-02-22 06:05 - 12324352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-04-12 22:33 - 2013-02-22 05:47 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-10-20 15:27 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2009-07-14 01:33 - 2009-07-14 03:17 - 00249680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2013-04-12 22:33 - 2013-02-22 05:46 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-15 23:09 - 2013-07-15 23:09 - 00318864 _____ (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
2009-07-14 02:20 - 2009-07-14 03:14 - 00309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2009-07-14 01:40 - 2009-07-14 03:16 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2009-07-14 01:22 - 2009-07-14 03:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FunDisc.dll
2009-07-14 02:14 - 2009-07-14 03:14 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ATL.DLL
2009-07-14 01:22 - 2009-07-14 03:15 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdproxy.dll
2010-04-27 03:33 - 2010-04-27 03:33 - 00096904 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2011-02-27 18:07 - 2009-04-22 21:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL
2012-10-20 15:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.DLL
2012-10-20 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.DLL
2011-02-27 18:07 - 2010-01-08 18:17 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU\pngio.dll
2011-02-27 18:07 - 2010-01-08 18:17 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll
2009-06-27 11:11 - 2009-06-27 11:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2009-10-26 14:16 - 2009-10-26 14:16 - 00170216 _____ (DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ZyngaGames.dll
2009-07-14 01:39 - 2009-07-14 03:15 - 00486912 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2013-04-12 22:33 - 2013-02-22 05:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll
2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm
2012-01-18 20:36 - 2009-07-20 05:00 - 00010752 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\IMHook.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00013824 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\AdobeHookDll.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00014336 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\AOLHookDll.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00069632 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\MessengerHook.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00012288 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\HookDll.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00027648 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\KEMHook.dll
2012-06-11 14:34 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\syswow64\IMAGEHLP.DLL
2013-04-12 22:33 - 2013-02-22 05:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\syswow64\wininet.dll
2011-09-02 22:58 - 2008-06-19 17:35 - 00333288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
2012-10-20 15:28 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\syswow64\crypt32.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\psapi.dll
2011-09-02 22:58 - 2008-03-04 14:52 - 00790392 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
2011-09-02 22:58 - 2008-03-05 09:34 - 00795520 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
2011-09-02 22:58 - 2008-02-26 11:04 - 00717176 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
2011-09-02 22:58 - 2007-12-24 01:05 - 00121344 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
2011-12-23 00:22 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OLEACC.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 47033808 _____ (Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\chrome.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 09962960 _____ (The ICU Project) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\icudt.dll
2013-04-12 22:33 - 2013-02-22 05:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2009-07-14 01:16 - 2009-07-14 03:16 - 01668608 _____ (Microsoft Corporation) C:\Windows\syswow64\setupapi.dll
2013-09-20 09:17 - 2013-09-17 03:23 - 03231688 _____ (Microsoft Corporation) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\D3DCompiler_46.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 00709584 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 00099792 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-20 09:17 - 2013-09-17 05:21 - 04053456 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-20 09:17 - 2013-09-17 05:21 - 00410576 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 02110928 _____ (Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\libpeerconnection.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 01604560 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-06-13 02:28 - 2013-06-13 02:28 - 00953704 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files (x86)\Ad-Aware Antivirus\htmlayout.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00119808 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll
2012-09-20 05:38 - 2012-09-20 05:38 - 00056712 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvcPS.dll
2011-02-28 09:46 - 2010-11-02 06:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2013-06-13 02:27 - 2013-06-13 02:27 - 00465248 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\cart\CartSdk.dll
2009-07-14 01:15 - 2009-07-14 03:10 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SFC.DLL
2012-03-08 18:16 - 2012-03-08 18:16 - 00284512 _____ ( ) C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2013-04-12 22:33 - 2013-02-22 05:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2013 10:00:29 AM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/16/2013 10:01:44 AM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/04/2013 07:59:52 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25025. Fehler 3: Fehler beim Kopieren der Port-Überwachungsdateien.

Error: (09/04/2013 07:58:59 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25025. Fehler 3: Fehler beim Kopieren der Port-Überwachungsdateien.

Error: (09/04/2013 07:58:55 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25026. Fehler 1722: Fehler beim Hinzufügen der Port-Überwachung HP Discovery Port Monitor (HP Deskjet 3000 J310 series).

Error: (09/04/2013 07:55:26 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25024. Error -2081883393: Failed to uninstall CN0C625K9N05HZ device.

Error: (09/04/2013 07:55:18 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25024. Error -2081883393: Failed to uninstall CN0C625K9N05HZ device.

Error: (09/04/2013 07:54:46 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25024. Error -2081883393: Failed to uninstall CN0C625K9N05HZ device.

Error: (09/04/2013 07:41:01 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Produkt: HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät -- Fehler 25024. Error -2081883393: Failed to uninstall CN0C625K9N05HZ device.

Error: (09/02/2013 11:38:56 AM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Product: HPPhotosmartEssential -- Error 1706. An installation package for the product HPPhotosmartEssential cannot be found. Try the installation again using a valid copy of the installation package 'HPPhotosmartEssential.msi'.


System errors:
=============
Error: (09/24/2013 10:04:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/24/2013 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/24/2013 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuchanbieter-Host" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:11 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:11 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 08:40:11 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (11/02/2011 10:56:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 111 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 12286.18 MB
Available physical RAM: 9235.46 MB
Total Pagefile: 24570.5 MB
Available Pagefile: 20945.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:105.11 GB) (Free:11.66 GB) NTFS
Drive d: () (Fixed) (Total:149 GB) (Free:37.02 GB) NTFS
Drive f: (COSMOPOLITAN) (CDROM) (Total:4.19 GB) (Free:0 GB) UDF
Drive g: (Volume) (Fixed) (Total:781.25 GB) (Free:658.12 GB) NTFS
Drive h: (Volume) (Fixed) (Total:488.28 GB) (Free:350.87 GB) NTFS
Drive i: (Volume) (Fixed) (Total:488.28 GB) (Free:228.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C9A48BB1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=977 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 149 GB) (Disk ID: AFCBAFCB)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 149 GB) (Disk ID: 0009EA20)
Partition 1: (Not Active) - (Size=93 MB) - (Type=83)
Partition 2: (Not Active) - (Size=977 MB) - (Type=82)
Partition 3: (Not Active) - (Size=55 GB) - (Type=83)
Partition 4: (Not Active) - (Size=93 GB) - (Type=83)

==================== End Of Log ============================
         
FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by Flores (administrator) on WINDOWSPC on 24-09-2013 10:50:04
Running from C:\Users\Flores\Desktop\tools
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(DeviceVM, Inc.) C:\ASUS.SYS\config\DVMExportService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
() C:\Windows\DAODx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Logitech, Inc.) G:\mausscheisse\SetPoint\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() G:\mausscheisse\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Visicom Media Inc.) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\ffHelper.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Lavasoft Limited) C:\PROGRA~2\AD-AWA~1\AdAware.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-28] (Google Inc.)
HKCU\...\Runonce: [adawarebp] - reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
HKCU\...\Runonce: [adawarebp_XP] - reg.exe delete "HKCU\Software\adawarebp" /f
MountPoints2: {38b68dbb-5a20-11e0-be8a-20cf30bf92b8} - G:\AutoRun.exe
MountPoints2: {38b68dcb-5a20-11e0-be8a-20cf30bf92b8} - G:\AutoRun.exe
MountPoints2: {38b68dd7-5a20-11e0-be8a-20cf30bf92b8} - K:\AutoRun.exe
MountPoints2: {410efac2-5b65-11e0-9a71-001e101f859f} - G:\AutoRun.exe
MountPoints2: {a0eb7129-e7b5-11e0-89c1-20cf30bf92b8} - J:\INSTALL.EXE
MountPoints2: {b0b35a42-42c1-11e0-8da2-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-10-26] (DeviceVM, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4241512 2012-03-07] (AVAST Software)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - G:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe [943016 2013-06-13] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBDBC55C997D6CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {6EB971CA-7AD8-4912-A40A-C1024A2CC0A9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll (215 Apps)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM - Community Smart Bar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Community Smart Bar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} -  No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6278C29C-68B5-4D63-87E1-9ACD421D1145}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C4239820-7EAD-455C-9D27-20A1B40F53E3}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C58C5C8D-1B8E-4548-8705-F5043E83C0AA}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Vuze Remote Community Toolbar - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF Extension: No Name - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [crossriderapp498@crossrider.com] - C:\Users\Flores\AppData\Local\RewardsArcade\498\Firefox
FF Extension: No Name - C:\Users\Flores\AppData\Local\RewardsArcade\498\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___
CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___"
CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Extension: (Google Docs) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Search) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RewardsArcade) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.23.177_0
CHR Extension: (avast! WebRep) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0
CHR Extension: (Gmail) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [dcmagccbogebndpoodhhhafmofelpffh] - C:\Users\Flores\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Flores\AppData\Local\Temp\tbch.crx

==================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2012-03-07] (AVAST Software)
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [319488 2009-10-16] (DeviceVM, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [x]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [69976 2012-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [53080 2012-03-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337240 2012-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59224 2012-03-07] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-03-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1154560 2009-05-19] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-25] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2010-05-11] (Huawei Technologies Co., Ltd.)
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-24] (GFI Software)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-05-11] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-03-04] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 10:49 - 2013-09-24 10:49 - 00000000 ____D C:\FRST
2013-09-24 10:42 - 2013-09-24 10:49 - 00000000 ____D C:\Users\Flores\Desktop\tools
2013-09-24 10:42 - 2013-09-24 10:42 - 00000000 _____ C:\Users\Flores\defogger_reenable
2013-09-24 09:59 - 2013-09-24 09:59 - 00004326 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\LavasoftStatistics
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-09-24 09:47 - 2013-09-24 09:59 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-24 09:47 - 2013-09-24 09:59 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\ProgramData\Lavasoft
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Users\Flores\AppData\Local\adawarebp
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Search Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-24 09:44 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Ad-Aware Antivirus
2013-09-24 09:44 - 2013-09-24 09:44 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-09-24 09:44 - 2013-09-24 09:44 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-24 09:43 - 2013-09-24 09:43 - 05616264 _____ (Lavasoft Limited) C:\Users\Flores\Desktop\Adaware_Installer.exe
2013-09-24 08:45 - 2013-09-24 08:45 - 00000000 ____D C:\Users\Flores\AppData\Local\{41EDFF1A-628A-4CFF-8B4D-35782DFAF8B8}
2013-09-23 21:29 - 2013-09-23 21:29 - 00000053 _____ C:\Users\Flores\Desktop\google81f6ebbb071c6405.html
2013-09-23 19:18 - 2013-09-23 19:18 - 00537652 _____ C:\Users\Flores\.recently-used.xbel
2013-09-23 11:49 - 2013-09-23 11:49 - 00000000 ____D C:\Users\Flores\AppData\Local\{DCC5FAF3-4223-4942-BCAF-B433B851A546}
2013-09-22 23:48 - 2013-09-22 23:48 - 01799927 _____ C:\Users\Flores\Desktop\vanessa.zip
2013-09-22 23:48 - 2013-09-22 23:48 - 00000000 ____D C:\Users\Flores\AppData\Local\{365E8A29-AB8A-459F-AF9B-2B70ADF9FE0E}
2013-09-22 10:42 - 2013-09-22 10:42 - 00000000 ____D C:\Users\Flores\AppData\Local\{60FBB7B6-2057-48CC-A087-27B4B0128597}
2013-09-22 10:06 - 2013-09-22 10:06 - 00291296 _____ C:\Windows\Minidump\092213-69420-01.dmp
2013-09-21 21:38 - 2013-09-21 21:38 - 00000000 ____D C:\Users\Flores\AppData\Local\{1234C4B2-3779-4019-B40E-60583EEDD8B4}
2013-09-21 15:27 - 2013-09-21 15:27 - 98547399 _____ C:\Windows\SysWOW64\醔쟫브“
2013-09-21 09:37 - 2013-09-21 09:38 - 00000000 ____D C:\Users\Flores\AppData\Local\{62A9BEEB-ADCD-4A2E-A7AA-1169E2605636}
2013-09-20 20:45 - 2013-09-20 20:45 - 00000000 ____D C:\Users\Flores\AppData\Local\{8255E3CB-41FA-4BE4-B101-EAB7720D6C91}
2013-09-20 08:19 - 2013-09-20 08:19 - 00000000 ____D C:\Users\Flores\AppData\Local\{822B417C-DE28-4484-A9B4-F0C8B0A108C3}
2013-09-19 11:10 - 2013-09-19 11:10 - 00000000 ____D C:\Users\Flores\AppData\Local\{14321BD9-C624-41B0-98EE-AB4A2D25AE44}
2013-09-18 22:20 - 2013-09-18 22:20 - 00000000 ____D C:\Users\Flores\AppData\Local\{314A1262-7F99-48CB-B81D-7C9573A055F3}
2013-09-18 10:19 - 2013-09-18 10:19 - 00000000 ____D C:\Users\Flores\AppData\Local\{507108AA-82EF-4EA7-8684-947155DE7689}
2013-09-17 22:18 - 2013-09-17 22:19 - 00000000 ____D C:\Users\Flores\AppData\Local\{5FE8550E-14C6-4EBE-BF02-F723AE64BD75}
2013-09-17 09:58 - 2013-09-17 09:58 - 00000000 ____D C:\Users\Flores\AppData\Local\{C9AE66BD-0F25-4320-95D7-3EE5D30D5CB1}
2013-09-16 21:57 - 2013-09-16 21:58 - 00000000 ____D C:\Users\Flores\AppData\Local\{8CF31A30-D1C5-49A8-9333-7F4DF75368C2}
2013-09-16 09:57 - 2013-09-16 09:57 - 00000000 ____D C:\Users\Flores\AppData\Local\{C9834061-DED0-47C7-BB71-84F4630CA926}
2013-09-15 10:24 - 2013-09-15 10:24 - 00000000 ____D C:\Users\Flores\AppData\Local\{C75A71B6-70DC-4088-A914-55D3C4A27FBF}
2013-09-14 22:23 - 2013-09-14 22:24 - 00000000 ____D C:\Users\Flores\AppData\Local\{0FF02114-5437-42C6-A831-60A4BAEFC6D7}
2013-09-14 10:23 - 2013-09-14 10:23 - 00000000 ____D C:\Users\Flores\AppData\Local\{F54EA2C2-1F3F-488A-8241-AAF129EF1D4A}
2013-09-13 22:13 - 2013-09-13 22:13 - 00000000 ____D C:\Users\Flores\AppData\Local\{A8E42B02-5A57-45C5-B62D-1A76242BDC47}
2013-09-13 10:12 - 2013-09-13 10:12 - 00000000 ____D C:\Users\Flores\AppData\Local\{F2D0A4F4-A560-4A6C-8046-B04974616ADC}
2013-09-12 22:03 - 2013-09-12 22:03 - 00000000 ____D C:\Users\Flores\AppData\Local\{6EFF57A7-66B3-44F7-A607-672FAB4B7D5D}
2013-09-12 10:03 - 2013-09-12 10:03 - 00000000 ____D C:\Users\Flores\AppData\Local\{5EF41BB7-0AB8-424B-AF58-B8C52D68FE83}
2013-09-11 22:02 - 2013-09-11 22:02 - 00000000 ____D C:\Users\Flores\AppData\Local\{48ED88E1-85F3-4A3B-9595-FB4D61B32F0B}
2013-09-11 10:02 - 2013-09-11 10:02 - 00000000 ____D C:\Users\Flores\AppData\Local\{D0A70605-DFA8-4336-8C7E-5088DD5A5C49}
2013-09-10 22:01 - 2013-09-10 22:01 - 00000000 ____D C:\Users\Flores\AppData\Local\{C50227C3-42CA-4FAD-8AAD-219CAAC6FA0D}
2013-09-10 10:00 - 2013-09-10 10:01 - 00000000 ____D C:\Users\Flores\AppData\Local\{831420DA-15D0-4A1D-B0B4-D6999E8730D1}
2013-09-09 22:23 - 2013-09-09 22:23 - 00010514 _____ C:\Users\Flores\Desktop\want you back.ods
2013-09-09 22:00 - 2013-09-09 22:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{C491EF05-8228-488D-84B2-DE4E1FE75616}
2013-09-09 09:59 - 2013-09-09 10:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{EBE863DB-177E-4CFA-9CA8-E632116038BD}
2013-09-08 21:39 - 2013-09-08 21:39 - 00000000 ____D C:\Users\Flores\AppData\Local\{697CFFD1-6FF5-469A-A07C-6426E3BA3307}
2013-09-08 09:38 - 2013-09-08 09:38 - 00000000 ____D C:\Users\Flores\AppData\Local\{1D9D232B-326E-4FE4-B438-8A7C3A9A7E0F}
2013-09-07 09:22 - 2013-09-07 09:22 - 00000000 ____D C:\Users\Flores\AppData\Local\{F4D020DD-6FC4-4D8D-8C18-99C6D152F9AE}
2013-09-06 11:51 - 2013-09-06 11:51 - 00000000 ____D C:\Users\Flores\AppData\Local\{1F94DFEA-DC8E-4048-9DAB-2CFFB358E610}
2013-09-05 23:50 - 2013-09-05 23:51 - 00000000 ____D C:\Users\Flores\AppData\Local\{ECBAD234-9262-46E8-ACD8-DB75F6EAA9AD}
2013-09-05 13:22 - 2013-07-08 02:15 - 00000000 ____D C:\Users\Flores\Desktop\015_Evelin
2013-09-05 11:36 - 2013-09-05 11:58 - 177107930 _____ C:\Users\Flores\Desktop\015_Evelin.zip
2013-09-05 11:11 - 2013-09-05 11:25 - 00000000 ____D C:\Users\Flores\Desktop\Fetisch
2013-09-05 10:17 - 2013-09-05 10:17 - 00000000 ____D C:\Users\Flores\AppData\Local\{5BD4D89B-27D6-4042-85E5-A78407F9AB48}
2013-09-04 23:39 - 2013-09-04 23:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-09-04 21:29 - 2013-09-04 21:29 - 00000000 ____D C:\Users\Flores\AppData\Local\{2A10A133-9F89-46D3-B822-BD98313EA9F3}
2013-09-04 19:54 - 2013-09-04 19:54 - 00000057 _____ C:\ProgramData\Ament.ini
2013-09-04 09:28 - 2013-09-04 09:28 - 00000000 ____D C:\Users\Flores\AppData\Local\{3C6829A1-E467-4E28-B63D-4BE18C6A5DDE}
2013-09-03 19:36 - 2013-09-03 21:05 - 00019626 _____ C:\Users\Flores\Desktop\mail to do sept.ods
2013-09-03 11:00 - 2013-09-03 11:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{0313E221-8193-42CF-A92B-386E7F772DDD}
2013-09-02 22:59 - 2013-09-02 23:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{4E916835-1E75-4496-BE23-64EBF84DEF6B}
2013-09-02 16:44 - 2013-09-17 11:30 - 00017713 _____ C:\Users\Flores\Desktop\abrechnung august.ods
2013-09-02 10:59 - 2013-09-02 10:59 - 00000000 ____D C:\Users\Flores\AppData\Local\{32675FDE-818F-4DA3-B686-2C7D92DE1186}
2013-09-01 22:58 - 2013-09-01 22:58 - 00000000 ____D C:\Users\Flores\AppData\Local\{190653B4-8602-4888-A653-65D16542F87B}
2013-09-01 09:40 - 2013-09-01 09:41 - 00000000 ____D C:\Users\Flores\AppData\Local\{73C60BE1-9F8A-4A35-B287-F9AD18FF5EAC}
2013-08-31 12:12 - 2013-08-31 12:13 - 00000000 ____D C:\Users\Flores\AppData\Local\{8F24E12C-4EAB-492B-9B6E-BA029437DE45}
2013-08-31 00:12 - 2013-08-31 00:12 - 00000000 ____D C:\Users\Flores\AppData\Local\{A6C33172-B4E0-420A-AC62-552E8C908583}
2013-08-30 12:11 - 2013-08-30 12:12 - 00000000 ____D C:\Users\Flores\AppData\Local\{352B5599-3398-4F47-8BD5-00DC0ED76B1D}
2013-08-30 00:11 - 2013-08-30 00:11 - 00000000 ____D C:\Users\Flores\AppData\Local\{891C61BF-B667-4D00-AF3F-ED8C6FEA21A5}
2013-08-29 09:31 - 2013-08-29 09:31 - 00000000 ____D C:\Users\Flores\AppData\Local\{2C116E6A-66A7-470A-903F-64A83177840D}
2013-08-28 21:30 - 2013-08-28 21:31 - 00000000 ____D C:\Users\Flores\AppData\Local\{2FB19EB4-295F-42D6-AFCC-D384679D8DC0}
2013-08-28 09:30 - 2013-08-28 09:30 - 00000000 ____D C:\Users\Flores\AppData\Local\{71D04791-BA1D-47CD-BBE3-330245BB823E}
2013-08-27 21:06 - 2013-08-27 21:07 - 00000000 ____D C:\Users\Flores\AppData\Local\{D443EB66-B158-4299-886C-C02580508B64}
2013-08-27 09:06 - 2013-08-27 09:06 - 00000000 ____D C:\Users\Flores\AppData\Local\{DB649F53-A2F2-425D-BC86-ECE70CB399F1}
2013-08-26 21:05 - 2013-08-26 21:06 - 00000000 ____D C:\Users\Flores\AppData\Local\{66EBDA82-E1EF-44C9-9CAC-69A14D1C5E9C}
2013-08-26 09:05 - 2013-08-26 09:05 - 00000000 ____D C:\Users\Flores\AppData\Local\{E122A664-4B30-403C-9FA4-C059560D88A2}
2013-08-25 09:57 - 2013-08-25 11:59 - 00018561 _____ C:\Users\Flores\Desktop\mail to do sinti.ods
2013-08-25 09:44 - 2013-08-25 09:44 - 00000000 ____D C:\Users\Flores\AppData\Local\{7FC7C1FD-8061-4680-9DFA-5F489EB27DB3}

==================== One Month Modified Files and Folders =======

2013-09-24 10:49 - 2013-09-24 10:49 - 00000000 ____D C:\FRST
2013-09-24 10:49 - 2013-09-24 10:42 - 00000000 ____D C:\Users\Flores\Desktop\tools
2013-09-24 10:49 - 2011-03-04 19:29 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Skype
2013-09-24 10:42 - 2013-09-24 10:42 - 00000000 _____ C:\Users\Flores\defogger_reenable
2013-09-24 10:42 - 2011-02-27 17:41 - 00000000 ____D C:\Users\Flores
2013-09-24 10:35 - 2011-02-27 18:09 - 00000177 ____H C:\dvmexp.idx
2013-09-24 10:33 - 2012-07-25 18:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 10:33 - 2011-02-27 20:43 - 00000000 ____D C:\Users\Flores\.gimp-2.6
2013-09-24 10:15 - 2013-03-28 14:26 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA.job
2013-09-24 09:59 - 2013-09-24 09:59 - 00004326 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\LavasoftStatistics
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-09-24 09:59 - 2013-09-24 09:47 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-24 09:59 - 2013-09-24 09:47 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-24 09:59 - 2013-09-24 09:44 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Ad-Aware Antivirus
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\ProgramData\Lavasoft
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Users\Flores\AppData\Local\adawarebp
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Search Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-24 09:44 - 2013-09-24 09:44 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-09-24 09:44 - 2013-09-24 09:44 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-24 09:43 - 2013-09-24 09:43 - 05616264 _____ (Lavasoft Limited) C:\Users\Flores\Desktop\Adaware_Installer.exe
2013-09-24 08:45 - 2013-09-24 08:45 - 00000000 ____D C:\Users\Flores\AppData\Local\{41EDFF1A-628A-4CFF-8B4D-35782DFAF8B8}
2013-09-24 08:40 - 2011-02-28 00:37 - 01551684 _____ C:\Windows\WindowsUpdate.log
2013-09-24 08:40 - 2009-07-14 06:51 - 00797024 _____ C:\Windows\setupact.log
2013-09-24 08:32 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 08:32 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 08:24 - 2011-02-27 17:51 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-24 08:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 21:31 - 2013-07-16 16:23 - 00000000 ____D C:\Users\Flores\Desktop\zzz
2013-09-23 21:29 - 2013-09-23 21:29 - 00000053 _____ C:\Users\Flores\Desktop\google81f6ebbb071c6405.html
2013-09-23 19:18 - 2013-09-23 19:18 - 00537652 _____ C:\Users\Flores\.recently-used.xbel
2013-09-23 19:18 - 2011-02-27 20:45 - 00000000 ____D C:\Users\Flores\AppData\Roaming\gtk-2.0
2013-09-23 19:15 - 2013-03-28 14:26 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core.job
2013-09-23 11:49 - 2013-09-23 11:49 - 00000000 ____D C:\Users\Flores\AppData\Local\{DCC5FAF3-4223-4942-BCAF-B433B851A546}
2013-09-22 23:48 - 2013-09-22 23:48 - 01799927 _____ C:\Users\Flores\Desktop\vanessa.zip
2013-09-22 23:48 - 2013-09-22 23:48 - 00000000 ____D C:\Users\Flores\AppData\Local\{365E8A29-AB8A-459F-AF9B-2B70ADF9FE0E}
2013-09-22 10:42 - 2013-09-22 10:42 - 00000000 ____D C:\Users\Flores\AppData\Local\{60FBB7B6-2057-48CC-A087-27B4B0128597}
2013-09-22 10:06 - 2013-09-22 10:06 - 00291296 _____ C:\Windows\Minidump\092213-69420-01.dmp
2013-09-22 10:06 - 2011-03-30 19:04 - 00000000 ____D C:\Windows\Minidump
2013-09-21 21:38 - 2013-09-21 21:38 - 00000000 ____D C:\Users\Flores\AppData\Local\{1234C4B2-3779-4019-B40E-60583EEDD8B4}
2013-09-21 15:33 - 2012-07-25 18:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-21 15:33 - 2012-07-25 18:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-21 15:33 - 2011-05-17 09:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-21 15:27 - 2013-09-21 15:27 - 98547399 _____ C:\Windows\SysWOW64\醔쟫브“
2013-09-21 09:38 - 2013-09-21 09:37 - 00000000 ____D C:\Users\Flores\AppData\Local\{62A9BEEB-ADCD-4A2E-A7AA-1169E2605636}
2013-09-20 20:45 - 2013-09-20 20:45 - 00000000 ____D C:\Users\Flores\AppData\Local\{8255E3CB-41FA-4BE4-B101-EAB7720D6C91}
2013-09-20 08:19 - 2013-09-20 08:19 - 00000000 ____D C:\Users\Flores\AppData\Local\{822B417C-DE28-4484-A9B4-F0C8B0A108C3}
2013-09-19 11:10 - 2013-09-19 11:10 - 00000000 ____D C:\Users\Flores\AppData\Local\{14321BD9-C624-41B0-98EE-AB4A2D25AE44}
2013-09-18 22:20 - 2013-09-18 22:20 - 00000000 ____D C:\Users\Flores\AppData\Local\{314A1262-7F99-48CB-B81D-7C9573A055F3}
2013-09-18 10:19 - 2013-09-18 10:19 - 00000000 ____D C:\Users\Flores\AppData\Local\{507108AA-82EF-4EA7-8684-947155DE7689}
2013-09-17 22:19 - 2013-09-17 22:18 - 00000000 ____D C:\Users\Flores\AppData\Local\{5FE8550E-14C6-4EBE-BF02-F723AE64BD75}
2013-09-17 11:30 - 2013-09-02 16:44 - 00017713 _____ C:\Users\Flores\Desktop\abrechnung august.ods
2013-09-17 09:58 - 2013-09-17 09:58 - 00000000 ____D C:\Users\Flores\AppData\Local\{C9AE66BD-0F25-4320-95D7-3EE5D30D5CB1}
2013-09-16 21:58 - 2013-09-16 21:57 - 00000000 ____D C:\Users\Flores\AppData\Local\{8CF31A30-D1C5-49A8-9333-7F4DF75368C2}
2013-09-16 09:57 - 2013-09-16 09:57 - 00000000 ____D C:\Users\Flores\AppData\Local\{C9834061-DED0-47C7-BB71-84F4630CA926}
2013-09-15 19:56 - 2012-10-04 22:29 - 00000000 ____D C:\Users\Flores\Desktop\abrechnungen
2013-09-15 10:24 - 2013-09-15 10:24 - 00000000 ____D C:\Users\Flores\AppData\Local\{C75A71B6-70DC-4088-A914-55D3C4A27FBF}
2013-09-14 22:24 - 2013-09-14 22:23 - 00000000 ____D C:\Users\Flores\AppData\Local\{0FF02114-5437-42C6-A831-60A4BAEFC6D7}
2013-09-14 10:23 - 2013-09-14 10:23 - 00000000 ____D C:\Users\Flores\AppData\Local\{F54EA2C2-1F3F-488A-8241-AAF129EF1D4A}
2013-09-13 22:13 - 2013-09-13 22:13 - 00000000 ____D C:\Users\Flores\AppData\Local\{A8E42B02-5A57-45C5-B62D-1A76242BDC47}
2013-09-13 10:12 - 2013-09-13 10:12 - 00000000 ____D C:\Users\Flores\AppData\Local\{F2D0A4F4-A560-4A6C-8046-B04974616ADC}
2013-09-12 22:03 - 2013-09-12 22:03 - 00000000 ____D C:\Users\Flores\AppData\Local\{6EFF57A7-66B3-44F7-A607-672FAB4B7D5D}
2013-09-12 10:03 - 2013-09-12 10:03 - 00000000 ____D C:\Users\Flores\AppData\Local\{5EF41BB7-0AB8-424B-AF58-B8C52D68FE83}
2013-09-11 22:02 - 2013-09-11 22:02 - 00000000 ____D C:\Users\Flores\AppData\Local\{48ED88E1-85F3-4A3B-9595-FB4D61B32F0B}
2013-09-11 10:02 - 2013-09-11 10:02 - 00000000 ____D C:\Users\Flores\AppData\Local\{D0A70605-DFA8-4336-8C7E-5088DD5A5C49}
2013-09-10 22:01 - 2013-09-10 22:01 - 00000000 ____D C:\Users\Flores\AppData\Local\{C50227C3-42CA-4FAD-8AAD-219CAAC6FA0D}
2013-09-10 10:01 - 2013-09-10 10:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{831420DA-15D0-4A1D-B0B4-D6999E8730D1}
2013-09-09 22:23 - 2013-09-09 22:23 - 00010514 _____ C:\Users\Flores\Desktop\want you back.ods
2013-09-09 22:00 - 2013-09-09 22:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{C491EF05-8228-488D-84B2-DE4E1FE75616}
2013-09-09 10:00 - 2013-09-09 09:59 - 00000000 ____D C:\Users\Flores\AppData\Local\{EBE863DB-177E-4CFA-9CA8-E632116038BD}
2013-09-08 21:39 - 2013-09-08 21:39 - 00000000 ____D C:\Users\Flores\AppData\Local\{697CFFD1-6FF5-469A-A07C-6426E3BA3307}
2013-09-08 15:04 - 2011-02-28 00:21 - 00000000 ____D C:\Users\Flores\Desktop\chatarbeit
2013-09-08 09:38 - 2013-09-08 09:38 - 00000000 ____D C:\Users\Flores\AppData\Local\{1D9D232B-326E-4FE4-B438-8A7C3A9A7E0F}
2013-09-07 09:22 - 2013-09-07 09:22 - 00000000 ____D C:\Users\Flores\AppData\Local\{F4D020DD-6FC4-4D8D-8C18-99C6D152F9AE}
2013-09-06 11:51 - 2013-09-06 11:51 - 00000000 ____D C:\Users\Flores\AppData\Local\{1F94DFEA-DC8E-4048-9DAB-2CFFB358E610}
2013-09-05 23:51 - 2013-09-05 23:50 - 00000000 ____D C:\Users\Flores\AppData\Local\{ECBAD234-9262-46E8-ACD8-DB75F6EAA9AD}
2013-09-05 11:58 - 2013-09-05 11:36 - 177107930 _____ C:\Users\Flores\Desktop\015_Evelin.zip
2013-09-05 11:25 - 2013-09-05 11:11 - 00000000 ____D C:\Users\Flores\Desktop\Fetisch
2013-09-05 10:17 - 2013-09-05 10:17 - 00000000 ____D C:\Users\Flores\AppData\Local\{5BD4D89B-27D6-4042-85E5-A78407F9AB48}
2013-09-05 10:04 - 2011-02-27 21:17 - 06577148 _____ C:\Windows\PFRO.log
2013-09-04 23:41 - 2013-09-04 23:39 - 00000000 ____D C:\Windows\system32\MRT
2013-09-04 23:41 - 2011-02-27 20:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-04 23:39 - 2011-03-20 22:49 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-09-04 21:29 - 2013-09-04 21:29 - 00000000 ____D C:\Users\Flores\AppData\Local\{2A10A133-9F89-46D3-B822-BD98313EA9F3}
2013-09-04 19:58 - 2011-02-27 20:07 - 00000000 ____D C:\ProgramData\HP
2013-09-04 19:54 - 2013-09-04 19:54 - 00000057 _____ C:\ProgramData\Ament.ini
2013-09-04 15:18 - 2013-05-07 14:44 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-04 15:18 - 2013-03-29 00:24 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-04 15:18 - 2013-03-29 00:24 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-04 09:28 - 2013-09-04 09:28 - 00000000 ____D C:\Users\Flores\AppData\Local\{3C6829A1-E467-4E28-B63D-4BE18C6A5DDE}
2013-09-03 21:05 - 2013-09-03 19:36 - 00019626 _____ C:\Users\Flores\Desktop\mail to do sept.ods
2013-09-03 11:00 - 2013-09-03 11:00 - 00000000 ____D C:\Users\Flores\AppData\Local\{0313E221-8193-42CF-A92B-386E7F772DDD}
2013-09-02 23:00 - 2013-09-02 22:59 - 00000000 ____D C:\Users\Flores\AppData\Local\{4E916835-1E75-4496-BE23-64EBF84DEF6B}
2013-09-02 11:36 - 2012-02-23 18:45 - 00000000 ____D C:\Users\Flores\AppData\Roaming\HpUpdate
2013-09-02 10:59 - 2013-09-02 10:59 - 00000000 ____D C:\Users\Flores\AppData\Local\{32675FDE-818F-4DA3-B686-2C7D92DE1186}
2013-09-01 22:58 - 2013-09-01 22:58 - 00000000 ____D C:\Users\Flores\AppData\Local\{190653B4-8602-4888-A653-65D16542F87B}
2013-09-01 09:41 - 2013-09-01 09:40 - 00000000 ____D C:\Users\Flores\AppData\Local\{73C60BE1-9F8A-4A35-B287-F9AD18FF5EAC}
2013-08-31 12:13 - 2013-08-31 12:12 - 00000000 ____D C:\Users\Flores\AppData\Local\{8F24E12C-4EAB-492B-9B6E-BA029437DE45}
2013-08-31 00:12 - 2013-08-31 00:12 - 00000000 ____D C:\Users\Flores\AppData\Local\{A6C33172-B4E0-420A-AC62-552E8C908583}
2013-08-30 12:12 - 2013-08-30 12:11 - 00000000 ____D C:\Users\Flores\AppData\Local\{352B5599-3398-4F47-8BD5-00DC0ED76B1D}
2013-08-30 00:15 - 2011-08-14 21:17 - 00000000 ____D C:\Users\Flores\Desktop\fotosprivat
2013-08-30 00:11 - 2013-08-30 00:11 - 00000000 ____D C:\Users\Flores\AppData\Local\{891C61BF-B667-4D00-AF3F-ED8C6FEA21A5}
2013-08-29 09:31 - 2013-08-29 09:31 - 00000000 ____D C:\Users\Flores\AppData\Local\{2C116E6A-66A7-470A-903F-64A83177840D}
2013-08-28 21:31 - 2013-08-28 21:30 - 00000000 ____D C:\Users\Flores\AppData\Local\{2FB19EB4-295F-42D6-AFCC-D384679D8DC0}
2013-08-28 09:30 - 2013-08-28 09:30 - 00000000 ____D C:\Users\Flores\AppData\Local\{71D04791-BA1D-47CD-BBE3-330245BB823E}
2013-08-27 21:07 - 2013-08-27 21:06 - 00000000 ____D C:\Users\Flores\AppData\Local\{D443EB66-B158-4299-886C-C02580508B64}
2013-08-27 09:06 - 2013-08-27 09:06 - 00000000 ____D C:\Users\Flores\AppData\Local\{DB649F53-A2F2-425D-BC86-ECE70CB399F1}
2013-08-26 21:06 - 2013-08-26 21:05 - 00000000 ____D C:\Users\Flores\AppData\Local\{66EBDA82-E1EF-44C9-9CAC-69A14D1C5E9C}
2013-08-26 09:05 - 2013-08-26 09:05 - 00000000 ____D C:\Users\Flores\AppData\Local\{E122A664-4B30-403C-9FA4-C059560D88A2}
2013-08-25 11:59 - 2013-08-25 09:57 - 00018561 _____ C:\Users\Flores\Desktop\mail to do sinti.ods
2013-08-25 09:44 - 2013-08-25 09:44 - 00000000 ____D C:\Users\Flores\AppData\Local\{7FC7C1FD-8061-4680-9DFA-5F489EB27DB3}

Files to move or delete:
====================
C:\ProgramData\0tbpw.pad


Some content of TEMP:
====================
C:\Users\Flores\AppData\Local\Temp\724f194c-de08-40e2-a117-7ed33aa47352.exe
C:\Users\Flores\AppData\Local\Temp\7cba4d50-919d-4164-a0cf-25af4d2b6993.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 11:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


defoger_disable.log
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:42 on 24/09/2013 (Flores)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

Geändert von mmmari (24.09.2013 um 10:55 Uhr) Grund: Einfügen der CODE-Tags

Alt 24.09.2013, 10:59   #2
Aneri
/// Malwareteam
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden





Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Schritt 3

poste bitte ein neues FRST Logfile und benutze bitte die Code Tags für alle Logfiles.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 24.09.2013, 11:44   #3
mmmari
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden



Hallo Aneri,
erst einmal vielen Dank für deine schnelle Hilfe. Ich habe deine Anweisungen befolgt und hier die entsprechenden Logs (das JRT Log hat zu viele Zeichen um es im CODE Tag zu posten, soll ich es anhängen?):


Code:
ATTFilter
# AdwCleaner v3.005 - Bericht erstellt am 24/09/2013 um 12:09:17
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Flores - WINDOWSPC
# Gestartet von : C:\Users\Flores\Desktop\tools\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : BCUService
Dienst Gelöscht : DvmMDES

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Search Protection
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
Ordner Gelöscht : C:\Program Files (x86)\file scout
Ordner Gelöscht : C:\Program Files (x86)\RewardsArcade 
Ordner Gelöscht : C:\Program Files (x86)\Vuze_Remote
Ordner Gelöscht : C:\Users\Flores\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Flores\AppData\Local\RewardsArcade 
Ordner Gelöscht : C:\Users\Flores\AppData\Local\Temp\CT2504091
Ordner Gelöscht : C:\Users\Flores\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Flores\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Flores\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Flores\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Flores\AppData\LocalLow\Vuze_Remote
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\adawaretb
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\ConduitCommon
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\CT2504091
Ordner Gelöscht : C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RewardsArcade.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RewardsArcade.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RewardsArcade.FBApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RewardsArcade.FBApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Wert Gelöscht : HKLM\SOFTWARE\mozilla\Firefox\Extensions [crossriderapp498@crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fish-tycoon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fish-tycoon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_internet-explorer-7_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_internet-explorer-7_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_tunebite_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_tunebite_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25514C64-8321-494E-BD3E-3DBAB3F8CEBA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{597A9974-8CB0-4F41-B61F-ED065738A397}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{380C3A68-D152-46EF-AD18-AECDF9AE1D76}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{60BE6B2E-F2F5-4404-AA1E-4381D4A6EEA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597A9974-8CB0-4F41-B61F-ED065738A397}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{597A9974-8CB0-4F41-B61F-ED065738A397}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{597A9974-8CB0-4F41-B61F-ED065738A397}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{380C3A68-D152-46EF-AD18-AECDF9AE1D76}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{982A0059-3086-4845-8F83-C43A5727970B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C05C6A2-0039-4306-B7F0-4554A3901F70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD99D3A7-C38F-4FFA-A768-54BDD2FAFC86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\RewardsArcade
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Vuze_Remote
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\Vuze_Remote
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcade
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16476


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\prefs.js ]

Zeile gelöscht : user_pref("CT2504091..clientLogIsEnabled", true);
Zeile gelöscht : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT2504091.CurrentServerDate", "26-9-2011");
Zeile gelöscht : user_pref("CT2504091.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT2504091.DialogsGetterLastCheckTime", "Mon Sep 26 2011 20:21:20 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT2504091.EMailNotifierPollDate", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
Zeile gelöscht : user_pref("CT2504091.FeedPollDate128891351169457140", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.FeedPollDate129079840422964131", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Zeile gelöscht : user_pref("CT2504091.FirstServerDate", "15-7-2011");
Zeile gelöscht : user_pref("CT2504091.FirstTime", true);
Zeile gelöscht : user_pref("CT2504091.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT2504091.FixPageNotFoundErrors", true);
Zeile gelöscht : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT2504091.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("CT2504091.HomePageProtectorEnabled", false);
Zeile gelöscht : user_pref("CT2504091.Initialize", true);
Zeile gelöscht : user_pref("CT2504091.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
Zeile gelöscht : user_pref("CT2504091.InstallationType", "ConduitIntegration");
Zeile gelöscht : user_pref("CT2504091.InstalledDate", "Fri Jul 15 2011 21:08:35 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.IsAlertDBUpdated", true);
Zeile gelöscht : user_pref("CT2504091.IsGrouping", false);
Zeile gelöscht : user_pref("CT2504091.IsInitSetupIni", true);
Zeile gelöscht : user_pref("CT2504091.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT2504091.IsOpenThankYouPage", false);
Zeile gelöscht : user_pref("CT2504091.IsOpenUninstallPage", false);
Zeile gelöscht : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon Sep 26 2011 20:21:19 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT2504091.LastLogin_3.5.0.12", "Fri Jul 15 2011 21:08:35 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.LastLogin_3.6.0.10", "Mon Sep 26 2011 20:21:19 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.LatestVersion", "3.6.0.10");
Zeile gelöscht : user_pref("CT2504091.Locale", "en-us");
Zeile gelöscht : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
Zeile gelöscht : user_pref("CT2504091.OriginalFirstVersion", "3.5.0.12");
Zeile gelöscht : user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Zeile gelöscht : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=");
Zeile gelöscht : user_pref("CT2504091.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2504091.SearchProtectorEnabled", false);
Zeile gelöscht : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
Zeile gelöscht : user_pref("CT2504091.ServiceMapLastCheckTime", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.SettingsLastCheckTime", "Mon Sep 26 2011 20:21:17 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.SettingsLastUpdate", "1315002176");
Zeile gelöscht : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Zeile gelöscht : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Mon Sep 26 2011 20:21:17 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
Zeile gelöscht : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
Zeile gelöscht : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
Zeile gelöscht : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Zeile gelöscht : user_pref("CT2504091.Uninstall", true);
Zeile gelöscht : user_pref("CT2504091.UserID", "UN58710229847329918");
Zeile gelöscht : user_pref("CT2504091.alertChannelId", "897164");
Zeile gelöscht : user_pref("CT2504091.ct2504091.SettingsLastCheckTime", "Fri Jul 15 2011 21:08:35 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.ct2504091.ThirdPartyComponentsLastCheck", "Fri Jul 15 2011 21:08:35 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.ct2504091.globalFirstTimeInfoLastCheckTime", "Fri Jul 15 2011 21:08:36 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.ct2504091.toolbarAppMetaDataLastCheckTime", "Fri Jul 15 2011 21:08:36 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Zeile gelöscht : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Mon Sep 26 2011 20:21:19 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT2504091.initDone", true);
Zeile gelöscht : user_pref("CT2504091.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("CT2504091.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129079840422182852,129079840422339107,129079840422964131,1000034,129566938558801595,129593776931068636,[...]
Zeile gelöscht : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
Zeile gelöscht : user_pref("CT2504091.searchProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT2504091.testingCtid", "");
Zeile gelöscht : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Mon Sep 26 2011 20:21:18 GMT+0200");
Zeile gelöscht : user_pref("CT2504091.usagesFlag", 2);
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"1312220255\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.0.12", "\"8028f138140cc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"634515122457000000\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"1315002176\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"634515953213470000\"");
Zeile gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Flores\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\tmhqzx0t.default\\conduitCommon\\modules\\3.5.0.12");
Zeile gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "3865b4a7-f25c-4e31-8c25-d53e11635fa2");
Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 15 2011 21:19:14 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jul 15 2011 21:19:22 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 15 2011 21:17:38 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userId", "267b96b4-43b9-456c-adb4-62c99c2437e2");
Zeile gelöscht : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{BBDA0591-3099-440a-AA10-417[...]

-\\ Google Chrome v

[ Datei : C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [24322 octets] - [24/09/2013 12:08:40]
AdwCleaner[S0].txt - [21947 octets] - [24/09/2013 12:09:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22008 octets] ##########
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by Flores (administrator) on WINDOWSPC on 24-09-2013 12:37:12
Running from C:\Users\Flores\Desktop\tools
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) G:\mausscheisse\SetPoint\SetPoint.exe
() G:\mausscheisse\SetPoint\x86\SetPoint32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Lavasoft Limited) C:\PROGRA~2\AD-AWA~1\AdAware.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-28] (Google Inc.)
MountPoints2: {38b68dbb-5a20-11e0-be8a-20cf30bf92b8} - G:\AutoRun.exe
MountPoints2: {38b68dcb-5a20-11e0-be8a-20cf30bf92b8} - G:\AutoRun.exe
MountPoints2: {38b68dd7-5a20-11e0-be8a-20cf30bf92b8} - K:\AutoRun.exe
MountPoints2: {410efac2-5b65-11e0-9a71-001e101f859f} - G:\AutoRun.exe
MountPoints2: {a0eb7129-e7b5-11e0-89c1-20cf30bf92b8} - J:\INSTALL.EXE
MountPoints2: {b0b35a42-42c1-11e0-8da2-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4241512 2012-03-07] (AVAST Software)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - G:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBDBC55C997D6CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6EB971CA-7AD8-4912-A40A-C1024A2CC0A9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6278C29C-68B5-4D63-87E1-9ACD421D1145}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C4239820-7EAD-455C-9D27-20A1B40F53E3}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C58C5C8D-1B8E-4548-8705-F5043E83C0AA}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___
CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___"
CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Extension: (Google Docs) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Search) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! WebRep) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0
CHR Extension: (Gmail) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [dcmagccbogebndpoodhhhafmofelpffh] - C:\Users\Flores\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx

==================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2012-03-07] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [x]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [69976 2012-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [53080 2012-03-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337240 2012-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59224 2012-03-07] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-03-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1154560 2009-05-19] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-25] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2010-05-11] (Huawei Technologies Co., Ltd.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-24] (GFI Software)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-05-11] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-03-04] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 12:21 - 2013-09-24 12:21 - 00286160 _____ C:\Windows\Minidump\092413-64568-01.dmp
2013-09-24 12:18 - 2013-09-24 12:18 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 12:07 - 2013-09-24 12:09 - 00000000 ____D C:\AdwCleaner
2013-09-24 10:49 - 2013-09-24 10:49 - 00000000 ____D C:\FRST
2013-09-24 10:42 - 2013-09-24 12:37 - 00000000 ____D C:\Users\Flores\Desktop\tools
2013-09-24 10:42 - 2013-09-24 10:42 - 00000000 _____ C:\Users\Flores\defogger_reenable
2013-09-24 09:59 - 2013-09-24 09:59 - 00004326 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\LavasoftStatistics
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-09-24 09:47 - 2013-09-24 12:32 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-24 09:47 - 2013-09-24 09:59 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\ProgramData\Lavasoft
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-24 09:44 - 2013-09-24 10:54 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Ad-Aware Antivirus
2013-09-24 09:44 - 2013-09-24 09:44 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-09-24 09:44 - 2013-09-24 09:44 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-24 09:43 - 2013-09-24 09:43 - 05616264 _____ (Lavasoft Limited) C:\Users\Flores\Desktop\Adaware_Installer.exe
2013-09-23 21:29 - 2013-09-23 21:29 - 00000053 _____ C:\Users\Flores\Desktop\google81f6ebbb071c6405.html
2013-09-23 19:18 - 2013-09-23 19:18 - 00537652 _____ C:\Users\Flores\.recently-used.xbel
2013-09-22 23:48 - 2013-09-22 23:48 - 01799927 _____ C:\Users\Flores\Desktop\vanessa.zip
2013-09-22 10:06 - 2013-09-22 10:06 - 00291296 _____ C:\Windows\Minidump\092213-69420-01.dmp
2013-09-21 15:27 - 2013-09-21 15:27 - 98547399 _____ C:\Windows\SysWOW64\醔쟫브“
2013-09-09 22:23 - 2013-09-09 22:23 - 00010514 _____ C:\Users\Flores\Desktop\want you back.ods
2013-09-05 13:22 - 2013-07-08 02:15 - 00000000 ____D C:\Users\Flores\Desktop\015_Evelin
2013-09-05 11:36 - 2013-09-05 11:58 - 177107930 _____ C:\Users\Flores\Desktop\015_Evelin.zip
2013-09-05 11:11 - 2013-09-05 11:25 - 00000000 ____D C:\Users\Flores\Desktop\Fetisch
2013-09-04 23:39 - 2013-09-04 23:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-09-04 19:54 - 2013-09-04 19:54 - 00000057 _____ C:\ProgramData\Ament.ini
2013-09-03 19:36 - 2013-09-03 21:05 - 00019626 _____ C:\Users\Flores\Desktop\mail to do sept.ods
2013-09-02 16:44 - 2013-09-17 11:30 - 00017713 _____ C:\Users\Flores\Desktop\abrechnung august.ods
2013-08-25 09:57 - 2013-08-25 11:59 - 00018561 _____ C:\Users\Flores\Desktop\mail to do sinti.ods

==================== One Month Modified Files and Folders =======

2013-09-24 12:37 - 2013-09-24 10:42 - 00000000 ____D C:\Users\Flores\Desktop\tools
2013-09-24 12:33 - 2012-07-25 18:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 12:32 - 2013-09-24 09:47 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-24 12:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-24 12:30 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 12:30 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 12:25 - 2011-03-04 19:29 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Skype
2013-09-24 12:21 - 2013-09-24 12:21 - 00286160 _____ C:\Windows\Minidump\092413-64568-01.dmp
2013-09-24 12:21 - 2011-03-30 19:04 - 00000000 ____D C:\Windows\Minidump
2013-09-24 12:21 - 2011-02-27 17:51 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-24 12:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 12:21 - 2009-07-14 06:51 - 00797136 _____ C:\Windows\setupact.log
2013-09-24 12:18 - 2013-09-24 12:18 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 12:18 - 2011-02-28 00:37 - 01576546 _____ C:\Windows\WindowsUpdate.log
2013-09-24 12:15 - 2013-03-28 14:26 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA.job
2013-09-24 12:09 - 2013-09-24 12:07 - 00000000 ____D C:\AdwCleaner
2013-09-24 12:09 - 2011-02-27 18:09 - 00000177 ____H C:\dvmexp.idx
2013-09-24 10:54 - 2013-09-24 09:44 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Ad-Aware Antivirus
2013-09-24 10:49 - 2013-09-24 10:49 - 00000000 ____D C:\FRST
2013-09-24 10:42 - 2013-09-24 10:42 - 00000000 _____ C:\Users\Flores\defogger_reenable
2013-09-24 10:42 - 2011-02-27 17:41 - 00000000 ____D C:\Users\Flores
2013-09-24 10:33 - 2011-02-27 20:43 - 00000000 ____D C:\Users\Flores\.gimp-2.6
2013-09-24 09:59 - 2013-09-24 09:59 - 00004326 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\LavasoftStatistics
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-09-24 09:59 - 2013-09-24 09:47 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\ProgramData\Lavasoft
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-24 09:44 - 2013-09-24 09:44 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-09-24 09:44 - 2013-09-24 09:44 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-24 09:43 - 2013-09-24 09:43 - 05616264 _____ (Lavasoft Limited) C:\Users\Flores\Desktop\Adaware_Installer.exe
2013-09-23 21:31 - 2013-07-16 16:23 - 00000000 ____D C:\Users\Flores\Desktop\zzz
2013-09-23 21:29 - 2013-09-23 21:29 - 00000053 _____ C:\Users\Flores\Desktop\google81f6ebbb071c6405.html
2013-09-23 19:18 - 2013-09-23 19:18 - 00537652 _____ C:\Users\Flores\.recently-used.xbel
2013-09-23 19:18 - 2011-02-27 20:45 - 00000000 ____D C:\Users\Flores\AppData\Roaming\gtk-2.0
2013-09-23 19:15 - 2013-03-28 14:26 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core.job
2013-09-22 23:48 - 2013-09-22 23:48 - 01799927 _____ C:\Users\Flores\Desktop\vanessa.zip
2013-09-22 10:06 - 2013-09-22 10:06 - 00291296 _____ C:\Windows\Minidump\092213-69420-01.dmp
2013-09-21 15:33 - 2012-07-25 18:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-21 15:33 - 2012-07-25 18:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-21 15:33 - 2011-05-17 09:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-21 15:27 - 2013-09-21 15:27 - 98547399 _____ C:\Windows\SysWOW64\醔쟫브“
2013-09-17 11:30 - 2013-09-02 16:44 - 00017713 _____ C:\Users\Flores\Desktop\abrechnung august.ods
2013-09-15 19:56 - 2012-10-04 22:29 - 00000000 ____D C:\Users\Flores\Desktop\abrechnungen
2013-09-09 22:23 - 2013-09-09 22:23 - 00010514 _____ C:\Users\Flores\Desktop\want you back.ods
2013-09-08 15:04 - 2011-02-28 00:21 - 00000000 ____D C:\Users\Flores\Desktop\chatarbeit
2013-09-05 11:58 - 2013-09-05 11:36 - 177107930 _____ C:\Users\Flores\Desktop\015_Evelin.zip
2013-09-05 11:25 - 2013-09-05 11:11 - 00000000 ____D C:\Users\Flores\Desktop\Fetisch
2013-09-05 10:04 - 2011-02-27 21:17 - 06577148 _____ C:\Windows\PFRO.log
2013-09-04 23:41 - 2013-09-04 23:39 - 00000000 ____D C:\Windows\system32\MRT
2013-09-04 23:41 - 2011-02-27 20:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-04 23:39 - 2011-03-20 22:49 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-09-04 19:58 - 2011-02-27 20:07 - 00000000 ____D C:\ProgramData\HP
2013-09-04 19:54 - 2013-09-04 19:54 - 00000057 _____ C:\ProgramData\Ament.ini
2013-09-04 15:18 - 2013-05-07 14:44 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-04 15:18 - 2013-03-29 00:24 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-04 15:18 - 2013-03-29 00:24 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-03 21:05 - 2013-09-03 19:36 - 00019626 _____ C:\Users\Flores\Desktop\mail to do sept.ods
2013-09-02 11:36 - 2012-02-23 18:45 - 00000000 ____D C:\Users\Flores\AppData\Roaming\HpUpdate
2013-08-30 00:15 - 2011-08-14 21:17 - 00000000 ____D C:\Users\Flores\Desktop\fotosprivat
2013-08-25 11:59 - 2013-08-25 09:57 - 00018561 _____ C:\Users\Flores\Desktop\mail to do sinti.ods

Files to move or delete:
====================
C:\ProgramData\0tbpw.pad


Some content of TEMP:
====================
C:\Users\Flores\AppData\Local\Temp\724f194c-de08-40e2-a117-7ed33aa47352.exe
C:\Users\Flores\AppData\Local\Temp\7cba4d50-919d-4164-a0cf-25af4d2b6993.exe
C:\Users\Flores\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 11:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---
__________________

Alt 24.09.2013, 11:56   #4
Aneri
/// Malwareteam
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden



1. Etwas zum lesen:

Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.


Mehrere Anti-Virus-Programme

Code:
ATTFilter
avast!
Avira
McAfee Security Scan
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Zitat:
Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."
Schritt 2:

Deinstalliere folgende Programme:

Code:
ATTFilter
avira free antivirus
Spybot - Search & Destroy (veraltet)
         
Schritt 3:

poste bitte ein neues FRST Logfile und eine neue Adittions.txt; setze dazu nach dem Start von FRST bei addittions.txt den haken und drücke SCAN


Schritt 4:

Tritt das Problem mit Conduit noch auf? Verhällt sich der Rechner anderweitig auffällig?
__________________
Gruß Aneri
Mitglied von UNITE

Lob oder Kritik? hier wirst du es los

Alt 24.09.2013, 16:54   #5
mmmari
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden



So, erst einmal muss ich mich für den super Support bedanken!
Ich habe mich für avast! entschieden und alles andere deinstalliert.
Das Problem mit Conduit tritt nicht mehr auf, auch ansonsten bemerke ich keine Probleme.
Falls es jetzt alles gut sein sollte, super!
Vielleicht hast du ja auch noch den ein oder anderen Rat wie ich meinen PC noch besser schützen könnte, ich würde mich von mir aus erstmal an euren Leitfaden http://www.trojaner-board.de/96344-a...-rechners.html halten.

Nochmals vielen vielen Dank für die kompetente Hilfe.

LG Mari

PS: Hier noch die Logs vom FSRT:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by Flores (administrator) on WINDOWSPC on 24-09-2013 17:44:39
Running from C:\Users\Flores\Desktop\tools
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Windows\DAODx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) G:\mausscheisse\SetPoint\SetPoint.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() G:\mausscheisse\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-28] (Google Inc.)
HKCU\...\Runonce: [adawarebp] - reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
HKCU\...\Runonce: [adawarebp_XP] - reg.exe delete "HKCU\Software\adawarebp" /f
HKCU\...\Runonce: [adawarebp_DATA_FOLDER] - cmd.exe /c rmdir "C:\ProgramData\Ad-Aware Browsing Protection" /s /q
HKCU\...\Runonce: [adawarebp_INSTALL_FOLDER] - cmd.exe /c rmdir "C:\Users\Flores\AppData\Local\adawarebp" /s /q
MountPoints2: {38b68dbb-5a20-11e0-be8a-20cf30bf92b8} - G:\AutoRun.exe
MountPoints2: {38b68dcb-5a20-11e0-be8a-20cf30bf92b8} - G:\AutoRun.exe
MountPoints2: {38b68dd7-5a20-11e0-be8a-20cf30bf92b8} - K:\AutoRun.exe
MountPoints2: {410efac2-5b65-11e0-9a71-001e101f859f} - G:\AutoRun.exe
MountPoints2: {a0eb7129-e7b5-11e0-89c1-20cf30bf92b8} - J:\INSTALL.EXE
MountPoints2: {b0b35a42-42c1-11e0-8da2-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4241512 2012-03-07] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - G:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBDBC55C997D6CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6EB971CA-7AD8-4912-A40A-C1024A2CC0A9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6278C29C-68B5-4D63-87E1-9ACD421D1145}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C4239820-7EAD-455C-9D27-20A1B40F53E3}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C58C5C8D-1B8E-4548-8705-F5043E83C0AA}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Flores\AppData\Roaming\Mozilla\Firefox\Profiles\tmhqzx0t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___
CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=___userid___"
CHR DefaultSearchURL: (SecureSearch) - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultSuggestURL: (SecureSearch) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Flores\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Extension: (Google Docs) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Search) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! WebRep) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0
CHR Extension: (Gmail) - C:\Users\Flores\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [dcmagccbogebndpoodhhhafmofelpffh] - C:\Users\Flores\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx

==================== Services (Whitelisted) =================

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2012-03-07] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [x]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [69976 2012-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [53080 2012-03-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337240 2012-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59224 2012-03-07] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-03-04] ()
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1154560 2009-05-19] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-25] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2010-05-11] (Huawei Technologies Co., Ltd.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-24] (GFI Software)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-05-11] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-03-04] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 17:32 - 2013-09-24 17:32 - 00000000 ____D C:\Users\Flores\AppData\Local\adawarebp
2013-09-24 13:38 - 2013-09-24 13:38 - 00500593 _____ C:\Users\Flores\.recently-used.xbel
2013-09-24 12:21 - 2013-09-24 12:21 - 00286160 _____ C:\Windows\Minidump\092413-64568-01.dmp
2013-09-24 12:18 - 2013-09-24 12:18 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 12:07 - 2013-09-24 12:09 - 00000000 ____D C:\AdwCleaner
2013-09-24 10:49 - 2013-09-24 10:49 - 00000000 ____D C:\FRST
2013-09-24 10:42 - 2013-09-24 17:44 - 00000000 ____D C:\Users\Flores\Desktop\tools
2013-09-24 10:42 - 2013-09-24 10:42 - 00000000 _____ C:\Users\Flores\defogger_reenable
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\LavasoftStatistics
2013-09-24 09:47 - 2013-09-24 17:32 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-24 09:44 - 2013-09-24 09:44 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-24 09:43 - 2013-09-24 09:43 - 05616264 _____ (Lavasoft Limited) C:\Users\Flores\Desktop\Adaware_Installer.exe
2013-09-23 21:29 - 2013-09-23 21:29 - 00000053 _____ C:\Users\Flores\Desktop\google81f6ebbb071c6405.html
2013-09-22 23:48 - 2013-09-22 23:48 - 01799927 _____ C:\Users\Flores\Desktop\vanessa.zip
2013-09-22 10:06 - 2013-09-22 10:06 - 00291296 _____ C:\Windows\Minidump\092213-69420-01.dmp
2013-09-21 15:27 - 2013-09-21 15:27 - 98547399 _____ C:\Windows\SysWOW64\醔쟫브“
2013-09-09 22:23 - 2013-09-09 22:23 - 00010514 _____ C:\Users\Flores\Desktop\want you back.ods
2013-09-05 13:22 - 2013-07-08 02:15 - 00000000 ____D C:\Users\Flores\Desktop\015_Evelin
2013-09-05 11:36 - 2013-09-05 11:58 - 177107930 _____ C:\Users\Flores\Desktop\015_Evelin.zip
2013-09-05 11:11 - 2013-09-05 11:25 - 00000000 ____D C:\Users\Flores\Desktop\Fetisch
2013-09-04 23:39 - 2013-09-04 23:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-09-04 19:54 - 2013-09-04 19:54 - 00000057 _____ C:\ProgramData\Ament.ini
2013-09-03 19:36 - 2013-09-03 21:05 - 00019626 _____ C:\Users\Flores\Desktop\mail to do sept.ods
2013-09-02 16:44 - 2013-09-17 11:30 - 00017713 _____ C:\Users\Flores\Desktop\abrechnung august.ods
2013-08-25 09:57 - 2013-08-25 11:59 - 00018561 _____ C:\Users\Flores\Desktop\mail to do sinti.ods

==================== One Month Modified Files and Folders =======

2013-09-24 17:44 - 2013-09-24 10:42 - 00000000 ____D C:\Users\Flores\Desktop\tools
2013-09-24 17:39 - 2011-02-28 00:37 - 01603356 _____ C:\Windows\WindowsUpdate.log
2013-09-24 17:39 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 17:39 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 17:33 - 2012-07-25 18:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 17:33 - 2011-03-04 19:29 - 00000000 ____D C:\Users\Flores\AppData\Roaming\Skype
2013-09-24 17:32 - 2013-09-24 17:32 - 00000000 ____D C:\Users\Flores\AppData\Local\adawarebp
2013-09-24 17:32 - 2013-09-24 09:47 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-24 17:30 - 2011-02-27 21:17 - 06577958 _____ C:\Windows\PFRO.log
2013-09-24 17:30 - 2011-02-27 17:51 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-24 17:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 17:30 - 2009-07-14 06:51 - 00797528 _____ C:\Windows\setupact.log
2013-09-24 17:15 - 2013-03-28 14:26 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA.job
2013-09-24 13:38 - 2013-09-24 13:38 - 00500593 _____ C:\Users\Flores\.recently-used.xbel
2013-09-24 13:38 - 2011-02-27 20:45 - 00000000 ____D C:\Users\Flores\AppData\Roaming\gtk-2.0
2013-09-24 13:38 - 2011-02-27 20:43 - 00000000 ____D C:\Users\Flores\.gimp-2.6
2013-09-24 13:38 - 2011-02-27 17:41 - 00000000 ____D C:\Users\Flores
2013-09-24 12:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-24 12:21 - 2013-09-24 12:21 - 00286160 _____ C:\Windows\Minidump\092413-64568-01.dmp
2013-09-24 12:21 - 2011-03-30 19:04 - 00000000 ____D C:\Windows\Minidump
2013-09-24 12:18 - 2013-09-24 12:18 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 12:09 - 2013-09-24 12:07 - 00000000 ____D C:\AdwCleaner
2013-09-24 12:09 - 2011-02-27 18:09 - 00000177 ____H C:\dvmexp.idx
2013-09-24 10:49 - 2013-09-24 10:49 - 00000000 ____D C:\FRST
2013-09-24 10:42 - 2013-09-24 10:42 - 00000000 _____ C:\Users\Flores\defogger_reenable
2013-09-24 09:59 - 2013-09-24 09:59 - 00000000 ____D C:\Users\Flores\AppData\Roaming\LavasoftStatistics
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-24 09:44 - 2013-09-24 09:44 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-24 09:43 - 2013-09-24 09:43 - 05616264 _____ (Lavasoft Limited) C:\Users\Flores\Desktop\Adaware_Installer.exe
2013-09-23 21:31 - 2013-07-16 16:23 - 00000000 ____D C:\Users\Flores\Desktop\zzz
2013-09-23 21:29 - 2013-09-23 21:29 - 00000053 _____ C:\Users\Flores\Desktop\google81f6ebbb071c6405.html
2013-09-23 19:15 - 2013-03-28 14:26 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core.job
2013-09-22 23:48 - 2013-09-22 23:48 - 01799927 _____ C:\Users\Flores\Desktop\vanessa.zip
2013-09-22 10:06 - 2013-09-22 10:06 - 00291296 _____ C:\Windows\Minidump\092213-69420-01.dmp
2013-09-21 15:33 - 2012-07-25 18:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-21 15:33 - 2012-07-25 18:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-21 15:33 - 2011-05-17 09:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-21 15:27 - 2013-09-21 15:27 - 98547399 _____ C:\Windows\SysWOW64\醔쟫브“
2013-09-17 11:30 - 2013-09-02 16:44 - 00017713 _____ C:\Users\Flores\Desktop\abrechnung august.ods
2013-09-15 19:56 - 2012-10-04 22:29 - 00000000 ____D C:\Users\Flores\Desktop\abrechnungen
2013-09-09 22:23 - 2013-09-09 22:23 - 00010514 _____ C:\Users\Flores\Desktop\want you back.ods
2013-09-08 15:04 - 2011-02-28 00:21 - 00000000 ____D C:\Users\Flores\Desktop\chatarbeit
2013-09-05 11:58 - 2013-09-05 11:36 - 177107930 _____ C:\Users\Flores\Desktop\015_Evelin.zip
2013-09-05 11:25 - 2013-09-05 11:11 - 00000000 ____D C:\Users\Flores\Desktop\Fetisch
2013-09-04 23:41 - 2013-09-04 23:39 - 00000000 ____D C:\Windows\system32\MRT
2013-09-04 23:41 - 2011-02-27 20:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-04 23:39 - 2011-03-20 22:49 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-04 23:37 - 2013-09-04 23:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-09-04 19:58 - 2011-02-27 20:07 - 00000000 ____D C:\ProgramData\HP
2013-09-04 19:54 - 2013-09-04 19:54 - 00000057 _____ C:\ProgramData\Ament.ini
2013-09-03 21:05 - 2013-09-03 19:36 - 00019626 _____ C:\Users\Flores\Desktop\mail to do sept.ods
2013-09-02 11:36 - 2012-02-23 18:45 - 00000000 ____D C:\Users\Flores\AppData\Roaming\HpUpdate
2013-08-30 00:15 - 2011-08-14 21:17 - 00000000 ____D C:\Users\Flores\Desktop\fotosprivat
2013-08-25 11:59 - 2013-08-25 09:57 - 00018561 _____ C:\Users\Flores\Desktop\mail to do sinti.ods

Files to move or delete:
====================
C:\ProgramData\0tbpw.pad


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 11:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013
Ran by Flores at 2013-09-24 17:45:32
Running from C:\Users\Flores\Desktop\tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
AI Suite (x32 Version: 1.06.20)
AllDup 3.4.12 (x32 Version: 3.4.12)
AMD OverDrive (x32 Version: 3.2.2.0452)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
ASUSUpdate (x32 Version: 7.18.03)
Audials (x32 Version: 8.0.54300.0)
Audials TV (x32 Version: 1.3.10803.300)
AudibleManager (x32 Version: 2001481840.48.56.6425834)
avast! Free Antivirus (x32 Version: 7.0.1426.0)
BufferChm (x32 Version: 130.0.331.000)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MP Navigator EX 4.0 (x32)
Canon Solution Menu EX (x32)
CanoScan LiDE 110 Scanner Driver
CDDRV_Installer (Version: 4.60)
C-Media PCI Audio Device
D1300 (x32 Version: 130.0.365.000)
D1300_Help (x32 Version: 82.0.233.000)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.41.3.0173)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DeviceDiscovery (x32 Version: 130.0.465.000)
Diablo III (x32 Version: 1.0.7.14633)
ElsterFormular (x32 Version: 14.1.11318)
ElsterFormular-Upgrade (x32 Version: 14.3.11574)
EPU (x32 Version: 1.02.20)
erLT (x32 Version: 1.20.0137)
Flatrate Player (x32)
Free Video Flip and Rotate version 2.0.8.706 (x32 Version: 2.0.8.706)
GIMP 2.6.8
GoldWave v5.58 (x32)
Google Chrome (HKCU Version: 29.0.1547.76)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet & Photosmart Printer Driver Software 13.0 Rel. A (Version: 13.0)
HP Deskjet 3000 J310 series - Grundlegende Software für das Gerät (Version: 22.0.334.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo Creations (x32 Version: 1.0.0.3341)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Update (x32 Version: 5.002.005.003)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPSSupply (x32 Version: 130.0.371.000)
ImageMagick 6.8.5-3 Q16 (32-bit) (2013-05-01) (x32 Version: 6.8.5)
ImgBurn (x32 Version: 2.5.6.0)
Java 7 Update 11 (x32 Version: 7.0.110)
Java Auto Updater (x32 Version: 2.1.9.0)
JMicron JMB36X Driver (x32 Version: 1.00.0000)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 2.00.0000)
Lexware buchhalter 2011 (x32 Version: 16.22.00.0155)
Lexware Elster (x32 Version: 9.10.00.0041)
Logitech SetPoint (x32 Version: 4.80)
MarketResearch (x32 Version: 130.0.374.000)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)
Microsoft Search Enhancement Pack (x32 Version: 3.0.126.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Mobile Partner (x32 Version: 16.002.03.02.705)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Napster Download Manager (HKCU Version: 1.0.0.105)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.11.1111)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Origin (x32 Version: 9.1.10.2728)
PC Probe II (x32 Version: 1.04.86)
PDFCreator (x32 Version: 1.2.0)
Photo Stamp Remover 5.1 (x32 Version: 5.1)
QuickTime (x32 Version: 7.74.80.86)
RCT3 Soaked (x32 Version: 1.00.000)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.21.531.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6037)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0)
RollerCoaster Tycoon 3 (x32 Version: 1.00.000)
SF_CDA_ProductContext (x32 Version: 130.0.365.000)
SF_CDA_Software (x32 Version: 130.0.396.000)
Shop for HP Supplies (Version: 13.0)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.6 (x32 Version: 6.6.106)
SmartWebPrinting (x32 Version: 130.0.457.000)
Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0)
Status (x32 Version: 130.0.469.000)
Steam (x32 Version: 1.0.0.0)
Studie zur Verbesserung von HP Deskjet 3000 J310 series Produkten (Version: 22.0.334.0)
System Requirements Lab (x32)
TeamSpeak 3 Client (x32 Version: 3.0.8)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
Trillian (x32)
TurboV EVO (x32 Version: 1.02.32)
UnloadSupport (x32 Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Vuze (x32 Version: 4.7)
WebReg (x32 Version: 130.0.132.017)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0)
World of Warcraft (x32 Version: 5.3.0.17128)

==================== Restore Points  =========================

24-09-2013 15:35:22 Removed Ad-Aware Antivirus.

==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-09-03 00:42 - 00437269 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {1B712A91-B742-4886-A45A-CE91A8640BB6} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {20C39E93-7527-4706-9763-567C1C1DC56B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {3179F163-FE8C-49B2-B857-8216FF2DD4C0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3217E8AC-BEF3-4365-9A23-4D2A22AE2031} - System32\Tasks\HPCustParticipation HP Deskjet 3000 J310 series => C:\Program Files\HP\HP Deskjet 3000 J310 series\Bin\HPCustPartic.exe
Task: {3A981153-E95F-4DED-BE15-DF77B903BD3E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {55B2203A-F840-46B1-BEC3-190E459EF9DE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5D076674-443F-437E-A3AE-1D7E1D122CB5} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.05\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {740C714D-E2D2-4D17-97D8-6B025FE1E6F1} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {9275AFD1-FE64-4A91-A848-01F520537E44} - System32\Tasks\{CA5D7B44-FDA6-4C21-955E-B2FB1E3B8EFD} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {96363FD6-BE88-4A6A-A1C8-8D754A5AD4C9} - System32\Tasks\{30D933E0-2F8C-4FA5-B965-113B2F0D709E} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {9D6674EC-2C20-4245-9408-554E763BD0BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21] (Adobe Systems Incorporated)
Task: {A18576BC-DE5B-4B67-92A0-2E0A782C14AD} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {A658B115-7F1D-4262-8D90-E6DCFD7E7221} - System32\Tasks\Google Updater and Installer => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {B388D6FC-6BAB-469C-91B3-A7A1BC12B3CB} - System32\Tasks\{5F4609D4-FE2F-4FEB-94FB-AB13871FBB24} => F:\Autorun.exe
Task: {C1C47A0A-D86E-4B44-B7D4-3CAC6117083D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {C4874D9D-0CDE-4EF9-8ED6-167ACF72E524} - System32\Tasks\{A21C703B-B1FE-4BE9-AFA5-24644F86F2AA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000Core.job => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2760105893-1207353389-577432222-1000UA.job => C:\Users\Flores\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-18 20:36 - 2009-07-20 13:37 - 00056848 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\lgscroll.dll
2012-01-18 20:36 - 2009-07-20 13:33 - 00055824 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\GameHook.dll
2011-02-27 17:49 - 2013-02-26 00:32 - 15053264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2012-01-18 20:36 - 2009-07-20 13:35 - 00096272 _____ (Logitech, Inc.) C:\Windows\system32\KemXML.dll
2012-01-18 20:36 - 2009-07-20 13:34 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\kemutb.dll
2012-01-18 20:36 - 2009-07-20 13:34 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\KemUtil.dll
2012-01-18 20:36 - 2009-07-20 13:34 - 00159248 _____ (Logitech, Inc.) C:\Windows\system32\KemWnd.dll
2012-01-18 20:36 - 2009-07-20 13:39 - 00039952 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\SetPointCOM.dll
2012-01-18 20:36 - 2009-07-20 13:35 - 00018960 _____ () G:\mausscheisse\SetPoint\khalwrapper.dll
2012-01-18 20:36 - 2009-07-20 13:40 - 01596944 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\Macros\MacroCore.dll
2012-01-18 20:36 - 2009-07-20 13:33 - 00019472 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\IMHook.dll
2012-01-18 20:36 - 2009-07-20 13:39 - 00363536 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\WebBrowserSupport.dll
2012-01-18 20:36 - 2009-07-20 13:40 - 00207888 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\Macros\MacroAppSwitch.dll
2012-01-18 20:36 - 2009-07-20 13:35 - 00104464 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\kgame.dll
2012-01-18 20:36 - 2009-07-20 13:36 - 00189968 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\LCabHandler.dll
2012-06-11 13:48 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-03-17 10:27 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2013-03-17 10:27 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll
2009-07-14 01:24 - 2009-07-14 03:11 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00310784 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll
2013-01-17 01:18 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2012-06-11 13:46 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2009-07-14 02:20 - 2009-07-14 03:14 - 00640000 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2009-07-14 01:11 - 2009-07-14 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2009-07-14 01:12 - 2009-07-14 03:11 - 00662528 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-10-20 15:27 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll
2009-07-14 01:12 - 2009-07-14 03:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll
2012-10-20 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2009-07-14 01:39 - 2009-07-14 03:16 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2011-02-28 09:46 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\syswow64\OLE32.DLL
2011-12-23 00:22 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.DLL
2009-07-14 01:28 - 2009-07-14 03:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2009-07-14 01:16 - 2009-07-14 03:16 - 01668608 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-07-14 13:51 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll
2011-07-14 13:51 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll
2011-02-27 18:06 - 2010-02-08 18:19 - 00053248 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
2011-02-27 18:06 - 2010-06-01 11:38 - 00253952 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
2011-02-28 09:46 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2012-06-11 14:34 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll
2011-12-23 00:22 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2009-07-14 01:34 - 2009-07-14 03:16 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\USERENV.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2009-07-14 02:18 - 2009-07-14 03:14 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSPOOL.DRV
2009-07-14 01:55 - 2009-07-14 03:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPR.dll
2013-03-17 10:27 - 2013-01-04 06:43 - 00044032 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcWow64.DLL
2009-07-14 01:41 - 2009-07-14 03:16 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VERSION.dll
2011-12-30 17:26 - 2009-05-11 03:57 - 08126464 ____R (C-Media Corporation) C:\Windows\Syswow64\CMICNFG3.dll
2009-07-14 02:03 - 2009-07-14 03:16 - 00194048 _____ (Microsoft Corporation) C:\Windows\Syswow64\WINMM.dll
2009-07-14 01:39 - 2009-07-14 03:15 - 00486912 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll
2009-07-14 01:24 - 2009-07-14 03:15 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2012-10-20 15:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll
2012-10-20 15:28 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll
2011-02-28 09:43 - 2009-08-29 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll
2009-07-14 02:03 - 2009-07-14 03:15 - 00453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2009-07-14 01:16 - 2009-07-14 03:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POWRPROF.dll
2009-07-14 01:44 - 2009-07-14 03:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2009-07-14 02:03 - 2009-07-14 03:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOSES.DLL
2012-01-18 20:36 - 2009-07-20 05:00 - 00038912 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\lgscroll.dll
2009-07-14 01:34 - 2009-07-14 03:16 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntmarta.dll
2009-07-14 01:38 - 2009-07-14 03:16 - 00268800 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00057344 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\GameHook.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 47033808 _____ (Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\chrome.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2013-09-20 09:17 - 2013-09-17 05:20 - 09962960 _____ (The ICU Project) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\icudt.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00206336 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2009-07-14 01:33 - 2009-07-14 03:17 - 00249680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2013-04-12 22:33 - 2013-02-22 05:47 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-04-12 22:33 - 2013-02-22 05:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2009-07-14 02:20 - 2009-07-14 03:14 - 00309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2009-07-14 02:03 - 2009-07-14 03:15 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2010-04-27 03:33 - 2010-04-27 03:33 - 00096904 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2011-02-27 18:07 - 2009-04-22 21:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL
2012-10-20 15:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.DLL
2012-10-20 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.DLL
2011-02-27 18:07 - 2010-01-08 18:17 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU\pngio.dll
2011-02-27 18:07 - 2010-01-08 18:17 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll
2009-07-14 01:39 - 2009-07-14 03:15 - 00486912 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2013-04-12 22:33 - 2013-02-22 05:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2009-07-14 01:15 - 2009-07-14 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\Normaliz.dll
2013-04-12 22:33 - 2013-02-22 05:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00010752 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\IMHook.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00013824 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\AdobeHookDll.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00014336 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\AOLHookDll.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00069632 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\MessengerHook.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00012288 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\HookDll.dll
2012-01-18 20:36 - 2009-07-20 05:00 - 00027648 _____ (Logitech, Inc.) G:\mausscheisse\SetPoint\x86\KEMHook.dll
2009-07-14 01:16 - 2009-07-14 03:16 - 01668608 _____ (Microsoft Corporation) C:\Windows\syswow64\setupapi.dll
2013-09-20 09:17 - 2013-09-17 03:23 - 03231688 _____ (Microsoft Corporation) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\D3DCompiler_46.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 00709584 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 00099792 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-07-15 23:09 - 2013-07-15 23:09 - 00318864 _____ (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
2013-09-20 09:17 - 2013-09-17 05:21 - 04053456 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-20 09:17 - 2013-09-17 05:21 - 00410576 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 02110928 _____ (Google Inc.) C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\libpeerconnection.dll
2013-09-20 09:17 - 2013-09-17 05:20 - 01604560 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-20 09:18 - 2013-09-17 05:21 - 13611984 _____ () C:\Users\Flores\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2013 05:41:34 PM) (Source: MsiInstaller) (User: WINDOWSPC)
Description: Product: Ad-Aware Antivirus -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.


System errors:
=============
Error: (09/24/2013 05:41:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/24/2013 05:41:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 05:41:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuchanbieter-Host" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 05:41:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 05:41:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 05:34:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (09/24/2013 05:33:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/24/2013 05:33:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/24/2013 05:31:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/24/2013 05:31:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (11/02/2011 10:56:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 111 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 12286.18 MB
Available physical RAM: 10047.57 MB
Total Pagefile: 24570.5 MB
Available Pagefile: 22184.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:105.11 GB) (Free:1.33 GB) NTFS
Drive d: () (Fixed) (Total:149 GB) (Free:48.96 GB) NTFS
Drive f: (COSMOPOLITAN) (CDROM) (Total:4.19 GB) (Free:0 GB) UDF
Drive g: (Volume) (Fixed) (Total:781.25 GB) (Free:658.19 GB) NTFS
Drive h: (Volume) (Fixed) (Total:488.28 GB) (Free:350.75 GB) NTFS
Drive i: (Volume) (Fixed) (Total:488.28 GB) (Free:228.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C9A48BB1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=977 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 149 GB) (Disk ID: AFCBAFCB)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 149 GB) (Disk ID: 0009EA20)
Partition 1: (Not Active) - (Size=93 MB) - (Type=83)
Partition 2: (Not Active) - (Size=977 MB) - (Type=82)
Partition 3: (Not Active) - (Size=55 GB) - (Type=83)
Partition 4: (Not Active) - (Size=93 GB) - (Type=83)

==================== End Of Log ============================
         


Alt 25.09.2013, 14:16   #6
Aneri
/// Malwareteam
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden



Hi wir sind noch nicht durch Absicherung kommt später

Schritt 1:
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Schritt 2:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Schritt 3:

poste bitte ein neues FRST Logfile
__________________
--> Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden

Alt 28.09.2013, 12:55   #7
Aneri
/// Malwareteam
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden




ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.

Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen.
__________________
Gruß Aneri
Mitglied von UNITE

Lob oder Kritik? hier wirst du es los

Alt 29.09.2013, 20:49   #8
Aneri
/// Malwareteam
 
Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Standard

Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________
Gruß Aneri
Mitglied von UNITE

Lob oder Kritik? hier wirst du es los

Antwort

Themen zu Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden
.dll, 64bit, anleitung, appdatalow, browser, community, farbar, farbar recovery scan tool, fehlen, fehlercode 1, files, firefox, forum, fund, helfer, heute, hoffe, logfiles, minidump, msiinstaller, newtab, nicht installiert, poste, program, safer networking, scan, schnell, spybot, suche, troja, win, windows, windows 7, windowspc, zusammen



Ähnliche Themen: Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden


  1. RunDLL Problem beim Starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden. (Windows 7)
    Log-Analyse und Auswertung - 30.01.2015 (7)
  2. C:\Program Files (x86)\Secunia\PSI\psi.exe konnte nicht gefunden werden
    Alles rund um Windows - 09.07.2014 (7)
  3. Trojan.FakeAlert in C:\Program Files (x86)\OpenOffice 4 \program\calc.dll
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (5)
  4. Win 7, win32.downloader.gen schon wieder gefunden durch Spybot
    Log-Analyse und Auswertung - 12.03.2014 (7)
  5. RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 11.03.2014 (13)
  6. Community Alerts + Babylon + Deltatoolbar entfernen
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (9)
  7. win32.downloader.gen trotz angeblicher Beseitigung durch spybot sofort wieder da
    Log-Analyse und Auswertung - 03.02.2014 (2)
  8. "Probleme beim Starten von C:/Program files/ Home Tab/TBUpdater.dll ist keine zulässige Win32-Anwe
    Log-Analyse und Auswertung - 21.10.2013 (6)
  9. RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 01.10.2013 (9)
  10. Win32.Downloader.gen & Montera.Toolbar mit Spybot gefunden
    Log-Analyse und Auswertung - 14.09.2013 (5)
  11. Win 7 - Win32.downloader.gen - PUP.Optional.Conduit.A - Befall
    Log-Analyse und Auswertung - 13.09.2013 (7)
  12. Problem mit dem Modul C:\Program Files\HomeTab\TBUpdater.dll wurde nicht gefunden ...
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (9)
  13. Win32.Downloader.gen und Conduit Search: Internet Explorer funktioniert nicht
    Log-Analyse und Auswertung - 11.07.2013 (33)
  14. Win32.Downloader.gen in Spybot
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (7)
  15. Ad-Aware erkennt: Win32.Trojan.Agent / c:\program files (x86)\avira\antivir desktop\failsafe\aeexp.dll
    Plagegeister aller Art und deren Bekämpfung - 21.10.2012 (6)
  16. Trj/CI.A Fund durch Panda-ActiveScan auf c:\program files (x86)\installshield installation informati
    Log-Analyse und Auswertung - 29.01.2012 (31)
  17. Trojan-Downloader.Win32.Agent Variant sowie Zlob.DNSChanger files gefunden
    Plagegeister aller Art und deren Bekämpfung - 29.09.2008 (9)

Zum Thema Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden - Hallo an die Helfer des Trojaner-Boards, nachdem heute Vormittag mein Browser (Firefox) immer wieder abstürzte, habe ich einen Scan mit dem Spybot durchgeführt. Der Fund ist: Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community - Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden...
Archiv
Du betrachtest: Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.