| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nation Zoom VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.12.2013, 18:07
| #1 |
| |  Nation Zoom Virus Hallo, wie viele andere, ist auch mein Notebook mit dem Nation Zoom Virus infiziert. Ich benutze den Internet Explorer und habe es bereits geschafft, das Nation Zoom nicht mehr als Startseite angezeigt wird, indem ich auf mit Rechtsklick auf den IE Symbol --> Eigentschaften, den Zielpfad geändert habe. Dort habe ich hinter dem normalen Zielpfad ( "C:\Program Files\Internet Explorer\iexplore.exe" ) einen Zusatz von Nation Zoom entfernt. Soweit so gut, allerdings versteckt sich der Virus ja dennoch irgendwo. Danach bin ich auf dieses Forum gestoßen und bin die Schritte von "schrauber" aus folgendem Thread durchgegangen: Nation Zoom Entfernen Sprich: - Zuerst ein FRST Log erstellt - Malwarebytes Anti-Malware durchlaufen lassen - Adw Cleaner durchlaufen lassen - Junkware Removal Tool durchlaufen lassen - Danach wieder ein FRST Log erstellt Da auf meinem Notebook viele Vertrauliche und vorallem auch Berufliche Daten gespeichert sind und auch aufgrund aktueller Ereignisse (NSA Skandal ect.) bin ich etwas Vorsichtiger im Umgang mit meinen Daten geworden. Bitte nehmt mir daher die Frage nicht übel ob Ihr mir auch ohne das Hochladen der Dateien helfen könnt? Schonmal im Vorraus vielen Dank  Mit freundlichen Grüßen Stefan Pittruff |
|
09.12.2013, 19:06
| #2 |
| /// the machine /// TB-Ausbilder    | Nation Zoom Virus Hi,
__________________nehm ich dir nicht übel, können wir aber nicht. Mene Glaskugel is grad zur Reparatur 
__________________ |
|
10.12.2013, 19:00
| #3 |
| | Nation Zoom Virus Hi,
__________________Habe ich mir im Grunde auch schon gedacht So dann hier mal die Log-files: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-12-2013 03
Ran by Ingo (administrator) on PITTRUFF on 09-12-2013 15:40:47
Running from C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KOENQMB
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
() C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PDF Complete Inc) C:\Programme\PDF Complete\pdfsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\SAgent4.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ip-spanntechnik.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065&q={searchTerms}
URLSearchHook: HKLM - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKLM - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
URLSearchHook: HKLM - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
BHO: No Name - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
BHO: No Name - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Ingo\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} - No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default
FF NetworkProxy: "type", 0
FF Homepage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=hp&fr=linkury-tb&installDate=&type=hp1000
FF SelectedSearchEngine: Web Search
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\searchplugins\Web Search.xml
FF Extension: Plus-HD-4.9 - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com
FF Extension: Speed Test Analysis - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\speedtestanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\staged
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Shiny Profile - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF Extension: em:name="Free YouTube Download (Free Studio) Menu" - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF Extension: Babylon - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c998d1a847b082; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-27] (Google Inc.)
R3 hpqcxs08; C:\Program Files\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [299008 2002-02-14] (Lexmark International, Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 pdfcDispatcher; C:\Programme\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 StatusAgent4; C:\Windows\system32\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AfwCore; C:\Windows\system32\Drivers\AfwCore.sys [263192 2008-11-11] (Agnitum Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2010-12-09] (Broadcom Corporation.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 OlyUsbCam; system32\DRIVERS\OlyUsbCam.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 16:41 - 2013-12-03 15:25 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-08 16:41 - 2013-12-03 15:25 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:44 - 2013-12-08 22:09 - 00000000 ____D C:\ProgramData\Conduit
2013-12-04 09:44 - 2013-12-04 09:45 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:44 - 2013-12-04 09:44 - 00000000 ___DC C:\SearchProtect
2013-12-04 09:43 - 2013-12-08 19:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-04 09:42 - 2013-12-04 09:44 - 00000009 ____C C:\END
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-03 18:55 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-03 18:20 - 2013-12-04 07:21 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 17:27 - 2013-12-03 18:14 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:17 - 2013-12-03 17:26 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 17:07 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 16:29 - 2013-12-03 16:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\IAC
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-02 12:20 - 2013-12-02 12:23 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:16 - 2013-12-02 12:19 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:11 - 2013-12-02 12:13 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:05 - 2013-12-02 12:11 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:49 - 2013-12-02 11:56 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:46 - 2013-12-02 11:57 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:44 - 2013-12-02 11:54 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:34 - 2013-12-02 11:38 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:32 - 2013-12-02 11:37 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:22 - 2013-12-02 11:26 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:15 - 2013-12-02 11:17 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra .mp4
2013-12-02 11:07 - 2013-12-02 11:12 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 10:58 - 2013-12-02 11:06 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 10:53 - 2013-12-02 11:02 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:46 - 2013-12-02 10:50 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:37 - 2013-12-02 10:44 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:29 - 2013-12-02 10:41 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 10:25 - 2013-12-02 10:34 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:23 - 2013-12-02 10:32 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:06 - 2013-12-02 10:09 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:00 - 2013-12-02 10:04 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 09:57 - 2013-12-02 10:02 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:50 - 2013-12-02 09:55 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-03 19:19 - 00000000 ____D C:\Users\Ingo\AppData\Local\SwvUpdater
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-12-02 09:29 - 2013-12-02 09:29 - 00000878 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2013-12-02 09:29 - 2013-12-02 09:29 - 00000870 _____ C:\Users\Ingo\Desktop\iLivid.lnk
2013-12-02 09:26 - 2013-12-02 09:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\iLivid
2013-11-30 16:25 - 2013-12-02 08:06 - 00000000 ____D C:\ProgramData\eSafe
2013-11-30 16:25 - 2013-12-02 07:49 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-30 16:23 - 2013-12-03 08:38 - 00000000 ____D C:\Program Files\Re-markit
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-22 11:21 - 2013-12-05 09:53 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2013-12-08 17:20 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 12:06 - 2013-12-08 22:11 - 00151042 _____ C:\Windows\PFRO.log
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-15 11:16 - 2013-08-21 05:31 - 00182680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-15 11:16 - 2013-08-21 05:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-13 08:04 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 08:04 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 08:04 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 08:04 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 08:04 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 08:04 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 08:04 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 08:04 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 08:04 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 08:04 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 08:04 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 08:04 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 07:50 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:49 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:49 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:49 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 07:49 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
==================== One Month Modified Files and Folders =======
2013-12-09 15:41 - 2008-11-10 18:47 - 01526343 _____ C:\Windows\WindowsUpdate.log
2013-12-09 15:40 - 2008-08-28 06:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:34 - 2010-10-11 10:37 - 00000923 _____ C:\Users\Ingo\Desktop\Internet Explorer.lnk
2013-12-09 15:24 - 2009-06-30 16:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 15:23 - 2013-01-09 10:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 14:38 - 2008-12-03 15:59 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-09 14:38 - 2008-11-11 18:40 - 00087040 _____ C:\Users\Ingo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-09 14:37 - 2011-04-03 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-09 14:36 - 2006-11-02 11:33 - 01576246 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 14:35 - 2008-08-28 05:28 - 01072883 _____ C:\ProgramData\nvModes.001
2013-12-09 14:29 - 2008-08-28 05:22 - 01072883 _____ C:\ProgramData\nvModes.dat
2013-12-09 14:28 - 2009-06-30 16:49 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-09 14:28 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 14:28 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 14:27 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 14:16 - 2012-04-26 13:06 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\vlc
2013-12-09 10:02 - 2009-01-02 11:15 - 00000000 ____D C:\Users\Public\Documents\Profi cash
2013-12-09 10:02 - 2006-11-02 11:23 - 00001273 _____ C:\Windows\win.ini
2013-12-09 09:39 - 2008-11-10 19:31 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Adobe
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-09 08:33 - 2010-11-26 16:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\CrashDumps
2013-12-08 22:16 - 2008-08-28 03:21 - 00002140 _____ C:\Windows\bthservsdp.dat
2013-12-08 22:16 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-08 22:11 - 2013-11-18 12:06 - 00151042 _____ C:\Windows\PFRO.log
2013-12-08 22:10 - 2008-12-16 07:18 - 00000000 ____D C:\Windows\Sun
2013-12-08 22:09 - 2013-12-04 09:44 - 00000000 ____D C:\ProgramData\Conduit
2013-12-08 19:12 - 2013-12-04 09:43 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-08 18:31 - 2013-10-02 16:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AVS4YOU
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\Program Files\MAGIX
2013-12-08 17:37 - 2009-03-08 13:20 - 00000000 ____D C:\Windows\system32\MAGIX
2013-12-08 17:20 - 2013-11-22 11:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:05 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-08 17:17 - 2008-08-28 05:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 17:14 - 2012-12-17 21:09 - 00000000 ____D C:\Program Files\Epson Software
2013-12-08 17:11 - 2008-08-28 12:34 - 00000000 ____D C:\Program Files\HomeCinema
2013-12-08 17:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-08 16:48 - 2009-01-10 16:30 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-08 16:47 - 2011-12-23 11:26 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-08 16:28 - 2006-11-02 13:47 - 00599736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 15:17 - 2009-01-24 12:16 - 00000000 ____D C:\ProgramData\Lexware
2013-12-05 15:16 - 2011-12-08 16:29 - 00000000 ____D C:\ProgramData\BTrieve
2013-12-05 09:53 - 2013-11-22 11:21 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:45 - 2013-12-04 09:44 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:44 - 2013-12-04 09:44 - 00000000 ___DC C:\SearchProtect
2013-12-04 09:44 - 2013-12-04 09:42 - 00000009 ____C C:\END
2013-12-04 09:41 - 2013-10-02 16:09 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-12-04 09:41 - 2013-10-02 16:08 - 00000000 ____D C:\Program Files\AVS4YOU
2013-12-04 09:41 - 2008-11-10 18:50 - 00194352 _____ C:\Users\Ingo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-04 07:21 - 2013-12-03 18:20 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 19:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-12-03 19:19 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\SwvUpdater
2013-12-03 18:55 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:25 - 2013-10-02 15:19 - 00000136 ____C C:\LxDasi.Log
2013-12-03 18:21 - 2008-12-29 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 18:14 - 2013-12-03 17:27 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:26 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:25 - 2013-12-03 17:07 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 16:29 - 2013-12-03 16:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\IAC
2013-12-03 15:25 - 2013-12-08 16:41 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-03 15:25 - 2013-12-08 16:41 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-03 14:48 - 2013-06-30 17:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Skype
2013-12-03 14:48 - 2012-10-17 19:18 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-03 09:29 - 2013-06-30 17:11 - 00002379 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-03 08:38 - 2013-11-30 16:23 - 00000000 ____D C:\Program Files\Re-markit
2013-12-02 12:23 - 2013-12-02 12:20 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:19 - 2013-12-02 12:16 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:13 - 2013-12-02 12:11 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:11 - 2013-12-02 12:05 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:57 - 2013-12-02 11:46 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:56 - 2013-12-02 11:49 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:54 - 2013-12-02 11:44 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:38 - 2013-12-02 11:34 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:37 - 2013-12-02 11:32 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:26 - 2013-12-02 11:22 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:17 - 2013-12-02 11:15 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra .mp4
2013-12-02 11:12 - 2013-12-02 11:07 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 11:06 - 2013-12-02 10:58 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 11:02 - 2013-12-02 10:53 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:50 - 2013-12-02 10:46 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:44 - 2013-12-02 10:37 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:41 - 2013-12-02 10:29 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 10:34 - 2013-12-02 10:25 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:32 - 2013-12-02 10:23 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:09 - 2013-12-02 10:06 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:04 - 2013-12-02 10:00 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 10:02 - 2013-12-02 09:57 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:55 - 2013-12-02 09:50 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-12-02 09:29 - 2013-12-02 09:29 - 00000878 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2013-12-02 09:29 - 2013-12-02 09:29 - 00000870 _____ C:\Users\Ingo\Desktop\iLivid.lnk
2013-12-02 09:29 - 2013-12-02 09:26 - 00000000 ____D C:\Users\Ingo\AppData\Local\iLivid
2013-12-02 08:06 - 2013-11-30 16:25 - 00000000 ____D C:\ProgramData\eSafe
2013-12-02 07:49 - 2013-11-30 16:25 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-30 16:24 - 2010-10-11 09:40 - 00001940 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-30 16:24 - 2008-11-10 18:49 - 00001165 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 20:08 - 2012-10-17 19:18 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:08 - 2012-10-17 19:18 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-25 08:39 - 2013-05-30 11:02 - 00000000 ____D C:\Program Files\MyFree Codec
2013-11-25 08:30 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-11-25 07:57 - 2012-01-06 12:08 - 00000000 ____D C:\Users\Ingo\Documents\Steuerfälle
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2008-11-10 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Local\Google
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:55 - 2009-01-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-18 09:16 - 2009-09-24 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\FileZilla
2013-11-17 09:37 - 2013-06-30 17:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 09:36 - 2013-06-30 17:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-15 09:45 - 2008-11-16 12:35 - 00000000 ____D C:\Users\Ingo\AppData\Local\Adobe
2013-11-15 09:40 - 2012-04-11 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 09:40 - 2011-06-10 07:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-13 10:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-13 08:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-13 08:02 - 2013-07-18 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 07:51 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\Users\Ingo\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Ingo\AppData\Local\Temp\avgnt.exe
C:\Users\Ingo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ingo\AppData\Local\Temp\bassmod.dll
C:\Users\Ingo\AppData\Local\Temp\install_helper.exe
C:\Users\Ingo\AppData\Local\Temp\SHSetup.exe
C:\Users\Ingo\AppData\Local\Temp\Softonic_chr_1-8-28-14_cn_sign.exe
C:\Users\Ingo\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Ingo\AppData\Local\Temp\v2ayuhj3.dll
C:\Users\Ingo\AppData\Local\Temp\_is7A8C.exe
C:\Users\Ingo\AppData\Local\Temp\_isFC11.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-09 14:41
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-12-2013 03 Ran by Ingo at 2013-12-09 15:42:43 Running from C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KOENQMB Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 32 Bit HP CIO Components Installer (Version: 6.1.1) 6200 (Version: 82.0.242.000) 6200_Help (Version: 82.0.242.000) 6200Trb (Version: 82.0.242.000) AAVUpdateManager (Version: 18.00.0000) ACDSee 8 (Version: 8.0.41) Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.8) Adobe Flash Player 11 ActiveX (Version: 11.9.900.152) Adobe Flash Player 11 Plugin (Version: 11.9.900.117) Adobe Reader X (10.1.3) - Deutsch (Version: 10.1.3) Adobe Shockwave Player (Version: 11) Adobe SVG Viewer 3.0 (Version: 3.0) AFPL Ghostscript 8.54 AFPL Ghostscript Fonts AIO_CDB_ProductContext (Version: 82.0.242.000) AIO_CDB_Software (Version: 82.0.242.000) AIO_Scan (Version: 82.0.173.000) ALDI NORD Bestellsoftware 4.9 (Version: 4.9) Any DVD Converter Professional 4.6.1 Any Video Converter 5 5.0.3 Avira Free Antivirus (Version: 14.0.1.759) AVS Media Player 4.2.2.104 (Version: 4.2.2.104) AVS Video Converter 8 (Version: 8.4.2.541) AVS Video Editor 6 (Version: 6.3.2.234) BlackBerry Desktop Software 4.7 (Version: 4.7.0.37) BufferChm (Version: 140.0.212.000) CADENAS PARTwebViewer (Version: 1.0.36.7) CCleaner (Version: 4.04) Compatibility Pack für 2007 Office System (Version: 12.0.6514.5001) Corel MediaOne (Version: 2.00.0000) CorelDRAW Essential Edition 3 CorelDRAW Essential Edition 3 (Version: 3.0) CrystalDiskInfo 5.6.2 (Version: 5.6.2) CyberLink MediaShow (Version: 4.1.2014) CyberLink YouCam (Version: 2.0.1916) DE (Version: 3.0) Digital Image (Version: 1.2.0.2) DVDVideoSoftTB Toolbar (Version: 6.8.5.1) DWG TrueView 2011 (Version: 18.1.49.0) ElsterFormular-Upgrade (Version: 13.4.1.10296) EPSON BX320FW Series Handbuch EPSON BX320FW Series Netzwerk-Handbuch EPSON BX320FW Series Printer Uninstall Epson Event Manager (Version: 2.40.0001) Epson FAX Utility (Version: 1.10.00) Epson PC-FAX Driver EPSON Scan EpsonNet Print (Version: 2.4j) EpsonNet Setup 3.2 (Version: 3.2a) EURACOM e-Wörterbücher Ext2 IFS 1.11a for Windows Vista/2008 Fax (Version: 120.0.194.000) FileZilla Client 3.2.7.1 (Version: 3.2.7.1) Firebird SQL Server - MAGIX Edition (Version: 2.0.1.13) Foxlink Webcam (Version: 5.8.48000.201_WHQL) Free YouTube Download version 3.2.16.1030 (Version: 3.2.16.1030) Google Earth (Version: 7.1.1.1888) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.5.4601.54) Google Update Helper (Version: 1.3.22.3) IDA-STEP (HKCU Version: 4.0.12) iLivid (Version: 5.0.0.4151) <==== ATTENTION Java 7 Update 9 (Version: 7.0.90) Java Auto Updater (Version: 2.1.9.0) klickTel Fuzzy-Suchindex Juli 2003 klickTel Juli 2003 Lexware buchhalter 2013 (Version: 18.52.00.0375) Lexware Elster (Version: 13.10.00.0021) Lexware faktura+auftrag 2009 (Version: 13.51.00.0005) Lexware Info Service (Version: 2.90.00.0009) Lexware online banking (Version: 20.00.00.0059) MAGIX Foto Manager 2008 5.0.0.255 (D) (Version: 5.0.0.255) MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) (Version: 9.0.2.0) MAGIX Screenshare 4.3.6.1987 (D) (Version: 4.3.6.1987) MakeDisc (Version: 3.0.2601) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) MEDION MD 41856 MegaView 2008 MegaView3D 2008 Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938) Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938) Microsoft Automated Troubleshooting Services Shim Microsoft Money 99 Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0) Microsoft Silverlight (Version: 1.0.30716.0) Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft XML Parser (Version: 8.0.7820.0) Mozilla Firefox (3.6.10) (Version: 3.6.10 (de)) Mozilla Thunderbird (2.0.0.24) (Version: 2.0.0.24 (de)) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0) Music Editor Free MyWinLocker 3 (Version: 3.1.20.0) Nero 8 Essentials (Version: 8.3.124) neroxml (Version: 1.0.0) NVIDIA Display Control Panel (Version: 6.14.12.5721) NVIDIA Drivers (Version: 1.10.61.39) NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0) NVIDIA Install Application (Version: 2.1002.109.718) NVIDIA PhysX (Version: 9.10.0223) OLYMPUS Master 2 (Version: 1.0.6) Paint.NET v3.5.10 (Version: 3.60.0) PC Inspector File Recovery (Version: 4.0) PDFCreator (Version: 0.9.6) PDF-Viewer (Version: 2.0.42.4) Phase 5 HTML-Editor (Version: 5.6.2) Presto! PageManager 9.00.11 SE (Version: 9.00.11) Profi cash Profi cash international QuickTime (Version: 7.71.80.42) Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000) Realtek High Definition Audio Driver (Version: 6.0.1.5672) Realtek USB 2.0 Card Reader (Version: 3.0.1.3) Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101) RedMon - Redirection Port Monitor Roxio Media Manager (Version: 9.4.052) Samsung CLX-3170 Series Samsung Kies (Version: 2.5.3.13043_14) Samsung Story Album Viewer (Version: 1.0.0.13054_1) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0) Scan (Version: 8.1.0.0) Sceneo AbsolutTV Search Protect by conduit (Version: 1.7.0.72) <==== ATTENTION Servicepack Datumsaktualisierung (Version: 1.00.00.0005) Skype™ 6.10 (Version: 6.10.104) SmarThru 4 SmarThru PC Fax Solid Edge V19 (Version: 19.00.0066) Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0) Steuer-Spar-Erklärung 2008 (Version: 13.02.0000) Steuer-Spar-Erklärung 2009 (Version: 14.01.0000) Steuer-Spar-Erklärung 2010 (Version: 15.14) Steuer-Spar-Erklärung 2011 (Version: 16.16) Steuer-Spar-Erklärung 2012 (Version: 17.12) Steuer-Spar-Erklärung 2013 (Version: 18.09) SUPER © Version 2010.bld.37 (Jan 2, 2010) (Version: Version 2010.bld.37 (Jan 2, 2010)) TextBridge Pro 8.0 Toolbox (Version: 82.0.173.000) TVsweeper 3 (Version: 3.0.3) Ulead Photo Express 3.0 SE UnloadSupport (Version: 1.00.0000) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update Manager (Version: 4.60) VCRedistSetup (Version: 1.0.0) VLC media player 2.0.1 (Version: 2.0.1) WebReg (Version: 140.0.212.017) WIDCOMM Bluetooth Software (Version: 6.3.0.6800) Windows Live Fotogalerie (Version: 12.0.1347.0718) Windows Live installer (Version: 12.0.1471.1025) Windows Live Mail (Version: 12.0.1606.1023) Windows Live Sign-in Assistant (Version: 5.000.742.2) Windows Live Writer (Version: 12.0.1370.0325) WinRAR Zoner Photo Studio 12 (Version: 12.0.1.7) ==================== Restore Points ========================= 18-11-2013 16:31:39 Geplanter Prüfpunkt 22-11-2013 11:06:35 TuneUp Utilities 2014 wird entfernt 22-11-2013 11:21:46 TuneUp Utilities 2014 (de-DE) wird entfernt 25-11-2013 07:28:48 Entfernt STK02N 2.4 25-11-2013 07:42:43 Removed Internet Explorer Toolbar 4.6 by SweetPacks 27-11-2013 07:13:52 Windows Update 29-11-2013 07:11:09 Windows Update 30-11-2013 16:26:12 Removed Snap.Do 30-11-2013 16:28:00 Removed Snap.Do 30-11-2013 16:30:03 Removed Snap.Do 30-11-2013 16:55:44 Removed RENESIS® Player Browser Plugins 03-12-2013 15:44:14 Installed Windows Movie Maker 2.6 03-12-2013 19:03:40 Installed Microsoft Fix it 50195 03-12-2013 19:08:42 Installed Microsoft Fix it 50195 04-12-2013 07:45:22 Windows Update 08-12-2013 15:43:36 Entfernt PhotoImpression 08-12-2013 15:45:33 Entfernt MediaImpression 08-12-2013 15:47:35 Entfernt VideoImpression 08-12-2013 15:49:33 Konfiguriert PhotoNow 08-12-2013 15:51:34 Konfiguriert PowerDirector 08-12-2013 16:05:11 Konfiguriert PowerProducer 08-12-2013 16:16:35 Entfernt Easy Photo Print Plug-in for PMB(Picture Motion BrowserÝâû% 08-12-2013 16:17:23 Removed Epson Event Manager 08-12-2013 16:17:59 Removed Epson Event Manager 08-12-2013 16:23:50 Removed Yahoo Community Smartbar 08-12-2013 16:25:09 Removed Yahoo Community Smartbar 08-12-2013 16:27:07 Removed Yahoo Community Smartbar 08-12-2013 16:32:38 Removed Windows Movie Maker 2.6 09-12-2013 14:05:16 Installed SpyHunter ==================== Hosts content: ========================== 2006-11-02 11:23 - 2012-07-07 16:29 - 00000791 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3BC71857-671D-465F-B500-6599B10B3014} - System32\Tasks\Microsoft\Support\ATS\OAS Integration => C:\Users\Ingo\AppData\Local\Temp\MATS-Temp\IXPglzpxzuw.y2f\MATSWiz.exe Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {9E7C5EF5-74DE-4AA6-B24B-766C4CDF5EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.) Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\System32\pla.dll [2008-01-21] (Microsoft Corporation) Task: {DE448A6E-3775-46A2-B855-A90581ABFD78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {E3289498-7688-49B7-BBC0-EE9CF2E13A92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-15] (Adobe Systems Incorporated) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] () Task: {F33FC516-073F-495D-9B84-AE6CAA931EBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job => C:\Windows\system32\msfeedssync.exe ==================== Loaded Modules (whitelisted) ============= 2008-11-15 15:08 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll 2010-06-28 15:36 - 2005-01-06 17:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll 2009-12-16 13:15 - 2007-12-27 16:38 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll 2007-03-20 14:08 - 2007-03-20 14:08 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll 2012-10-17 19:18 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 2009-08-23 18:58 - 2009-08-23 18:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2009-03-05 08:01 - 1998-12-14 11:06 - 00163328 _____ () C:\Program Files\Common Files\Xerox Shared\easytb32.dll 2009-03-05 08:01 - 1998-12-14 11:06 - 00034304 _____ () C:\Program Files\Common Files\Xerox Shared\VGFILE.dll 2009-05-27 16:09 - 2008-09-16 19:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll 2008-08-28 13:02 - 2007-05-16 21:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll 2009-08-19 06:51 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:FB1B13D8 ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Could not start eventlog service, could not read events. ==================== Memory info =========================== Percentage of memory in use: 57% Total physical RAM: 3065.95 MB Available physical RAM: 1315.66 MB Total Pagefile: 6334.91 MB Available Pagefile: 4387.76 MB Total Virtual: 2047.88 MB Available Virtual: 1901.49 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:163.89 GB) (Free:51.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Pittruff) (Fixed) (Total:48.83 GB) (Free:8.86 GB) NTFS Drive e: (RECOVER) (Fixed) (Total:19.76 GB) (Free:3.97 GB) FAT32 Drive f: (IP Spanntechnik) (Fixed) (Total:65.6 GB) (Free:25.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 8E03B488) Partition 1: (Active) - (Size=164 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=66 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=20 GB) - (Type=0C) ==================== End Of Log ============================ Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.09.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Ingo :: PITTRUFF [Administrator] Schutz: Deaktiviert 09.12.2013 15:50:40 mbam-log-2013-12-09 (15-50-40).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 210710 Laufzeit: 17 Minute(n), 45 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKLM\Software\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.NationZoom) -> Bösartig: (hxxp://www.nationzoom.com/web/?type=ds&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Windows\Installer\MSID31.tmp-\Smartbar.Installer.CustomActions.dll (PUP.Optional.SmartBar) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 09/12/2013 um 16:41:49
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Ingo - PITTRUFF
# Gestartet von : C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4UYX1SU\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Searchprotect
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files\myfree codec
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\eSupport.com
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\iac
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\thinstall
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\8eowee1n.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\speedtestanalysis@SpeedAnalysis.com
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Users\Ingo\Desktop\iLivid.lnk
Datei Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\8eowee1n.default\user.js
Datei Gelöscht : C:\Program Files\Mozilla Firefox\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592218}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596618}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : HKCU\Software\allin1convert_8h
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\pdfforge.org
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\allin1convert_8h
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\allin1convert_8h
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\pdfforge.org
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16520
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v3.6.10 (de)
[ Datei : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\prefs.js ]
Zeile gelöscht : user_pref("CT3312329.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3312329.UserID", "UN41390810601438920");
Zeile gelöscht : user_pref("CT3312329.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3312329.fullUserID", "UN41390810601438920.IN.20131204094330");
Zeile gelöscht : user_pref("CT3312329.installDate", "04/12/2013 09:43:40");
Zeile gelöscht : user_pref("CT3312329.installSessionId", "{BD58B5F8-A968-4909-85B4-0A6CB4DC7A83}");
Zeile gelöscht : user_pref("CT3312329.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3312329.installerVersion", "1.8.1.4");
Zeile gelöscht : user_pref("CT3312329.keyword", "true");
Zeile gelöscht : user_pref("CT3312329.originalHomepage", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=b2971a31000000000000001f1609202d&toi=16042");
Zeile gelöscht : user_pref("CT3312329.originalSearchAddressUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=b2971a31000000000000001f1609202d&toi=16042&q=");
Zeile gelöscht : user_pref("CT3312329.originalSearchEngine", "Search the web (Softonic)");
Zeile gelöscht : user_pref("CT3312329.originalSearchEngineName", "nationzoom");
Zeile gelöscht : user_pref("CT3312329.searchRevert", "false");
Zeile gelöscht : user_pref("CT3312329.searchUninstallUserMode", "2");
Zeile gelöscht : user_pref("CT3312329.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3312329.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3312329.toolbarInstallDate", "04-12-2013 09:43:30");
Zeile gelöscht : user_pref("CT3312329.versionFromInstaller", "10.22.5.10");
Zeile gelöscht : user_pref("CT3312329.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=b2971a31000000000000001f1609202d&toi=16042&q=");
Zeile gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "appbarioDE 1 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&CUI=UN41390810601438920&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 23);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=100480&babsrc=adbartrp&mntrId=b2971a31000000000000001f1609202d&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 23);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?AF=100480&babsrc=NT_ss&mntrId=b2971a31000000000000001f1609202d");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 92229423);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=b2971a31000000000000001f1609202d&toi=16042");
Zeile gelöscht : user_pref("extensions.Softonic.hpOld0", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=c2751ca9-1ac0-d8e5-99b1-37706eb121ed&searchtype=hp&installDate=30/11/2013");
Zeile gelöscht : user_pref("extensions.Softonic.id", "b2971a31000000000000001f1609202d");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16031");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=b2971a31000000000000001f1609202d&toi=16042&q=");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=b2971a31000000000000001f1609202d&toi=16042");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=b2971a31000000000000001f1609202d&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:20:07");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.enabledItems", "{21125b9c-8553-2206-6f45-25494cca0293}:1.0,{c2751ca9-1ac0-d8e5-99b1-37706eb121ed}:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,ffxtlbr@babylon.com:1.2.0,{CAFE[...]
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3312329&CUI=UN41390810601438920&UM=2&SearchSource=13");
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&SearchSource=2&CUI=UN41390810601438920&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.machineId", "DAF81IKWUHXASKGJVM75EFZHJPGJAZUUMNRXJCRY7UFKCY6M8GTDBNLYJ0WPQIP4FMHRCL8XH5U4LFQCCPVP2W");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://isearch.avg.com?cid=%7B065a6a0b-7a65-4803-b97e-976ca28c4373%7D&mid=09af52a062bd47d0997ad15ce91f5368-4def9bd3e7d1ac6d6544d578ec88f[...]
Zeile gelöscht : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010006.10031&barid={A2B303C0-3AC7-11E2-A7B1-0015AFFBBA9B}");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=hp&fr=linkury-tb&installDate=&type=hp1000"[...]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
*************************
AdwCleaner[R0].txt - [18756 octets] - [09/12/2013 16:29:04]
AdwCleaner[S0].txt - [18316 octets] - [09/12/2013 16:41:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18377 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows Vista (TM) Home Premium x86 Ran by Ingo on 09.12.2013 at 16:55:29,46 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2269050 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3241949 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3312329 ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Ingo\appdata\local\apn" ~~~ FireFox Successfully deleted: [Folder] C:\Users\Ingo\AppData\Roaming\mozilla\firefox\profiles\uuzkwcyk.default\extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com Successfully deleted: [Folder] C:\Users\Ingo\AppData\Roaming\mozilla\firefox\profiles\uuzkwcyk.default\extensions\staged ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09.12.2013 at 17:06:25,03 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-12-2013 03
Ran by Ingo (administrator) on PITTRUFF on 09-12-2013 17:13:29
Running from C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHXNEHNO
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
() C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PDF Complete Inc) C:\Programme\PDF Complete\pdfsvc.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\SAgent4.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ip-spanntechnik.de/
URLSearchHook: HKLM - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
URLSearchHook: HKLM - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
BHO: No Name - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Ingo\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - No File
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} - No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default
FF NetworkProxy: "type", 0
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Shiny Profile - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c998d1a847b082; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-27] (Google Inc.)
R3 hpqcxs08; C:\Program Files\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [299008 2002-02-14] (Lexmark International, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 pdfcDispatcher; C:\Programme\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 StatusAgent4; C:\Windows\system32\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AfwCore; C:\Windows\system32\Drivers\AfwCore.sys [263192 2008-11-11] (Agnitum Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2010-12-09] (Broadcom Corporation.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 OlyUsbCam; system32\DRIVERS\OlyUsbCam.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-09 17:06 - 2013-12-09 17:06 - 00001462 _____ C:\Users\Ingo\Desktop\JRT.txt
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 15:53 - 2013-12-09 16:43 - 00000000 ___DC C:\AdwCleaner
2013-12-09 15:49 - 2013-12-09 15:49 - 00000225 _____ C:\Users\Ingo\Desktop\Addition.txt
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 16:41 - 2013-12-03 15:25 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-08 16:41 - 2013-12-03 15:25 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:44 - 2013-12-04 09:45 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:43 - 2013-12-08 19:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-03 18:20 - 2013-12-04 07:21 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 17:27 - 2013-12-03 18:14 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:17 - 2013-12-03 17:26 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 17:07 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-02 12:20 - 2013-12-02 12:23 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:16 - 2013-12-02 12:19 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:11 - 2013-12-02 12:13 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:05 - 2013-12-02 12:11 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:49 - 2013-12-02 11:56 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:46 - 2013-12-02 11:57 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:44 - 2013-12-02 11:54 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:34 - 2013-12-02 11:38 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:32 - 2013-12-02 11:37 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:22 - 2013-12-02 11:26 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:15 - 2013-12-02 11:17 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra .mp4
2013-12-02 11:07 - 2013-12-02 11:12 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 10:58 - 2013-12-02 11:06 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 10:53 - 2013-12-02 11:02 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:46 - 2013-12-02 10:50 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:37 - 2013-12-02 10:44 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:29 - 2013-12-02 10:41 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 10:25 - 2013-12-02 10:34 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:23 - 2013-12-02 10:32 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:06 - 2013-12-02 10:09 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:00 - 2013-12-02 10:04 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 09:57 - 2013-12-02 10:02 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:50 - 2013-12-02 09:55 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-30 16:23 - 2013-12-03 08:38 - 00000000 ____D C:\Program Files\Re-markit
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-22 11:21 - 2013-12-05 09:53 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2013-12-08 17:20 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 12:06 - 2013-12-09 16:11 - 00151428 _____ C:\Windows\PFRO.log
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-15 11:16 - 2013-08-21 05:31 - 00182680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-15 11:16 - 2013-08-21 05:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-13 08:04 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 08:04 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 08:04 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 08:04 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 08:04 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 08:04 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 08:04 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 08:04 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 08:04 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 08:04 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 08:04 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 08:04 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 07:50 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:49 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:49 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:49 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 07:49 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
==================== One Month Modified Files and Folders =======
2013-12-09 17:10 - 2008-08-28 06:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-09 17:06 - 2013-12-09 17:06 - 00001462 _____ C:\Users\Ingo\Desktop\JRT.txt
2013-12-09 16:56 - 2008-11-10 18:47 - 01545880 _____ C:\Windows\WindowsUpdate.log
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 16:54 - 2011-04-03 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-09 16:54 - 2006-11-02 11:33 - 01576246 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 16:50 - 2008-08-28 05:28 - 01072883 _____ C:\ProgramData\nvModes.001
2013-12-09 16:50 - 2008-08-28 05:22 - 01072883 _____ C:\ProgramData\nvModes.dat
2013-12-09 16:49 - 2009-06-30 16:49 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-09 16:48 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 16:48 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 16:48 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 16:46 - 2008-08-28 03:21 - 00002140 _____ C:\Windows\bthservsdp.dat
2013-12-09 16:46 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-09 16:43 - 2013-12-09 15:53 - 00000000 ___DC C:\AdwCleaner
2013-12-09 16:43 - 2008-12-29 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-09 16:24 - 2009-06-30 16:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 16:23 - 2013-01-09 10:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 16:11 - 2013-11-18 12:06 - 00151428 _____ C:\Windows\PFRO.log
2013-12-09 15:49 - 2013-12-09 15:49 - 00000225 _____ C:\Users\Ingo\Desktop\Addition.txt
2013-12-09 15:46 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-09 15:46 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:34 - 2010-10-11 10:37 - 00000923 _____ C:\Users\Ingo\Desktop\Internet Explorer.lnk
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 14:38 - 2008-12-03 15:59 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-09 14:38 - 2008-11-11 18:40 - 00087040 _____ C:\Users\Ingo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-09 14:16 - 2012-04-26 13:06 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\vlc
2013-12-09 10:02 - 2009-01-02 11:15 - 00000000 ____D C:\Users\Public\Documents\Profi cash
2013-12-09 10:02 - 2006-11-02 11:23 - 00001273 _____ C:\Windows\win.ini
2013-12-09 09:39 - 2008-11-10 19:31 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Adobe
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-09 08:33 - 2010-11-26 16:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\CrashDumps
2013-12-08 22:10 - 2008-12-16 07:18 - 00000000 ____D C:\Windows\Sun
2013-12-08 19:12 - 2013-12-04 09:43 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-08 18:31 - 2013-10-02 16:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AVS4YOU
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\Program Files\MAGIX
2013-12-08 17:37 - 2009-03-08 13:20 - 00000000 ____D C:\Windows\system32\MAGIX
2013-12-08 17:20 - 2013-11-22 11:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:05 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-08 17:17 - 2008-08-28 05:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 17:14 - 2012-12-17 21:09 - 00000000 ____D C:\Program Files\Epson Software
2013-12-08 17:11 - 2008-08-28 12:34 - 00000000 ____D C:\Program Files\HomeCinema
2013-12-08 17:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-08 16:48 - 2009-01-10 16:30 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-08 16:47 - 2011-12-23 11:26 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-08 16:28 - 2006-11-02 13:47 - 00599736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 15:17 - 2009-01-24 12:16 - 00000000 ____D C:\ProgramData\Lexware
2013-12-05 15:16 - 2011-12-08 16:29 - 00000000 ____D C:\ProgramData\BTrieve
2013-12-05 09:53 - 2013-11-22 11:21 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:45 - 2013-12-04 09:44 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:41 - 2013-10-02 16:09 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-12-04 09:41 - 2013-10-02 16:08 - 00000000 ____D C:\Program Files\AVS4YOU
2013-12-04 09:41 - 2008-11-10 18:50 - 00194352 _____ C:\Users\Ingo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-04 07:21 - 2013-12-03 18:20 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 19:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:25 - 2013-10-02 15:19 - 00000136 ____C C:\LxDasi.Log
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 18:14 - 2013-12-03 17:27 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:26 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:25 - 2013-12-03 17:07 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 15:25 - 2013-12-08 16:41 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-03 15:25 - 2013-12-08 16:41 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-03 14:48 - 2013-06-30 17:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Skype
2013-12-03 14:48 - 2012-10-17 19:18 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-03 09:29 - 2013-06-30 17:11 - 00002379 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-03 08:38 - 2013-11-30 16:23 - 00000000 ____D C:\Program Files\Re-markit
2013-12-02 12:23 - 2013-12-02 12:20 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:19 - 2013-12-02 12:16 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:13 - 2013-12-02 12:11 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:11 - 2013-12-02 12:05 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:57 - 2013-12-02 11:46 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:56 - 2013-12-02 11:49 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:54 - 2013-12-02 11:44 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:38 - 2013-12-02 11:34 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:37 - 2013-12-02 11:32 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:26 - 2013-12-02 11:22 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:17 - 2013-12-02 11:15 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra .mp4
2013-12-02 11:12 - 2013-12-02 11:07 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 11:06 - 2013-12-02 10:58 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 11:02 - 2013-12-02 10:53 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:50 - 2013-12-02 10:46 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:44 - 2013-12-02 10:37 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:41 - 2013-12-02 10:29 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 10:34 - 2013-12-02 10:25 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:32 - 2013-12-02 10:23 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:09 - 2013-12-02 10:06 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:04 - 2013-12-02 10:00 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 10:02 - 2013-12-02 09:57 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:55 - 2013-12-02 09:50 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-30 16:24 - 2010-10-11 09:40 - 00001940 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-30 16:24 - 2008-11-10 18:49 - 00001165 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 20:08 - 2012-10-17 19:18 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:08 - 2012-10-17 19:18 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-25 08:30 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-11-25 07:57 - 2012-01-06 12:08 - 00000000 ____D C:\Users\Ingo\Documents\Steuerfälle
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2008-11-10 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Local\Google
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:55 - 2009-01-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-18 09:16 - 2009-09-24 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\FileZilla
2013-11-17 09:37 - 2013-06-30 17:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 09:36 - 2013-06-30 17:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-15 09:45 - 2008-11-16 12:35 - 00000000 ____D C:\Users\Ingo\AppData\Local\Adobe
2013-11-15 09:40 - 2012-04-11 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 09:40 - 2011-06-10 07:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-13 10:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-13 08:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-13 08:02 - 2013-07-18 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 07:51 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\Users\Ingo\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Ingo\AppData\Local\Temp\avgnt.exe
C:\Users\Ingo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ingo\AppData\Local\Temp\bassmod.dll
C:\Users\Ingo\AppData\Local\Temp\install_helper.exe
C:\Users\Ingo\AppData\Local\Temp\Quarantine.exe
C:\Users\Ingo\AppData\Local\Temp\SHSetup.exe
C:\Users\Ingo\AppData\Local\Temp\Softonic_chr_1-8-28-14_cn_sign.exe
C:\Users\Ingo\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Ingo\AppData\Local\Temp\v2ayuhj3.dll
C:\Users\Ingo\AppData\Local\Temp\_is7A8C.exe
C:\Users\Ingo\AppData\Local\Temp\_isFC11.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-09 16:58
==================== End Of Log ============================
Mit freundlich Grüßen, Stefan |
|
11.12.2013, 11:51
| #4 |
| /// the machine /// TB-Ausbilder | Nation Zoom Virus Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.12.2013, 17:00
| #5 |
| | Nation Zoom Virus Hallo, Ich habe alles wie beschrieben ausgeführt. Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler) hxxp://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Windows Vista (TM) Home Premium Service Pack 2 Program started at: 12/11/2013 03:32:09 PM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\ * Shortcut Cleaned: C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065 * Shortcut Cleaned: C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065 Searching C:\ProgramData\Microsoft\Windows\Start Menu\ * Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk => C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065 * Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065 Searching C:\Users\Ingo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ * Shortcut Cleaned: C:\Users\Public\Desktop\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065 Searching C:\Users\Ingo\Desktop 5 bad shortcuts found. Program finished at: 12/11/2013 03:32:26 PM Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s) ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=836f510cdb40ae4ca03c9ccad2304a33 # engine=16229 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-12-12 03:40:04 # local_time=2013-12-12 04:40:04 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=1799 16775165 100 97 46595 252242894 46298 0 # compatibility_mode=5892 16776574 100 100 36418069 224352332 0 0 # scanned=501008 # found=5 # cleaned=0 # scan_time=46207 sh=03A03606024702BB364ED99F5D930D265979FB8C ft=1 fh=cf8a43385da48423 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\Local\Temp\Temporary files\software\Re-markit_2040-2081.exe" sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\Local\Temp\{5A81B184-1BCD-4924-9ADB-C565045F01C2}\setup.exe" sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\Local\Temp\{827C5DE7-C84B-47AC-96E8-838D81CDBEC3}\setup.exe" sh=66F508779116D26A5D4D88F2A26BF33A77784527 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5f9fb050-1cf7f760" sh=E9C427E074AE8F4CD8A35F66AB46B53C4F3651BF ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.QFQ trojan" ac=I fn="C:\Users\Ingo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\6de5c2ec-3675ef14" Results of screen317's Security Check version 0.99.77 Windows Vista Service Pack 2 x86 (UAC is disabled!) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 CCleaner Java 7 Update 9 Java version out of Date! Adobe Flash Player 11.9.900.170 Adobe Reader 9 Adobe Reader out of Date! Adobe Reader 10.1.3 Adobe Reader out of Date! Mozilla Firefox (3.6.10) Firefox out of Date! Mozilla Thunderbird (2.0.0 Thunderbird out of Date! ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2013
Ran by Ingo (administrator) on PITTRUFF on 12-12-2013 10:17:43
Running from C:\Users\Ingo\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
() C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PDF Complete Inc) C:\Programme\PDF Complete\pdfsvc.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\SAgent4.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Program Files\Profi cash\wpc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\buchhalter\2013\Pcbh32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Ingo\Downloads\FRST (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ip-spanntechnik.de/
URLSearchHook: HKLM - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
URLSearchHook: HKLM - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
BHO: No Name - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Ingo\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - No File
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} - No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default
FF NetworkProxy: "type", 0
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Shiny Profile - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c998d1a847b082; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-27] (Google Inc.)
R3 hpqcxs08; C:\Program Files\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [299008 2002-02-14] (Lexmark International, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 pdfcDispatcher; C:\Programme\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 StatusAgent4; C:\Windows\system32\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AfwCore; C:\Windows\system32\Drivers\AfwCore.sys [263192 2008-11-11] (Agnitum Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2010-12-09] (Broadcom Corporation.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 OlyUsbCam; system32\DRIVERS\OlyUsbCam.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-12 10:16 - 2013-12-12 10:18 - 00014036 _____ C:\Users\Ingo\Downloads\FRST.txt
2013-12-12 10:06 - 2013-12-12 10:07 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST (1).exe
2013-12-12 10:02 - 2013-12-12 10:02 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST.exe
2013-12-12 07:54 - 2013-12-12 07:55 - 00891200 _____ C:\Users\Ingo\Downloads\SecurityCheck.exe
2013-12-11 15:40 - 2013-12-11 15:44 - 02347384 _____ (ESET) C:\Users\Ingo\Downloads\esetsmartinstaller_enu.exe
2013-12-11 15:39 - 2013-12-12 10:14 - 00000000 ____D C:\Users\Ingo\Desktop\Virus
2013-12-11 15:32 - 2013-12-11 15:32 - 00004536 ____C C:\sc-cleaner.txt
2013-12-11 15:31 - 2013-12-11 15:32 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Ingo\Downloads\sc-cleaner.exe
2013-12-11 08:24 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 08:24 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 08:24 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 08:24 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 08:24 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 08:24 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 08:24 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 08:24 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 08:24 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 08:24 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 08:24 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 08:24 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 08:24 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 08:24 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 08:24 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 08:24 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 08:22 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 08:22 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 08:22 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 08:22 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 08:22 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 08:22 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 08:22 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 08:22 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 08:22 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 08:21 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-09 17:26 - 2013-12-09 17:26 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 15:53 - 2013-12-09 16:43 - 00000000 ___DC C:\AdwCleaner
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 16:41 - 2013-12-03 15:25 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-08 16:41 - 2013-12-03 15:25 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:44 - 2013-12-04 09:45 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:43 - 2013-12-08 19:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-03 18:20 - 2013-12-04 07:21 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 17:27 - 2013-12-03 18:14 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:17 - 2013-12-03 17:26 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 17:07 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-02 12:20 - 2013-12-02 12:23 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:16 - 2013-12-02 12:19 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:11 - 2013-12-02 12:13 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:05 - 2013-12-02 12:11 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:49 - 2013-12-02 11:56 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:46 - 2013-12-02 11:57 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:44 - 2013-12-02 11:54 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:34 - 2013-12-02 11:38 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:32 - 2013-12-02 11:37 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:22 - 2013-12-02 11:26 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:15 - 2013-12-02 11:17 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra .mp4
2013-12-02 11:07 - 2013-12-02 11:12 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 10:58 - 2013-12-02 11:06 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 10:53 - 2013-12-02 11:02 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:46 - 2013-12-02 10:50 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:37 - 2013-12-02 10:44 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:29 - 2013-12-02 10:41 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 10:25 - 2013-12-02 10:34 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:23 - 2013-12-02 10:32 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:06 - 2013-12-02 10:09 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:00 - 2013-12-02 10:04 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 09:57 - 2013-12-02 10:02 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:50 - 2013-12-02 09:55 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-30 16:23 - 2013-12-03 08:38 - 00000000 ____D C:\Program Files\Re-markit
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-22 11:21 - 2013-12-05 09:53 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2013-12-08 17:20 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 12:06 - 2013-12-09 16:11 - 00151428 _____ C:\Windows\PFRO.log
2013-11-15 11:16 - 2013-08-21 05:31 - 00182680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-15 11:16 - 2013-08-21 05:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-13 07:50 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:49 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:49 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:49 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 07:49 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
==================== One Month Modified Files and Folders =======
2013-12-12 10:18 - 2013-12-12 10:16 - 00014036 _____ C:\Users\Ingo\Downloads\FRST.txt
2013-12-12 10:15 - 2008-08-28 06:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-12 10:14 - 2013-12-11 15:39 - 00000000 ____D C:\Users\Ingo\Desktop\Virus
2013-12-12 10:07 - 2013-12-12 10:06 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST (1).exe
2013-12-12 10:02 - 2013-12-12 10:02 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST.exe
2013-12-12 09:49 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 09:49 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 09:24 - 2009-06-30 16:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 09:23 - 2013-01-09 10:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 08:55 - 2009-01-24 12:16 - 00000000 ____D C:\ProgramData\Lexware
2013-12-12 08:55 - 2008-11-10 18:47 - 01698796 _____ C:\Windows\WindowsUpdate.log
2013-12-12 08:54 - 2008-08-28 05:28 - 01072883 _____ C:\ProgramData\nvModes.001
2013-12-12 08:54 - 2008-08-28 05:22 - 01072883 _____ C:\ProgramData\nvModes.dat
2013-12-12 08:14 - 2009-01-02 11:15 - 00000000 ____D C:\Users\Public\Documents\Profi cash
2013-12-12 07:55 - 2013-12-12 07:54 - 00891200 _____ C:\Users\Ingo\Downloads\SecurityCheck.exe
2013-12-12 00:24 - 2009-06-30 16:49 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 16:23 - 2012-04-11 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 16:23 - 2011-06-10 07:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 16:01 - 2011-12-08 16:29 - 00000000 ____D C:\ProgramData\BTrieve
2013-12-11 15:44 - 2013-12-11 15:40 - 02347384 _____ (ESET) C:\Users\Ingo\Downloads\esetsmartinstaller_enu.exe
2013-12-11 15:36 - 2006-11-02 11:33 - 01576246 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 15:32 - 2013-12-11 15:32 - 00004536 ____C C:\sc-cleaner.txt
2013-12-11 15:32 - 2013-12-11 15:31 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Ingo\Downloads\sc-cleaner.exe
2013-12-11 15:32 - 2010-10-11 09:40 - 00001728 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-11 15:32 - 2008-11-10 18:49 - 00000953 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 10:21 - 2010-07-02 18:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\Paint.NET
2013-12-11 09:42 - 2009-03-17 08:32 - 00002713 _____ C:\Users\Ingo\Desktop\CorelDRAW Essentials 3.lnk
2013-12-11 09:27 - 2011-04-03 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-11 09:22 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 09:18 - 2006-11-02 13:47 - 00599736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 09:16 - 2008-08-28 03:21 - 00002140 _____ C:\Windows\bthservsdp.dat
2013-12-11 09:16 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-11 09:15 - 2008-08-28 05:26 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-11 09:12 - 2006-11-02 11:23 - 00001273 _____ C:\Windows\win.ini
2013-12-11 08:33 - 2013-07-18 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 08:26 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-10 11:14 - 2010-11-26 16:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\CrashDumps
2013-12-09 17:26 - 2013-12-09 17:26 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 16:43 - 2013-12-09 15:53 - 00000000 ___DC C:\AdwCleaner
2013-12-09 16:43 - 2008-12-29 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-09 16:11 - 2013-11-18 12:06 - 00151428 _____ C:\Windows\PFRO.log
2013-12-09 15:46 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-09 15:46 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:34 - 2010-10-11 10:37 - 00000923 _____ C:\Users\Ingo\Desktop\Internet Explorer.lnk
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 14:38 - 2008-12-03 15:59 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-09 14:38 - 2008-11-11 18:40 - 00087040 _____ C:\Users\Ingo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-09 14:16 - 2012-04-26 13:06 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\vlc
2013-12-09 09:39 - 2008-11-10 19:31 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Adobe
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 22:10 - 2008-12-16 07:18 - 00000000 ____D C:\Windows\Sun
2013-12-08 19:12 - 2013-12-04 09:43 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-08 18:31 - 2013-10-02 16:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AVS4YOU
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\Program Files\MAGIX
2013-12-08 17:37 - 2009-03-08 13:20 - 00000000 ____D C:\Windows\system32\MAGIX
2013-12-08 17:20 - 2013-11-22 11:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:05 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-08 17:17 - 2008-08-28 05:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 17:14 - 2012-12-17 21:09 - 00000000 ____D C:\Program Files\Epson Software
2013-12-08 17:11 - 2008-08-28 12:34 - 00000000 ____D C:\Program Files\HomeCinema
2013-12-08 17:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-08 16:48 - 2009-01-10 16:30 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-08 16:47 - 2011-12-23 11:26 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-05 09:53 - 2013-11-22 11:21 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:45 - 2013-12-04 09:44 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:41 - 2013-10-02 16:09 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-12-04 09:41 - 2013-10-02 16:08 - 00000000 ____D C:\Program Files\AVS4YOU
2013-12-04 09:41 - 2008-11-10 18:50 - 00194352 _____ C:\Users\Ingo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-04 07:21 - 2013-12-03 18:20 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 19:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:25 - 2013-10-02 15:19 - 00000136 ____C C:\LxDasi.Log
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 18:14 - 2013-12-03 17:27 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:26 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:25 - 2013-12-03 17:07 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 15:25 - 2013-12-08 16:41 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-03 15:25 - 2013-12-08 16:41 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-03 14:48 - 2013-06-30 17:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Skype
2013-12-03 14:48 - 2012-10-17 19:18 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-03 09:29 - 2013-06-30 17:11 - 00002379 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-03 08:38 - 2013-11-30 16:23 - 00000000 ____D C:\Program Files\Re-markit
2013-12-02 12:23 - 2013-12-02 12:20 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:19 - 2013-12-02 12:16 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:13 - 2013-12-02 12:11 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:11 - 2013-12-02 12:05 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:57 - 2013-12-02 11:46 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:56 - 2013-12-02 11:49 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:54 - 2013-12-02 11:44 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:38 - 2013-12-02 11:34 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:37 - 2013-12-02 11:32 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:26 - 2013-12-02 11:22 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:17 - 2013-12-02 11:15 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra .mp4
2013-12-02 11:12 - 2013-12-02 11:07 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 11:06 - 2013-12-02 10:58 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 11:02 - 2013-12-02 10:53 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:50 - 2013-12-02 10:46 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:44 - 2013-12-02 10:37 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:41 - 2013-12-02 10:29 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 10:34 - 2013-12-02 10:25 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:32 - 2013-12-02 10:23 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:09 - 2013-12-02 10:06 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:04 - 2013-12-02 10:00 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 10:02 - 2013-12-02 09:57 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:55 - 2013-12-02 09:50 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-26 20:08 - 2012-10-17 19:18 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:08 - 2012-10-17 19:18 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-25 08:30 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-11-25 07:57 - 2012-01-06 12:08 - 00000000 ____D C:\Users\Ingo\Documents\Steuerfälle
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2008-11-10 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Local\Google
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:55 - 2009-01-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 09:16 - 2009-09-24 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\FileZilla
2013-11-17 09:37 - 2013-06-30 17:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 09:36 - 2013-06-30 17:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-15 09:45 - 2008-11-16 12:35 - 00000000 ____D C:\Users\Ingo\AppData\Local\Adobe
2013-11-15 00:13 - 2013-12-11 08:24 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 23:50 - 2013-12-11 08:24 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 23:50 - 2013-12-11 08:24 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 23:43 - 2013-12-11 08:24 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 23:42 - 2013-12-11 08:24 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 23:42 - 2013-12-11 08:24 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 23:41 - 2013-12-11 08:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 23:40 - 2013-12-11 08:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 23:38 - 2013-12-11 08:24 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 23:38 - 2013-12-11 08:24 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 23:38 - 2013-12-11 08:24 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 23:37 - 2013-12-11 08:24 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 23:36 - 2013-12-11 08:24 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 23:36 - 2013-12-11 08:24 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 23:35 - 2013-12-11 08:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 23:32 - 2013-12-11 08:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 10:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-13 08:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
Files to move or delete:
====================
C:\Users\Ingo\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Ingo\AppData\Local\Temp\avgnt.exe
C:\Users\Ingo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ingo\AppData\Local\Temp\bassmod.dll
C:\Users\Ingo\AppData\Local\Temp\install_helper.exe
C:\Users\Ingo\AppData\Local\Temp\Quarantine.exe
C:\Users\Ingo\AppData\Local\Temp\SHSetup.exe
C:\Users\Ingo\AppData\Local\Temp\Softonic_chr_1-8-28-14_cn_sign.exe
C:\Users\Ingo\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Ingo\AppData\Local\Temp\v2ayuhj3.dll
C:\Users\Ingo\AppData\Local\Temp\_is7A8C.exe
C:\Users\Ingo\AppData\Local\Temp\_isFC11.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-12 09:33
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-12-2013 Ran by Ingo at 2013-12-12 10:19:04 Running from C:\Users\Ingo\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 32 Bit HP CIO Components Installer (Version: 6.1.1) 6200 (Version: 82.0.242.000) 6200_Help (Version: 82.0.242.000) 6200Trb (Version: 82.0.242.000) AAVUpdateManager (Version: 18.00.0000) ACDSee 8 (Version: 8.0.41) Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.8) Adobe Flash Player 11 ActiveX (Version: 11.9.900.170) Adobe Flash Player 11 Plugin (Version: 11.9.900.170) Adobe Reader X (10.1.3) - Deutsch (Version: 10.1.3) Adobe Shockwave Player (Version: 11) Adobe SVG Viewer 3.0 (Version: 3.0) AFPL Ghostscript 8.54 AFPL Ghostscript Fonts AIO_CDB_ProductContext (Version: 82.0.242.000) AIO_CDB_Software (Version: 82.0.242.000) AIO_Scan (Version: 82.0.173.000) ALDI NORD Bestellsoftware 4.9 (Version: 4.9) Any DVD Converter Professional 4.6.1 Any Video Converter 5 5.0.3 Avira Free Antivirus (Version: 14.0.1.759) AVS Media Player 4.2.2.104 (Version: 4.2.2.104) AVS Video Converter 8 (Version: 8.4.2.541) AVS Video Editor 6 (Version: 6.3.2.234) BlackBerry Desktop Software 4.7 (Version: 4.7.0.37) BufferChm (Version: 140.0.212.000) CADENAS PARTwebViewer (Version: 1.0.36.7) CCleaner (Version: 4.04) Compatibility Pack für 2007 Office System (Version: 12.0.6514.5001) Corel MediaOne (Version: 2.00.0000) CorelDRAW Essential Edition 3 CorelDRAW Essential Edition 3 (Version: 3.0) CrystalDiskInfo 5.6.2 (Version: 5.6.2) CyberLink MediaShow (Version: 4.1.2014) CyberLink YouCam (Version: 2.0.1916) DE (Version: 3.0) Digital Image (Version: 1.2.0.2) DVDVideoSoftTB Toolbar (Version: 6.8.5.1) DWG TrueView 2011 (Version: 18.1.49.0) ElsterFormular-Upgrade (Version: 13.4.1.10296) EPSON BX320FW Series Handbuch EPSON BX320FW Series Netzwerk-Handbuch EPSON BX320FW Series Printer Uninstall Epson Event Manager (Version: 2.40.0001) Epson FAX Utility (Version: 1.10.00) Epson PC-FAX Driver EPSON Scan EpsonNet Print (Version: 2.4j) EpsonNet Setup 3.2 (Version: 3.2a) EURACOM e-Wörterbücher Ext2 IFS 1.11a for Windows Vista/2008 Fax (Version: 120.0.194.000) FileZilla Client 3.2.7.1 (Version: 3.2.7.1) Firebird SQL Server - MAGIX Edition (Version: 2.0.1.13) Foxlink Webcam (Version: 5.8.48000.201_WHQL) Free YouTube Download version 3.2.16.1030 (Version: 3.2.16.1030) Google Earth (Version: 7.1.1.1888) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.5.4601.54) Google Update Helper (Version: 1.3.22.3) IDA-STEP (HKCU Version: 4.0.12) Java 7 Update 9 (Version: 7.0.90) Java Auto Updater (Version: 2.1.9.0) klickTel Fuzzy-Suchindex Juli 2003 klickTel Juli 2003 Lexware buchhalter 2013 (Version: 18.52.00.0375) Lexware Elster (Version: 13.10.00.0021) Lexware faktura+auftrag 2009 (Version: 13.51.00.0005) Lexware Info Service (Version: 2.90.00.0009) Lexware online banking (Version: 20.00.00.0059) MAGIX Foto Manager 2008 5.0.0.255 (D) (Version: 5.0.0.255) MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) (Version: 9.0.2.0) MAGIX Screenshare 4.3.6.1987 (D) (Version: 4.3.6.1987) MakeDisc (Version: 3.0.2601) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) MEDION MD 41856 MegaView 2008 MegaView3D 2008 Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938) Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938) Microsoft Automated Troubleshooting Services Shim Microsoft Money 99 Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0) Microsoft Silverlight (Version: 1.0.30716.0) Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft XML Parser (Version: 8.0.7820.0) Mozilla Firefox (3.6.10) (Version: 3.6.10 (de)) Mozilla Thunderbird (2.0.0.24) (Version: 2.0.0.24 (de)) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0) Music Editor Free MyWinLocker 3 (Version: 3.1.20.0) Nero 8 Essentials (Version: 8.3.124) neroxml (Version: 1.0.0) NVIDIA Display Control Panel (Version: 6.14.12.5721) NVIDIA Drivers (Version: 1.10.61.39) NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0) NVIDIA Install Application (Version: 2.1002.109.718) NVIDIA PhysX (Version: 9.10.0223) OLYMPUS Master 2 (Version: 1.0.6) Paint.NET v3.5.10 (Version: 3.60.0) PC Inspector File Recovery (Version: 4.0) PDFCreator (Version: 0.9.6) PDF-Viewer (Version: 2.0.42.4) Phase 5 HTML-Editor (Version: 5.6.2) Presto! PageManager 9.00.11 SE (Version: 9.00.11) Profi cash Profi cash international QuickTime (Version: 7.71.80.42) Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000) Realtek High Definition Audio Driver (Version: 6.0.1.5672) Realtek USB 2.0 Card Reader (Version: 3.0.1.3) Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101) RedMon - Redirection Port Monitor Roxio Media Manager (Version: 9.4.052) Samsung CLX-3170 Series Samsung Kies (Version: 2.5.3.13043_14) Samsung Story Album Viewer (Version: 1.0.0.13054_1) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0) Scan (Version: 8.1.0.0) Sceneo AbsolutTV Servicepack Datumsaktualisierung (Version: 1.00.00.0005) Skype™ 6.10 (Version: 6.10.104) SmarThru 4 SmarThru PC Fax Solid Edge V19 (Version: 19.00.0066) Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0) Steuer-Spar-Erklärung 2008 (Version: 13.02.0000) Steuer-Spar-Erklärung 2009 (Version: 14.01.0000) Steuer-Spar-Erklärung 2010 (Version: 15.14) Steuer-Spar-Erklärung 2011 (Version: 16.16) Steuer-Spar-Erklärung 2012 (Version: 17.12) Steuer-Spar-Erklärung 2013 (Version: 18.09) SUPER © Version 2010.bld.37 (Jan 2, 2010) (Version: Version 2010.bld.37 (Jan 2, 2010)) TextBridge Pro 8.0 Toolbox (Version: 82.0.173.000) TVsweeper 3 (Version: 3.0.3) Ulead Photo Express 3.0 SE UnloadSupport (Version: 1.00.0000) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update Manager (Version: 4.60) VCRedistSetup (Version: 1.0.0) VLC media player 2.0.1 (Version: 2.0.1) WebReg (Version: 140.0.212.017) WIDCOMM Bluetooth Software (Version: 6.3.0.6800) Windows Live Fotogalerie (Version: 12.0.1347.0718) Windows Live installer (Version: 12.0.1471.1025) Windows Live Mail (Version: 12.0.1606.1023) Windows Live Sign-in Assistant (Version: 5.000.742.2) Windows Live Writer (Version: 12.0.1370.0325) WinRAR Zoner Photo Studio 12 (Version: 12.0.1.7) ==================== Restore Points ========================= 25-11-2013 07:28:48 Entfernt STK02N 2.4 25-11-2013 07:42:43 Removed Internet Explorer Toolbar 4.6 by SweetPacks 27-11-2013 07:13:52 Windows Update 29-11-2013 07:11:09 Windows Update 30-11-2013 16:26:12 Removed Snap.Do 30-11-2013 16:28:00 Removed Snap.Do 30-11-2013 16:30:03 Removed Snap.Do 30-11-2013 16:55:44 Removed RENESIS® Player Browser Plugins 03-12-2013 15:44:14 Installed Windows Movie Maker 2.6 03-12-2013 19:03:40 Installed Microsoft Fix it 50195 03-12-2013 19:08:42 Installed Microsoft Fix it 50195 04-12-2013 07:45:22 Windows Update 08-12-2013 15:43:36 Entfernt PhotoImpression 08-12-2013 15:45:33 Entfernt MediaImpression 08-12-2013 15:47:35 Entfernt VideoImpression 08-12-2013 15:49:33 Konfiguriert PhotoNow 08-12-2013 15:51:34 Konfiguriert PowerDirector 08-12-2013 16:05:11 Konfiguriert PowerProducer 08-12-2013 16:16:35 Entfernt Easy Photo Print Plug-in for PMB(Picture Motion BrowserÝâû% 08-12-2013 16:17:23 Removed Epson Event Manager 08-12-2013 16:17:59 Removed Epson Event Manager 08-12-2013 16:23:50 Removed Yahoo Community Smartbar 08-12-2013 16:25:09 Removed Yahoo Community Smartbar 08-12-2013 16:27:07 Removed Yahoo Community Smartbar 08-12-2013 16:32:38 Removed Windows Movie Maker 2.6 09-12-2013 14:05:16 Installed SpyHunter 11-12-2013 07:22:55 Windows Update 12-12-2013 04:33:57 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2006-11-02 11:23 - 2012-07-07 16:29 - 00000791 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3BC71857-671D-465F-B500-6599B10B3014} - System32\Tasks\Microsoft\Support\ATS\OAS Integration => C:\Users\Ingo\AppData\Local\Temp\MATS-Temp\IXPglzpxzuw.y2f\MATSWiz.exe Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {9E7C5EF5-74DE-4AA6-B24B-766C4CDF5EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.) Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\System32\pla.dll [2008-01-21] (Microsoft Corporation) Task: {DE448A6E-3775-46A2-B855-A90581ABFD78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {E3289498-7688-49B7-BBC0-EE9CF2E13A92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] () Task: {F33FC516-073F-495D-9B84-AE6CAA931EBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job => C:\Windows\system32\msfeedssync.exe ==================== Loaded Modules (whitelisted) ============= 2008-11-15 15:08 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll 2010-06-28 15:36 - 2005-01-06 17:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll 2009-12-16 13:15 - 2007-12-27 16:38 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll 2007-03-20 14:08 - 2007-03-20 14:08 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll 2012-10-17 19:18 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 2008-08-28 13:02 - 2007-05-16 21:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll 2009-08-19 06:51 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll 2009-08-23 18:58 - 2009-08-23 18:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2009-05-27 16:09 - 2008-09-16 19:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll 2009-03-05 08:01 - 1998-12-14 11:06 - 00163328 _____ () C:\Program Files\Common Files\Xerox Shared\easytb32.dll 2009-03-05 08:01 - 1998-12-14 11:06 - 00034304 _____ () C:\Program Files\Common Files\Xerox Shared\VGFILE.dll 2009-01-02 11:15 - 2000-02-11 15:27 - 00417792 _____ () C:\Program Files\Profi cash\flam32.dll 2009-01-02 11:15 - 2000-10-16 16:27 - 00167936 _____ () C:\Program Files\Profi cash\CRMBSAPW.dll 2009-01-02 11:15 - 2002-09-12 09:29 - 00057344 _____ () C:\Program Files\Profi cash\zlib.dll 2009-01-02 11:15 - 2006-05-09 14:48 - 00056785 _____ () C:\Program Files\Profi cash\mc_acchk.dll 2009-01-02 11:15 - 2003-12-22 09:10 - 00065536 _____ () C:\Program Files\Profi cash\encrypt4.dll 2013-10-16 10:29 - 2013-10-16 10:29 - 00326712 _____ () C:\Program Files\Lexware\buchhalter\2013\BH_DATA130VC8.dll 2013-03-21 15:29 - 2013-03-21 15:29 - 00319032 _____ () C:\Windows\system32\LxDNT100.dll 2013-03-21 15:29 - 2013-03-21 15:29 - 00074808 _____ () C:\Windows\system32\LxDNTvm100.dll 2013-05-07 08:55 - 2013-05-07 08:55 - 00084536 _____ () C:\Program Files\Lexware\buchhalter\2013\LexCheckView.dll 2013-05-07 08:55 - 2013-05-07 08:55 - 00089144 _____ () C:\Program Files\Lexware\buchhalter\2013\LexCheckMini.dll 2013-05-07 08:55 - 2013-05-07 08:55 - 00073272 _____ () C:\Program Files\Lexware\buchhalter\2013\LexCheckDataProviderStd.dll 2009-04-24 07:42 - 2003-07-12 08:54 - 00844288 _____ () C:\Program Files\klickTel\klickTel Juli 2003\ktOutlkA.dll 2009-04-24 07:42 - 2003-07-14 14:58 - 04410880 _____ () C:\Program Files\klickTel\klickTel Juli 2003\ktaddin.dll 2009-04-24 07:38 - 1999-03-02 08:12 - 00372736 _____ () C:\Program Files\klickTel\klickTel Juli 2003\KSDB32.DLL 2013-09-03 14:54 - 2013-09-03 14:54 - 02897280 _____ () C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll 2013-09-03 14:54 - 2013-09-03 14:54 - 01446400 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Could not start eventlog service, could not read events. ==================== Memory info =========================== Percentage of memory in use: 66% Total physical RAM: 3065.95 MB Available physical RAM: 1015.18 MB Total Pagefile: 6332.9 MB Available Pagefile: 4120.86 MB Total Virtual: 2047.88 MB Available Virtual: 1937.52 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:163.89 GB) (Free:48.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Pittruff) (Fixed) (Total:48.83 GB) (Free:8.64 GB) NTFS Drive e: (RECOVER) (Fixed) (Total:19.76 GB) (Free:3.91 GB) FAT32 Drive f: (IP Spanntechnik) (Fixed) (Total:65.6 GB) (Free:24.78 GB) NTFS Drive k: (HDDRIVE2GO) (Fixed) (Total:596.02 GB) (Free:179.25 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 8E03B488) Partition 1: (Active) - (Size=164 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=66 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=20 GB) - (Type=0C) ======================================================== Disk: 1 (Size: 596 GB) (Disk ID: 8078AF9B) Partition 1: (Not Active) - (Size=596 GB) - (Type=0C) ==================== End Of Log ============================ Mit freundlichen Grüßen, Stefan |
|
13.12.2013, 16:52
| #6 |
| /// the machine /// TB-Ausbilder | Nation Zoom Virus Java, Adobe, Firefox und THunderbird updaten. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Nation Zoom Virus |
|
16.12.2013, 23:07
| #7 |
| | Nation Zoom Virus Hallo, es hat alles wunderbar geklappt. Vielen vielen dank für diese schnelle und vorallem gut verständliche Hilfestellung. Mit freundlichen Grüßen, Stefan |
|
17.12.2013, 12:11
| #8 |
| /// the machine /// TB-Ausbilder | Nation Zoom Virus Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Nation Zoom Virus |
| adw cleaner, angezeigt, anti-malware, cleaner, dateien, explorer, forum, geändert, iexplore.exe, internet explorer, java/exploit.agent.qfq, junkware, malwarebytes, nation zoom virus, nicht mehr, notebook, pup.optional.nationzoom, pup.optional.smartbar, rechtsklick, seite, startseite, symbol, thread, versteckt sich, virus |
