Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Virenbefall

Virenbefall


Plagegeister aller Art und deren Bekämpfung: Virenbefall

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.12.2013, 16:31   #1
stefan60
 
Virenbefall - Standard

Virenbefall


Heute merkte ich, dass der CURSOR wie wild zuckte und zitterte, bei jeder Mausbewegung
ziellose, Doppelklicks wurden 3fach ausgeführt. Dann waren auch die PASSWÖRTER Zugänge
in den mails FIX EINGETRAGEN, aus Geisterhand wußte da jemand meinen USERNAME und MEIN PASSWORT!!! Jetzt denke ich mir , dass "jemand" hier in mein System hinein will : ist das wirklich der Fall? Ich habe AVIRA doch schein dies nutzlos zu sein? Was könnte ich nun unternehmen?



Typ: Datei
Quelle: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTVGQSHB\Setup[1].exe
Status: Infiziert
Quarantäne-Objekt: 3213b56b.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.160
Virendefinitionsdatei: 7.11.118.232
Gefunden: TR/Agent.852912
Datum/Uhrzeit: 10.12.2013, 13:47


Typ: Datei
Quelle: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6COIL0Y\download[1].php
Status: Infiziert
Quarantäne-Objekt: 7792985c.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.160
Virendefinitionsdatei: 7.11.118.232
Gefunden: ADWARE/Lollipop.A.504
Datum/Uhrzeit: 10.12.2013, 13:47


Typ: Datei
Quelle: C:\Users\Paul\AppData\Local\Temp\131120\te.exe
Status: Infiziert
Quarantäne-Objekt: 5a4a9951.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.160
Virendefinitionsdatei: 7.11.118.232
Gefunden: TR/Zusy.69875.64
Datum/Uhrzeit: 10.12.2013, 13:32


Typ: Datei
Quelle: C:\Users\Paul\AppData\Local\Temp\Player_Setup.exe\218ed282719c4ec281e8d49064001c69\software\LollipopInstaller_14656.exe
Status: Infiziert
Quarantäne-Objekt: 431bb6e0.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.160
Virendefinitionsdatei: 7.11.118.232
Gefunden: ADWARE/Agent.411136.2
Datum/Uhrzeit: 10.12.2013, 13:32


Typ: Datei
Quelle: C:\Users\Paul\AppData\Local\Temp\294823_.exe
Status: Infiziert
Quarantäne-Objekt: 5a6d4b2e.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.160
Virendefinitionsdatei: 7.11.118.232
Gefunden: ADWARE/Adware.Gen7
Datum/Uhrzeit: 10.12.2013, 09:48


Typ: Datei
Quelle: C:\Users\Paul\AppData\Local\Temp\4ae13d6c_.exe
Status: Infiziert
Quarantäne-Objekt: 5b542de6.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.160
Virendefinitionsdatei: 7.11.118.232
Gefunden: TR/Downloader.Gen
Datum/Uhrzeit: 10.12.2013, 07:22


Typ: Datei
Quelle: C:\Users\Paul\Desktop\shttp3(1).exe
Status: Infiziert
Quarantäne-Objekt: 5d7822d4.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.150
Virendefinitionsdatei: 7.11.115.116
Gefunden: SPR/SmallHTTP.B
Datum/Uhrzeit: 25.11.2013, 18:14


Typ: Datei
Quelle: C:\Users\Paul\Downloads\shttp3.exe
Status: Infiziert
Quarantäne-Objekt: 5b893d45.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.150
Virendefinitionsdatei: 7.11.115.116
Gefunden: SPR/SmallHTTP.B
Datum/Uhrzeit: 25.11.2013, 18:13


Typ: Datei
Quelle: c:\support\couponsupport.exe
Status: Infiziert
Quarantäne-Objekt: 43efc1c7.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.150
Virendefinitionsdatei: 7.11.115.110
Gefunden: TR/Symmi.14078.5
Datum/Uhrzeit: 25.11.2013, 13:28


Typ: Datei
Quelle: C:\Program Files\ShoppingChip\Iv9YqF3qan.dll
Status: Infiziert
Quarantäne-Objekt: 5abcafce.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.150
Virendefinitionsdatei: 7.11.115.110
Gefunden: ADWARE/Adware.A.2219
Datum/Uhrzeit: 25.11.2013, 13:10



BEIM HERUNTERLADEN VON SPY AND SPOT Programm kommt auch von AVIRA sofort die Meldung:
Unerwünschtes Programm "APPL/Downloader.Gen (Cloud) verweigert!!!
Geändert von stefan60 (10.12.2013 um 16:37 Uhr)

Alt 10.12.2013, 16:45   #2
Psychotic
/// Malwareteam
 
Virenbefall - Standard

Virenbefall




Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
  1. Bitte arbeite alle Schritte der Reihe nach ab.
  2. Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
  3. Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
  4. Bitte kein Crossposting (posten in mehreren Foren) - wenn du die Anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
  5. Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
  6. Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!

    ...und ganz wichtig:

  7. Poste die Logfiles mit code-tags (das #-Symbol oben im Antwortfenster) in deinen Thread! Nicht anhängen, außer, ich fordere dich dazu auf. (Erschwert mir nämlich das Auswerten).


Vista und Win7 User
Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten.



Schritt 1: defogger


Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
  • Starte das Tool mit Doppelklick.
    Vista und Win7 User mit Rechtsklick "als Administrator starten".
  • Klicke nun auf den Disable Button um die Treiber gewisser Emulatoren zu deaktivieren.
  • Wenn der Scan beendet wurde ( Finished ), klicke auf OK.
  • Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
Sollte Defogger eine Fehlermeldung ausgeben, poste bitte die defogger_disable Log von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.




Schritt 2: FRST



Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32bit oder FRST 64bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Schritt 3: GMER



Bitte
  • alle anderen Scanner gegen Viren, Spyware, usw. deaktivieren,
  • keine bestehende Verbindung zu einem Netzwerk/Internet (WLAN nicht vergessen),
  • nichts am Rechner arbeiten,
  • nach jedem Scan der Rechner neu gestarten.
Gmer scannen lassen
  • Lade Dir Gmer von dieser Seite herunter (auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.
  • Alle anderen Programme sollen geschlossen sein.
  • Starte gmer.exe (Programm hat einen willkürlichen Programm-Namen). Vista und Win7 User mit Rechtsklick und als Administrator starten.
  • Sollte sich ein Fenster mit folgender Warnung öffnen:
    WARNING !!! GMER has found system modification, which might have been caused by ROOTKIT activity. Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Hacken bei:
    • IAT/EAT
    • Alle Festplatten ausser die Systemplatte (normalerweise ist nur C:\ angehackt)
    • Show all (sollte abgehackt sein)
  • Starte den Scan mit "Scan". Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!
__________________

__________________
Alt 12.12.2013, 07:26   #3
stefan60
 
Virenbefall - Standard

Virenbefall


Hallo Psychotic. Bitte um Geduld. Bin jetzt bei meinem Rechner reingekommen und
die Schritte auch hier gemacht: nebenher hab ich Malwarbytes runtergeladen und installiert indem ich Antivir Firewall und Brouser ausgeschaltet habe zur Aktivierung.
Ich habe leider auch hier Avira oben mit Jahresabonament, werde es dann , laut
der Empfehlung von Euch mit AVAST ersetzen. Doch nun zu den FRST TXT u Aditional:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-12-2013 01
Ran by Paul (administrator) on PAUL-PC on 11-12-2013 18:50:03
Running from C:\Users\Paul\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\Paul\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Paul\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\HiSuite\HiSuite.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Paul\AppData\Local\HiSuite\userdata\hwtools\hwtransport.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
() C:\Users\Paul\Downloads\Defogger.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [MobileBroadband] - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [272384 2010-09-08] (Vodafone)
HKLM\...\Run: [NSU_agent] - C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [http.exe] - c:\shttps\http.exe
HKLM\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKCU\...\Run: [HP Photosmart 6520 series (NET)] - C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [1818472 2012-05-08] (Hewlett-Packard Co.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Paul\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-21] (Facebook Inc.)
HKCU\...\Run: [Mobile Partner] - C:\Program Files\HiSuite\HiSuite.exe [583488 2013-07-11] ()
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKCU\...\Run: [AudialsNotifier] - C:\Program Files\Audials\Audials 11\AudialsNotifier.exe
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
MountPoints2: E - E:\WindowsUI\Autorun.exe
MountPoints2: {1d658035-579d-11e3-8063-e840f2240b5e} - E:\WindowsUI\Autorun.exe
MountPoints2: {55235923-579e-11e3-b10a-e840f2240b5e} - E:\WindowsUI\Autorun.exe
MountPoints2: {705f39c4-438f-11e3-9467-e840f2240b5e} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {705f3a8e-438f-11e3-9467-e840f2240b5e} - E:\setup_vmb_lite.exe /checkApplicationPresence
AppInit_DLLs:   [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DB47461AEC8CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3F82916C-DCDB-4CF9-A528-D48F354B2908}: [NameServer]193.70.152.25 212.52.97.25

FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ga2v3af7.default
FF user.js: detected! => C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ga2v3af7.default\user.js
FF DefaultSearchEngine: DuckDuckGo
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: DuckDuckGo
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Paul\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

========================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [972872 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] ()
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [158208 2013-05-02] ()
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2010-09-08] (Vodafone)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2013-11-21] (RapidSolution Software AG)
S3 vodafone_K3805-z_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_K3805-z_cdc_acm.sys [67584 2010-09-01] (Vodafone)
S3 vodafone_K3805-z_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys [79360 2010-09-01] (Vodafone)
S3 vodafone_K3805-z_cpo; C:\Windows\System32\DRIVERS\vodafone_K3805-z_cpo.sys [9728 2010-09-01] (Vodafone)
R3 vodafone_K3805-z_dc_enum; C:\Windows\System32\DRIVERS\vodafone_K3805-z_dc_enum.sys [61952 2010-09-01] (Vodafone)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-11 18:50 - 2013-12-11 18:50 - 00011578 _____ C:\Users\Paul\Downloads\FRST.txt
2013-12-11 18:49 - 2013-12-11 18:49 - 00000000 ____D C:\FRST
2013-12-11 18:48 - 2013-12-11 18:48 - 01061389 _____ (Farbar) C:\Users\Paul\Downloads\FRST.exe
2013-12-11 18:47 - 2013-12-11 18:47 - 00050477 _____ C:\Users\Paul\Downloads\Defogger.exe
2013-12-11 18:47 - 2013-12-11 18:47 - 00000470 _____ C:\Users\Paul\Downloads\defogger_disable.log
2013-12-11 18:47 - 2013-12-11 18:47 - 00000000 _____ C:\Users\Paul\defogger_reenable
2013-12-11 17:52 - 2013-12-11 18:04 - 00000000 ____D C:\Users\Paul\Desktop\STUDIUM KAINZ GESUNDHEIT
2013-12-10 18:35 - 2013-12-10 18:35 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 18:35 - 2013-12-10 18:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 18:35 - 2013-12-10 18:35 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 18:35 - 2013-12-10 18:35 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 18:35 - 2013-12-10 18:35 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 18:35 - 2013-12-10 18:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 18:34 - 2013-12-10 18:37 - 00010261 _____ C:\Windows\IE11_main.log
2013-12-10 18:08 - 2013-12-10 18:08 - 00285398 _____ C:\Users\Paul\Downloads\Gescanntes Dokument von HP ePrint-Benutzer(1).zip
2013-12-10 13:57 - 2013-12-10 13:57 - 00007464 _____ C:\Users\Paul\Desktop\quarantaeneVienbefall.txt
2013-12-10 07:07 - 2013-12-10 07:07 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-12-10 07:07 - 2013-12-10 07:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 07:05 - 2013-12-10 07:06 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 06:49 - 2013-12-10 07:14 - 00000000 ____D C:\Program Files\BetterSurf
2013-12-07 14:17 - 2013-12-07 14:17 - 00000000 ____D C:\Users\Paul\Downloads\James Arthur (Deluxe)
2013-12-07 14:14 - 2013-12-07 14:16 - 00000000 ____D C:\Users\Paul\Downloads\Family of the Year - Loma Vista (2012) [FLAC]
2013-12-07 14:13 - 2013-12-07 14:13 - 00000000 ____D C:\Users\Paul\Downloads\Take Me Home Yearbook Edition
2013-12-07 14:12 - 2013-12-07 14:12 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-07 14:11 - 2013-12-07 14:12 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-07 14:11 - 2013-12-07 14:12 - 00000000 ____D C:\Program Files\iTunes
2013-12-07 14:11 - 2013-12-07 14:11 - 00000000 ____D C:\Program Files\iPod
2013-12-07 14:06 - 2013-12-07 14:06 - 00000000 ____D C:\Users\Paul\Downloads\VA.-.MTV.Top.The.Hits.[Music.Television].MP3.[www.TodoCVCD.com]
2013-12-07 14:05 - 2013-12-07 14:05 - 00000000 ____D C:\Users\Paul\Downloads\Bastille - Bad Blood (The Extended Cut)
2013-12-07 14:01 - 2013-12-07 14:07 - 00000000 ____D C:\Users\Paul\Downloads\Katy Perry
2013-12-07 13:53 - 2013-12-07 13:54 - 00000000 ____D C:\Users\Paul\Downloads\PRISM (Deluxe)
2013-12-07 13:52 - 2013-12-07 13:55 - 00000000 ____D C:\Users\Paul\Downloads\Passenger-All The Little Lights (2CD)(2012) 320Kbit(mp3) DMT
2013-12-07 13:50 - 2013-12-07 13:52 - 00000000 ____D C:\Users\Paul\Downloads\John Newman - Tribute (Deluxe Edition) [2013] 320
2013-12-07 13:46 - 2013-12-07 13:46 - 00000000 ____D C:\Users\Paul\Downloads\One Republic - Native (Deluxe Edition)[kely258]
2013-12-06 06:43 - 2013-12-06 06:43 - 00185777 _____ C:\Users\Paul\Downloads\filename-1
2013-12-06 06:18 - 2013-12-06 06:18 - 00089376 _____ C:\Users\Paul\Downloads\POSTA CERTIFICATA WG POSTA CERTIFICATA COMUNICAZIONE 20702012VG.zip
2013-12-06 06:14 - 2013-12-06 06:14 - 00058543 _____ C:\Users\Paul\Downloads\2070-12.pdf(1).zip
2013-12-04 13:57 - 2013-12-04 14:02 - 00000000 ____D C:\Users\Paul\Desktop\Neuer Ordner (3)
2013-12-04 13:34 - 2013-12-04 13:46 - 00000000 ____D C:\Users\Paul\Documents\My Kindle Content
2013-12-04 13:33 - 2013-12-04 13:34 - 00000000 ____D C:\Users\Paul\AppData\Local\Amazon
2013-12-04 13:33 - 2013-12-04 13:33 - 00002225 _____ C:\Users\Paul\Desktop\Kindle.lnk
2013-12-04 13:33 - 2013-12-04 13:33 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-12-04 13:16 - 2013-12-04 13:19 - 38103832 _____ (Amazon.com) C:\Users\Paul\Downloads\KindleForPC-installer.exe
2013-12-03 20:11 - 2013-12-03 20:12 - 00000000 ____D C:\Users\Paul\Downloads\Editors - The Weight Of Your Love [2013] 320
2013-12-02 07:32 - 2013-12-02 07:32 - 00058543 _____ C:\Users\Paul\Downloads\2070-12.pdf.zip
2013-12-02 07:31 - 2013-12-02 07:31 - 00030852 _____ C:\Users\Paul\Downloads\DATI BANCARI.zip
2013-11-29 23:16 - 2013-12-07 14:05 - 370717016 ____R C:\Users\Paul\Downloads\VA.-.MTV.Top.The.Hits.[Music.Television].MP3.[www.TodoCVCD.com].rar
2013-11-28 12:18 - 2013-11-28 12:18 - 00261208 _____ (LG Electronics) C:\Users\Paul\Downloads\B2CAppSetup(1).exe
2013-11-28 11:45 - 2013-11-28 11:48 - 11412680 _____ (LG Electronics) C:\Users\Paul\Downloads\LGUnitedMobileDriver_S50MAN310AP22_ML_WHQL_Ver_3.10.1(2).exe
2013-11-28 11:19 - 2013-11-28 11:19 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LG Electronics
2013-11-28 11:18 - 2013-11-28 11:18 - 00000000 ____D C:\Users\Paul\Documents\LG PC Suite
2013-11-27 21:05 - 2013-11-27 21:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_onda_mt825up_cdc_ecm_01009.Wdf
2013-11-27 21:05 - 2013-11-27 21:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_onda_mt825up_cdc_acm_01009.Wdf
2013-11-27 20:57 - 2013-11-27 21:08 - 00000000 ____D C:\Windows\system32\SupportAppXL
2013-11-27 20:57 - 2013-11-27 20:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_onda_mt825up_dc_enum_01009.Wdf
2013-11-26 06:30 - 2013-11-26 06:30 - 00000000 ____D C:\Users\Paul\Downloads\Wondershare PDF to Word Converter 3.6.0 + Serial
2013-11-25 19:28 - 2013-11-25 19:28 - 00000000 ____D C:\Users\Paul\Downloads\LG_KDZ_FW-Update_OfflineFix
2013-11-25 19:07 - 2013-11-25 19:07 - 03198534 _____ C:\Users\Paul\Downloads\KDZ_FW_UPD_EN(1).zip
2013-11-25 19:07 - 2013-11-25 19:07 - 00000000 ____D C:\Users\Paul\Downloads\KDZ_FW_UPD_EN(1)
2013-11-25 19:05 - 2013-11-25 19:05 - 03198534 _____ C:\Users\Paul\Downloads\KDZ_FW_UPD_EN.zip
2013-11-25 19:04 - 2013-11-25 19:04 - 06533440 _____ C:\Users\Paul\Downloads\LG_KDZ_FW-Update_OfflineFix.zip
2013-11-25 19:04 - 2013-11-25 19:04 - 00000855 _____ C:\Users\Paul\Documents\hosts.txt
2013-11-25 18:47 - 2013-11-25 18:47 - 02978058 _____ C:\Users\Paul\Downloads\www.zip
2013-11-25 18:19 - 2013-11-25 18:19 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Small HTTP server
2013-11-25 13:57 - 2013-11-25 13:57 - 00000000 ____D C:\Program Files\7-Zip
2013-11-25 13:56 - 2013-11-25 13:56 - 01110476 _____ C:\Users\Paul\Downloads\7z920.exe
2013-11-25 12:56 - 2013-11-25 12:56 - 02083256 _____ C:\Users\Paul\Downloads\avira_antivirus_premium.exe
2013-11-25 12:18 - 2013-11-25 12:18 - 00000000 ____D C:\Users\Paul\AppData\Local\CrashRpt
2013-11-25 12:16 - 2013-11-25 12:17 - 00000000 ____D C:\ProgramData\RapidSolution
2013-11-25 12:16 - 2013-11-25 12:16 - 00000000 ____D C:\Program Files\Audials
2013-11-25 12:14 - 2013-11-25 12:14 - 00000000 ____D C:\Users\Paul\AppData\Local\RapidSolution
2013-11-25 12:13 - 2013-11-25 12:16 - 54345144 _____ C:\Users\Paul\Downloads\Audials_Tunebite-Setup11(1).exe
2013-11-25 12:12 - 2013-11-25 12:14 - 54345144 _____ C:\Users\Paul\Downloads\Audials_Tunebite-Setup11.exe
2013-11-25 12:11 - 2013-11-25 12:11 - 00000000 ____D C:\ProgramData\Oracle
2013-11-25 12:04 - 2013-11-25 12:04 - 00000000 ____D C:\ProgramData\Sun
2013-11-25 12:04 - 2013-11-25 12:04 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-25 12:03 - 2013-11-25 12:03 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-25 12:03 - 2013-11-25 12:03 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-25 12:03 - 2013-11-25 12:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-25 12:03 - 2013-11-25 12:03 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-25 12:03 - 2013-11-25 12:03 - 00000000 ____D C:\Program Files\Java
2013-11-25 12:01 - 2013-11-25 12:01 - 00915368 _____ (Oracle Corporation) C:\Users\Paul\Downloads\jxpiinstall.exe
2013-11-21 20:53 - 2013-12-11 17:38 - 00000354 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2013-11-21 20:53 - 2013-11-27 20:50 - 00000000 ____D C:\ProgramData\ShoppingChip
2013-11-21 20:53 - 2013-11-27 07:02 - 00000000 ____D C:\ProgramData\2d4ae6a95b6cbcc9
2013-11-21 20:53 - 2013-11-25 13:28 - 00000000 ____D C:\Support
2013-11-21 20:52 - 2013-12-11 17:39 - 00000352 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-21 20:52 - 2013-11-21 20:52 - 05922560 _____ (GoforFiles) C:\Users\Paul\Downloads\lg_e400_kdz_downloader_it_99370.exe
2013-11-21 20:52 - 2013-11-21 20:52 - 00000000 ____D C:\Users\Paul\AppData\Roaming\GoforFiles
2013-11-21 20:52 - 2013-11-21 20:52 - 00000000 ____D C:\Users\Paul\AppData\Local\SwvUpdater
2013-11-21 20:51 - 2013-11-26 06:30 - 00000000 ____D C:\Users\Paul\Downloads\www.torrent.to...Armin.Risi.-.Die.Macht.hinter.der.Macht.GERMAN.FS.WEBRiP.XviD
2013-11-21 15:08 - 2013-11-21 15:08 - 00039048 _____ (RapidSolution Software AG) C:\Windows\system32\Drivers\tbhsd.sys
2013-11-21 15:07 - 2013-11-21 15:07 - 00022184 _____ (Audials AG) C:\Windows\system32\Drivers\RrNetCapFilterDriver.sys
2013-11-19 18:14 - 2013-08-10 11:36 - 00000000 ____D C:\Users\Paul\Downloads\PirateBrowser 0.6b
2013-11-19 18:10 - 2013-11-19 18:10 - 31094527 _____ (Igor Pavlov) C:\Users\Paul\Downloads\PirateBrowser_0.6b.exe
2013-11-19 17:16 - 2013-11-19 17:17 - 11412680 _____ (LG Electronics) C:\Users\Paul\Downloads\LGUnitedMobileDriver_S50MAN310AP22_ML_WHQL_Ver_3.10.1(1).exe
2013-11-19 17:16 - 2013-11-19 17:17 - 00261208 _____ (LG Electronics) C:\Users\Paul\Downloads\B2CAppSetup.exe
2013-11-19 13:19 - 2013-11-19 13:19 - 00003215 _____ C:\Users\Paul\Downloads\usbdeview_italian.zip
2013-11-19 13:17 - 2013-11-19 13:17 - 00003187 _____ C:\Users\Paul\Downloads\usbdeview_german.zip
2013-11-18 10:05 - 2013-11-18 10:05 - 00000000 ____D C:\Users\Paul\Downloads\www.torrent.to...Armin.Risi.-.Evolution.oder.Involution.German.DOKU.DVDRiP.XviD
2013-11-17 15:53 - 2013-11-17 15:53 - 00000000 ____D C:\Users\Paul\AppData\Local\NokiaAccount
2013-11-17 15:53 - 2013-11-17 15:53 - 00000000 ____D C:\ProgramData\Nokia
2013-11-17 15:52 - 2013-11-17 15:52 - 00000000 ____D C:\Program Files\PC Connectivity Solution
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-11-17 15:05 - 2013-11-17 15:06 - 106320416 _____ C:\Users\Paul\Downloads\Nokia_Suite_webinstaller_ALL(1).exe
2013-11-17 14:06 - 2013-11-17 14:06 - 02462826 _____ C:\Users\Paul\Downloads\KDZ_FW_UPD_EN.7z
2013-11-17 13:13 - 2013-11-17 13:13 - 00184796 _____ C:\Users\Paul\Downloads\Gescanntes Dokument von HP ePrint-Benutzer.zip
2013-11-17 12:06 - 2013-11-17 12:06 - 01488384 _____ C:\Users\Paul\Downloads\msxml6.msi
2013-11-17 12:05 - 2013-11-17 12:05 - 00622520 _____ C:\Users\Paul\Downloads\7-zip.exe
2013-11-15 20:38 - 2013-11-15 20:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-14 18:14 - 2013-11-28 11:40 - 00001080 _____ C:\Users\Public\Desktop\LG PC Suite.Lnk
2013-11-14 17:55 - 2013-11-14 17:55 - 00000000 ____D C:\Users\Paul\AppData\Local\LG Electronics
2013-11-14 17:34 - 2013-11-14 17:43 - 216317856 _____ (LG Electronics) C:\Users\Paul\Downloads\LGPCSuite_Setup.exe
2013-11-14 17:30 - 2013-11-17 12:57 - 00000000 ____D C:\LGMobileUpgrade
2013-11-14 17:24 - 2013-11-14 17:24 - 00000000 ____D C:\Users\Paul\Documents\KDZ_FW_UPD_EN (1)-1
2013-11-14 17:12 - 2013-11-25 19:08 - 00000000 ____D C:\LGE400
2013-11-14 17:11 - 2013-11-28 12:25 - 00002411 _____ C:\Windows\system32\lgAxconfig.ini
2013-11-14 17:11 - 2013-11-28 12:25 - 00000835 _____ C:\Users\Paul\Desktop\LGMobile Support Tool.lnk
2013-11-14 17:11 - 2013-11-25 19:35 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-11-14 17:11 - 2011-05-07 04:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\msvcr90.dll
2013-11-14 17:11 - 2011-05-07 04:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp90.dll
2013-11-14 17:11 - 2011-05-07 04:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\msvcm90.dll
2013-11-14 17:11 - 2006-04-30 23:33 - 00053248 _____ () C:\Windows\system32\CommonDL.dll
2013-11-14 17:11 - 2005-09-30 16:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\msxml4a.dll
2013-11-14 17:10 - 2013-11-14 17:10 - 00000000 ____D C:\Users\Paul\Documents\KDZ_FW_UPD_EN (1)
2013-11-14 15:58 - 2013-11-14 15:58 - 00264498 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-11-14 07:02 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 07:02 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 07:02 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 07:02 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 07:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 07:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 07:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 07:02 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 07:02 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 07:02 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 07:02 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 07:02 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 07:02 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 07:02 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 07:02 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 07:02 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 07:02 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 07:02 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 19:49 - 2013-11-25 19:09 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-11-13 19:49 - 2013-11-17 15:53 - 00000000 ____D C:\Users\Paul\AppData\Local\Nokia
2013-11-13 19:49 - 2013-11-13 19:49 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nokia
2013-11-13 19:09 - 2013-11-13 19:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-11-13 19:09 - 2013-11-13 19:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmb_01009.Wdf
2013-11-13 16:13 - 2013-11-17 11:53 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Nokia
2013-11-13 16:13 - 2013-11-13 19:09 - 00000000 ____D C:\Users\Paul\AppData\Roaming\PC Suite
2013-11-13 16:13 - 2013-11-13 19:09 - 00000000 ____D C:\ProgramData\PC Suite
2013-11-13 15:52 - 2013-11-13 19:49 - 00000000 ____D C:\Program Files\Common Files\Nokia
2013-11-13 15:52 - 2013-11-13 15:52 - 00002000 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2013-11-13 15:52 - 2013-11-13 15:52 - 00000000 ____D C:\Program Files\DIFX
2013-11-13 15:52 - 2013-11-13 15:52 - 00000000 ____D C:\Program Files\Common Files\PCSuite
2013-11-13 15:52 - 2012-10-17 14:53 - 00019072 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys
2013-11-13 15:51 - 2013-11-27 21:15 - 00000000 ____D C:\Program Files\SqueakyChocolate
2013-11-13 15:51 - 2013-11-17 15:53 - 00000000 ____D C:\Program Files\Nokia
2013-11-13 15:51 - 2013-11-13 19:33 - 00000000 ____D C:\ProgramData\Installations
2013-11-13 15:51 - 2013-11-13 15:51 - 00000000 ____D C:\Users\Paul\Documents\Add-in Express
2013-11-13 15:49 - 2013-11-13 15:49 - 00486848 _____ C:\Users\Paul\Downloads\Nokia_PC_Suite_ALL-aoc-jd.exe
2013-11-13 15:49 - 2013-11-13 15:49 - 00000000 ____D C:\Users\Paul\AppData\Roaming\OpenCandy
2013-11-13 15:47 - 2013-11-13 15:47 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-13 13:30 - 2013-11-13 13:30 - 00000000 ____D C:\Users\Paul\Downloads\Neuer Ordner
2013-11-13 12:15 - 2013-11-13 12:23 - 354060579 _____ C:\Users\Paul\Downloads\V20D_00_m.kdz
2013-11-13 12:10 - 2013-11-13 12:10 - 00000554 _____ C:\Windows\KB893803v2.log
2013-11-13 12:09 - 2013-11-13 12:09 - 00850004 _____ C:\Users\Paul\Downloads\KDZ_1_4.rar
2013-11-13 12:08 - 2013-11-14 17:26 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-11-13 12:08 - 2013-11-14 17:06 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-13 12:08 - 2013-11-13 15:48 - 00000000 ____D C:\Users\Paul\AppData\Local\Lollipop
2013-11-11 19:41 - 2013-11-17 14:03 - 00000000 ____D C:\Program Files\LG Electronics
2013-11-11 19:40 - 2013-11-11 19:40 - 11412680 _____ (LG Electronics) C:\Users\Paul\Downloads\LGUnitedMobileDriver_S50MAN310AP22_ML_WHQL_Ver_3.10.1.exe
2013-11-11 18:19 - 2013-11-11 18:20 - 00000000 ____D C:\Users\Paul\Desktop\DUAL SIM KONTAKTE
2013-11-11 18:17 - 2013-12-03 18:59 - 00000000 ____D C:\Users\Paul\Desktop\Monika DUAL SIM FOTOS
2013-11-11 11:42 - 2013-11-11 11:42 - 00004440 _____ C:\Users\Paul\Desktop\Alice_Mail.html

==================== One Month Modified Files and Folders =======

2013-12-11 18:50 - 2013-12-11 18:50 - 00011578 _____ C:\Users\Paul\Downloads\FRST.txt
2013-12-11 18:49 - 2013-12-11 18:49 - 00000000 ____D C:\FRST
2013-12-11 18:48 - 2013-12-11 18:48 - 01061389 _____ (Farbar) C:\Users\Paul\Downloads\FRST.exe
2013-12-11 18:47 - 2013-12-11 18:47 - 00050477 _____ C:\Users\Paul\Downloads\Defogger.exe
2013-12-11 18:47 - 2013-12-11 18:47 - 00000470 _____ C:\Users\Paul\Downloads\defogger_disable.log
2013-12-11 18:47 - 2013-12-11 18:47 - 00000000 _____ C:\Users\Paul\defogger_reenable
2013-12-11 18:47 - 2013-10-11 11:10 - 00000000 ____D C:\Users\Paul
2013-12-11 18:11 - 2013-10-10 17:42 - 01374626 _____ C:\Windows\WindowsUpdate.log
2013-12-11 18:07 - 2013-10-21 21:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 18:07 - 2013-10-21 21:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 18:07 - 2013-10-21 21:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-11 18:04 - 2013-12-11 17:52 - 00000000 ____D C:\Users\Paul\Desktop\STUDIUM KAINZ GESUNDHEIT
2013-12-11 17:43 - 2009-07-14 05:34 - 00015840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:43 - 2009-07-14 05:34 - 00015840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:39 - 2013-11-21 20:52 - 00000352 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-12-11 17:38 - 2013-11-21 20:53 - 00000354 ____H C:\Windows\Tasks\couponsupport-S-649636217.job
2013-12-11 17:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 17:37 - 2009-07-14 05:39 - 00076729 _____ C:\Windows\setupact.log
2013-12-11 17:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-10 18:37 - 2013-12-10 18:34 - 00010261 _____ C:\Windows\IE11_main.log
2013-12-10 18:35 - 2013-12-10 18:35 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 18:35 - 2013-12-10 18:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 18:35 - 2013-12-10 18:35 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 18:35 - 2013-12-10 18:35 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 18:35 - 2013-12-10 18:35 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 18:35 - 2013-12-10 18:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 18:35 - 2013-12-10 18:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 18:35 - 2013-12-10 18:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 18:08 - 2013-12-10 18:08 - 00285398 _____ C:\Users\Paul\Downloads\Gescanntes Dokument von HP ePrint-Benutzer(1).zip
2013-12-10 14:02 - 2013-10-21 18:57 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2325760055-144097416-1186797623-1000UA.job
2013-12-10 13:57 - 2013-12-10 13:57 - 00007464 _____ C:\Users\Paul\Desktop\quarantaeneVienbefall.txt
2013-12-10 07:14 - 2013-12-10 06:49 - 00000000 ____D C:\Program Files\BetterSurf
2013-12-10 07:07 - 2013-12-10 07:07 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Malwarebytes
2013-12-10 07:07 - 2013-12-10 07:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 07:06 - 2013-12-10 07:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Paul\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-08 20:02 - 2013-10-21 18:57 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2325760055-144097416-1186797623-1000Core.job
2013-12-07 14:19 - 2013-10-15 17:26 - 00000000 ____D C:\Users\Paul\AppData\Roaming\uTorrent
2013-12-07 14:17 - 2013-12-07 14:17 - 00000000 ____D C:\Users\Paul\Downloads\James Arthur (Deluxe)
2013-12-07 14:16 - 2013-12-07 14:14 - 00000000 ____D C:\Users\Paul\Downloads\Family of the Year - Loma Vista (2012) [FLAC]
2013-12-07 14:13 - 2013-12-07 14:13 - 00000000 ____D C:\Users\Paul\Downloads\Take Me Home Yearbook Edition
2013-12-07 14:12 - 2013-12-07 14:12 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-07 14:12 - 2013-12-07 14:11 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-07 14:12 - 2013-12-07 14:11 - 00000000 ____D C:\Program Files\iTunes
2013-12-07 14:11 - 2013-12-07 14:11 - 00000000 ____D C:\Program Files\iPod
2013-12-07 14:11 - 2013-10-23 19:25 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-07 14:07 - 2013-12-07 14:01 - 00000000 ____D C:\Users\Paul\Downloads\Katy Perry
2013-12-07 14:06 - 2013-12-07 14:06 - 00000000 ____D C:\Users\Paul\Downloads\VA.-.MTV.Top.The.Hits.[Music.Television].MP3.[www.TodoCVCD.com]
2013-12-07 14:05 - 2013-12-07 14:05 - 00000000 ____D C:\Users\Paul\Downloads\Bastille - Bad Blood (The Extended Cut)
2013-12-07 14:05 - 2013-11-29 23:16 - 370717016 ____R C:\Users\Paul\Downloads\VA.-.MTV.Top.The.Hits.[Music.Television].MP3.[www.TodoCVCD.com].rar
2013-12-07 13:55 - 2013-12-07 13:52 - 00000000 ____D C:\Users\Paul\Downloads\Passenger-All The Little Lights (2CD)(2012) 320Kbit(mp3) DMT
2013-12-07 13:54 - 2013-12-07 13:53 - 00000000 ____D C:\Users\Paul\Downloads\PRISM (Deluxe)
2013-12-07 13:52 - 2013-12-07 13:50 - 00000000 ____D C:\Users\Paul\Downloads\John Newman - Tribute (Deluxe Edition) [2013] 320
2013-12-07 13:46 - 2013-12-07 13:46 - 00000000 ____D C:\Users\Paul\Downloads\One Republic - Native (Deluxe Edition)[kely258]
2013-12-06 06:43 - 2013-12-06 06:43 - 00185777 _____ C:\Users\Paul\Downloads\filename-1
2013-12-06 06:18 - 2013-12-06 06:18 - 00089376 _____ C:\Users\Paul\Downloads\POSTA CERTIFICATA WG POSTA CERTIFICATA COMUNICAZIONE 20702012VG.zip
2013-12-06 06:14 - 2013-12-06 06:14 - 00058543 _____ C:\Users\Paul\Downloads\2070-12.pdf(1).zip
2013-12-06 06:07 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-05 20:26 - 2013-10-17 05:05 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-04 14:02 - 2013-12-04 13:57 - 00000000 ____D C:\Users\Paul\Desktop\Neuer Ordner (3)
2013-12-04 13:57 - 2013-10-11 08:20 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-04 13:46 - 2013-12-04 13:34 - 00000000 ____D C:\Users\Paul\Documents\My Kindle Content
2013-12-04 13:34 - 2013-12-04 13:33 - 00000000 ____D C:\Users\Paul\AppData\Local\Amazon
2013-12-04 13:33 - 2013-12-04 13:33 - 00002225 _____ C:\Users\Paul\Desktop\Kindle.lnk
2013-12-04 13:33 - 2013-12-04 13:33 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-12-04 13:19 - 2013-12-04 13:16 - 38103832 _____ (Amazon.com) C:\Users\Paul\Downloads\KindleForPC-installer.exe
2013-12-03 20:12 - 2013-12-03 20:11 - 00000000 ____D C:\Users\Paul\Downloads\Editors - The Weight Of Your Love [2013] 320
2013-12-03 18:59 - 2013-11-11 18:17 - 00000000 ____D C:\Users\Paul\Desktop\Monika DUAL SIM FOTOS
2013-12-02 07:32 - 2013-12-02 07:32 - 00058543 _____ C:\Users\Paul\Downloads\2070-12.pdf.zip
2013-12-02 07:31 - 2013-12-02 07:31 - 00030852 _____ C:\Users\Paul\Downloads\DATI BANCARI.zip
2013-11-30 15:20 - 2013-10-14 09:22 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-28 12:25 - 2013-11-14 17:11 - 00002411 _____ C:\Windows\system32\lgAxconfig.ini
2013-11-28 12:25 - 2013-11-14 17:11 - 00000835 _____ C:\Users\Paul\Desktop\LGMobile Support Tool.lnk
2013-11-28 12:18 - 2013-11-28 12:18 - 00261208 _____ (LG Electronics) C:\Users\Paul\Downloads\B2CAppSetup(1).exe
2013-11-28 11:48 - 2013-11-28 11:45 - 11412680 _____ (LG Electronics) C:\Users\Paul\Downloads\LGUnitedMobileDriver_S50MAN310AP22_ML_WHQL_Ver_3.10.1(2).exe
2013-11-28 11:40 - 2013-11-14 18:14 - 00001080 _____ C:\Users\Public\Desktop\LG PC Suite.Lnk
2013-11-28 11:19 - 2013-11-28 11:19 - 00000000 ____D C:\Users\Paul\AppData\Roaming\LG Electronics
2013-11-28 11:18 - 2013-11-28 11:18 - 00000000 ____D C:\Users\Paul\Documents\LG PC Suite
2013-11-27 21:15 - 2013-11-13 15:51 - 00000000 ____D C:\Program Files\SqueakyChocolate
2013-11-27 21:08 - 2013-11-27 20:57 - 00000000 ____D C:\Windows\system32\SupportAppXL
2013-11-27 21:05 - 2013-11-27 21:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_onda_mt825up_cdc_ecm_01009.Wdf
2013-11-27 21:05 - 2013-11-27 21:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_onda_mt825up_cdc_acm_01009.Wdf
2013-11-27 20:57 - 2013-11-27 20:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_onda_mt825up_dc_enum_01009.Wdf
2013-11-27 20:50 - 2013-11-21 20:53 - 00000000 ____D C:\ProgramData\ShoppingChip
2013-11-27 07:02 - 2013-11-21 20:53 - 00000000 ____D C:\ProgramData\2d4ae6a95b6cbcc9
2013-11-26 06:30 - 2013-11-26 06:30 - 00000000 ____D C:\Users\Paul\Downloads\Wondershare PDF to Word Converter 3.6.0 + Serial
2013-11-26 06:30 - 2013-11-21 20:51 - 00000000 ____D C:\Users\Paul\Downloads\www.torrent.to...Armin.Risi.-.Die.Macht.hinter.der.Macht.GERMAN.FS.WEBRiP.XviD
2013-11-25 19:35 - 2013-11-14 17:11 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-11-25 19:28 - 2013-11-25 19:28 - 00000000 ____D C:\Users\Paul\Downloads\LG_KDZ_FW-Update_OfflineFix
2013-11-25 19:09 - 2013-11-13 19:49 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-11-25 19:08 - 2013-11-14 17:12 - 00000000 ____D C:\LGE400
2013-11-25 19:07 - 2013-11-25 19:07 - 03198534 _____ C:\Users\Paul\Downloads\KDZ_FW_UPD_EN(1).zip
2013-11-25 19:07 - 2013-11-25 19:07 - 00000000 ____D C:\Users\Paul\Downloads\KDZ_FW_UPD_EN(1)
2013-11-25 19:05 - 2013-11-25 19:05 - 03198534 _____ C:\Users\Paul\Downloads\KDZ_FW_UPD_EN.zip
2013-11-25 19:04 - 2013-11-25 19:04 - 06533440 _____ C:\Users\Paul\Downloads\LG_KDZ_FW-Update_OfflineFix.zip
2013-11-25 19:04 - 2013-11-25 19:04 - 00000855 _____ C:\Users\Paul\Documents\hosts.txt
2013-11-25 18:47 - 2013-11-25 18:47 - 02978058 _____ C:\Users\Paul\Downloads\www.zip
2013-11-25 18:19 - 2013-11-25 18:19 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Small HTTP server
2013-11-25 13:57 - 2013-11-25 13:57 - 00000000 ____D C:\Program Files\7-Zip
2013-11-25 13:56 - 2013-11-25 13:56 - 01110476 _____ C:\Users\Paul\Downloads\7z920.exe
2013-11-25 13:28 - 2013-11-21 20:53 - 00000000 ____D C:\Support
2013-11-25 13:01 - 2009-07-14 05:53 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-25 12:59 - 2013-10-17 05:05 - 00002016 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-25 12:58 - 2013-10-17 05:05 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 12:56 - 2013-11-25 12:56 - 02083256 _____ C:\Users\Paul\Downloads\avira_antivirus_premium.exe
2013-11-25 12:18 - 2013-11-25 12:18 - 00000000 ____D C:\Users\Paul\AppData\Local\CrashRpt
2013-11-25 12:17 - 2013-11-25 12:16 - 00000000 ____D C:\ProgramData\RapidSolution
2013-11-25 12:16 - 2013-11-25 12:16 - 00000000 ____D C:\Program Files\Audials
2013-11-25 12:16 - 2013-11-25 12:13 - 54345144 _____ C:\Users\Paul\Downloads\Audials_Tunebite-Setup11(1).exe
2013-11-25 12:14 - 2013-11-25 12:14 - 00000000 ____D C:\Users\Paul\AppData\Local\RapidSolution
2013-11-25 12:14 - 2013-11-25 12:12 - 54345144 _____ C:\Users\Paul\Downloads\Audials_Tunebite-Setup11.exe
2013-11-25 12:11 - 2013-11-25 12:11 - 00000000 ____D C:\ProgramData\Oracle
2013-11-25 12:04 - 2013-11-25 12:04 - 00000000 ____D C:\ProgramData\Sun
2013-11-25 12:04 - 2013-11-25 12:04 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-25 12:03 - 2013-11-25 12:03 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-25 12:03 - 2013-11-25 12:03 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-25 12:03 - 2013-11-25 12:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-25 12:03 - 2013-11-25 12:03 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-25 12:03 - 2013-11-25 12:03 - 00000000 ____D C:\Program Files\Java
2013-11-25 12:01 - 2013-11-25 12:01 - 00915368 _____ (Oracle Corporation) C:\Users\Paul\Downloads\jxpiinstall.exe
2013-11-23 16:32 - 2013-10-15 09:52 - 00011164 _____ C:\Windows\PFRO.log
2013-11-21 20:52 - 2013-11-21 20:52 - 05922560 _____ (GoforFiles) C:\Users\Paul\Downloads\lg_e400_kdz_downloader_it_99370.exe
2013-11-21 20:52 - 2013-11-21 20:52 - 00000000 ____D C:\Users\Paul\AppData\Roaming\GoforFiles
2013-11-21 20:52 - 2013-11-21 20:52 - 00000000 ____D C:\Users\Paul\AppData\Local\SwvUpdater
2013-11-21 15:08 - 2013-11-21 15:08 - 00039048 _____ (RapidSolution Software AG) C:\Windows\system32\Drivers\tbhsd.sys
2013-11-21 15:07 - 2013-11-21 15:07 - 00022184 _____ (Audials AG) C:\Windows\system32\Drivers\RrNetCapFilterDriver.sys
2013-11-19 18:10 - 2013-11-19 18:10 - 31094527 _____ (Igor Pavlov) C:\Users\Paul\Downloads\PirateBrowser_0.6b.exe
2013-11-19 17:17 - 2013-11-19 17:16 - 11412680 _____ (LG Electronics) C:\Users\Paul\Downloads\LGUnitedMobileDriver_S50MAN310AP22_ML_WHQL_Ver_3.10.1(1).exe
2013-11-19 17:17 - 2013-11-19 17:16 - 00261208 _____ (LG Electronics) C:\Users\Paul\Downloads\B2CAppSetup.exe
2013-11-19 13:19 - 2013-11-19 13:19 - 00003215 _____ C:\Users\Paul\Downloads\usbdeview_italian.zip
2013-11-19 13:17 - 2013-11-19 13:17 - 00003187 _____ C:\Users\Paul\Downloads\usbdeview_german.zip
2013-11-18 10:05 - 2013-11-18 10:05 - 00000000 ____D C:\Users\Paul\Downloads\www.torrent.to...Armin.Risi.-.Evolution.oder.Involution.German.DOKU.DVDRiP.XviD
2013-11-18 07:28 - 2009-07-14 09:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-17 15:53 - 2013-11-17 15:53 - 00000000 ____D C:\Users\Paul\AppData\Local\NokiaAccount
2013-11-17 15:53 - 2013-11-17 15:53 - 00000000 ____D C:\ProgramData\Nokia
2013-11-17 15:53 - 2013-11-13 19:49 - 00000000 ____D C:\Users\Paul\AppData\Local\Nokia
2013-11-17 15:53 - 2013-11-13 15:51 - 00000000 ____D C:\Program Files\Nokia
2013-11-17 15:52 - 2013-11-17 15:52 - 00000000 ____D C:\Program Files\PC Connectivity Solution
2013-11-17 15:52 - 2013-10-14 09:47 - 00043306 _____ C:\Windows\DPINST.LOG
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-11-17 15:06 - 2013-11-17 15:05 - 106320416 _____ C:\Users\Paul\Downloads\Nokia_Suite_webinstaller_ALL(1).exe
2013-11-17 14:06 - 2013-11-17 14:06 - 02462826 _____ C:\Users\Paul\Downloads\KDZ_FW_UPD_EN.7z
2013-11-17 14:03 - 2013-11-11 19:41 - 00000000 ____D C:\Program Files\LG Electronics
2013-11-17 13:13 - 2013-11-17 13:13 - 00184796 _____ C:\Users\Paul\Downloads\Gescanntes Dokument von HP ePrint-Benutzer.zip
2013-11-17 12:57 - 2013-11-14 17:30 - 00000000 ____D C:\LGMobileUpgrade
2013-11-17 12:06 - 2013-11-17 12:06 - 01488384 _____ C:\Users\Paul\Downloads\msxml6.msi
2013-11-17 12:05 - 2013-11-17 12:05 - 00622520 _____ C:\Users\Paul\Downloads\7-zip.exe
2013-11-17 11:53 - 2013-11-13 16:13 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Nokia
2013-11-16 11:18 - 2013-10-14 11:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-15 20:38 - 2013-11-15 20:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 09:09 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-11-15 07:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-14 17:55 - 2013-11-14 17:55 - 00000000 ____D C:\Users\Paul\AppData\Local\LG Electronics
2013-11-14 17:43 - 2013-11-14 17:34 - 216317856 _____ (LG Electronics) C:\Users\Paul\Downloads\LGPCSuite_Setup.exe
2013-11-14 17:26 - 2013-11-13 12:08 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-11-14 17:24 - 2013-11-14 17:24 - 00000000 ____D C:\Users\Paul\Documents\KDZ_FW_UPD_EN (1)-1
2013-11-14 17:10 - 2013-11-14 17:10 - 00000000 ____D C:\Users\Paul\Documents\KDZ_FW_UPD_EN (1)
2013-11-14 17:06 - 2013-11-13 12:08 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-14 15:58 - 2013-11-14 15:58 - 00264498 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-11-14 15:49 - 2013-10-14 10:32 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 15:46 - 2013-10-14 10:32 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 19:49 - 2013-11-13 19:49 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nokia
2013-11-13 19:49 - 2013-11-13 15:52 - 00000000 ____D C:\Program Files\Common Files\Nokia
2013-11-13 19:33 - 2013-11-13 15:51 - 00000000 ____D C:\ProgramData\Installations
2013-11-13 19:09 - 2013-11-13 19:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-11-13 19:09 - 2013-11-13 19:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmb_01009.Wdf
2013-11-13 19:09 - 2013-11-13 16:13 - 00000000 ____D C:\Users\Paul\AppData\Roaming\PC Suite
2013-11-13 19:09 - 2013-11-13 16:13 - 00000000 ____D C:\ProgramData\PC Suite
2013-11-13 15:52 - 2013-11-13 15:52 - 00002000 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2013-11-13 15:52 - 2013-11-13 15:52 - 00000000 ____D C:\Program Files\DIFX
2013-11-13 15:52 - 2013-11-13 15:52 - 00000000 ____D C:\Program Files\Common Files\PCSuite
2013-11-13 15:51 - 2013-11-13 15:51 - 00000000 ____D C:\Users\Paul\Documents\Add-in Express
2013-11-13 15:49 - 2013-11-13 15:49 - 00486848 _____ C:\Users\Paul\Downloads\Nokia_PC_Suite_ALL-aoc-jd.exe
2013-11-13 15:49 - 2013-11-13 15:49 - 00000000 ____D C:\Users\Paul\AppData\Roaming\OpenCandy
2013-11-13 15:48 - 2013-11-13 12:08 - 00000000 ____D C:\Users\Paul\AppData\Local\Lollipop
2013-11-13 15:47 - 2013-11-13 15:47 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-13 15:47 - 2013-11-08 18:56 - 00000000 ____D C:\Program Files\Elcomsoft Password Recovery
2013-11-13 13:30 - 2013-11-13 13:30 - 00000000 ____D C:\Users\Paul\Downloads\Neuer Ordner
2013-11-13 12:23 - 2013-11-13 12:15 - 354060579 _____ C:\Users\Paul\Downloads\V20D_00_m.kdz
2013-11-13 12:10 - 2013-11-13 12:10 - 00000554 _____ C:\Windows\KB893803v2.log
2013-11-13 12:09 - 2013-11-13 12:09 - 00850004 _____ C:\Users\Paul\Downloads\KDZ_1_4.rar
2013-11-13 11:40 - 2013-10-21 14:44 - 00000000 ____D C:\Users\Paul\AppData\Local\HP
2013-11-11 19:40 - 2013-11-11 19:40 - 11412680 _____ (LG Electronics) C:\Users\Paul\Downloads\LGUnitedMobileDriver_S50MAN310AP22_ML_WHQL_Ver_3.10.1.exe
2013-11-11 19:08 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-11 18:20 - 2013-11-11 18:19 - 00000000 ____D C:\Users\Paul\Desktop\DUAL SIM KONTAKTE
2013-11-11 11:42 - 2013-11-11 11:42 - 00004440 _____ C:\Users\Paul\Desktop\Alice_Mail.html
2013-11-11 05:50 - 2013-10-14 08:33 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\18be6784_.exe
C:\Users\Paul\AppData\Local\Temp\avgnt.exe
C:\Users\Paul\AppData\Local\Temp\BackupSetup.exe
C:\Users\Paul\AppData\Local\Temp\BetterSurfPlusInstaller.exe
C:\Users\Paul\AppData\Local\Temp\DownloadManager.exe
C:\Users\Paul\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Paul\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Paul\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Paul\AppData\Local\Temp\htmlayout.dll
C:\Users\Paul\AppData\Local\Temp\Launcher_i143603359.exe
C:\Users\Paul\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Paul\AppData\Local\Temp\oi_{503898E7-2579-4812-B0C9-BD415C4166D6}.exe
C:\Users\Paul\AppData\Local\Temp\Player_Setup.exe
C:\Users\Paul\AppData\Local\Temp\toolbar39317805.exe
C:\Users\Paul\AppData\Local\Temp\toolbar39325527.exe
C:\Users\Paul\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Paul\AppData\Local\Temp\uninstall1229209.exe
C:\Users\Paul\AppData\Local\Temp\uninstall1236635.exe
C:\Users\Paul\AppData\Local\Temp\uninstall1236682.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-04 08:27

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

ADITIONAL:FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-12-2013 01
Ran by Paul at 2013-12-11 18:51:03
Running from C:\Users\Paul\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303)
7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)
Akamai NetSession Interface
Amazon Kindle
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.0)
AVG 2014 (Version: 14.0.3614)
Avira Antivirus Suite (Version: 14.0.1.759)
Bonjour (Version: 3.0.0.10)
Broadcom NetLink Controller (Version: 14.8.4.1)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
HiSuite (Version: 32.610.20.00.06)
HP Photosmart 6520 series - Grundlegende Software für das Gerät (Version: 28.0.989.0)
HP Product Detection (Version: 11.15.0009)
HP Update (Version: 5.003.003.001)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Processor Graphics (Version: 8.15.10.2418)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
LG PC Suite (Version: 5.3.10.20131107)
LG United Mobile Driver (Version: 3.10.1.0)
LG USB WML Modem Driver (Version: 1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyPC Backup  (Version: ) <==== ATTENTION
NAVIGON Fresh 3.4.1 (Version: 3.4.1)
Nokia Connectivity Cable Driver (Version: 7.1.172.0)
Nokia PC Suite (Version: 7.1.180.94)
Nokia Software Updater (Version: 3.0.655)
Nokia Suite (Version: 3.8.48.0)
OpenOffice 4.0.1 (Version: 4.01.9714)
PC Connectivity Solution (Version: 12.0.109.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6392)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30127)
Skype™ 6.9 (Version: 6.9.106)
Software Version Updater (Version: 1.1.3.8)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
Vodafone Mobile Broadband Lite (Version: 10.1.001.26030)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)

==================== Restore Points  =========================

22-11-2013 17:48:33 Windows Update
25-11-2013 11:03:20 Installed Java 7 Update 45
25-11-2013 11:18:48 Gerätetreiber-Paketinstallation: RapidSolution Software Audio-, Video- und Gamecontroller
25-11-2013 11:19:37 Gerätetreiber-Paketinstallation: Audials AG Netzwerkdienst
27-11-2013 19:57:04 ONDA Restore Point
27-11-2013 20:07:25 Rimosso ONDA Connection Manager
29-11-2013 06:22:34 Windows Update
30-11-2013 14:16:48 ONDA Restore Point
04-12-2013 06:19:13 Windows Update
10-12-2013 06:32:52 Windows Update
10-12-2013 17:33:56 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {344CA89A-ABCB-4DE9-B6DD-5A0AE20B0C22} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe
Task: {3880A150-2D06-444D-BEA0-902325293E3A} - System32\Tasks\{C54B9005-5362-401C-BE8A-29CD23925118} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {46B5C5B7-1C1B-4E49-BF11-52AB9BAEC607} - System32\Tasks\HP AR Program Upload - d09bfdd45220441dba29fc9a261383df0f901d8f51ed4ea7a379d4e6e4b767e7 => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPRewards.exe [2012-05-08] (TODO: <Company name>)
Task: {54807413-E948-4DF3-ABB1-513DADF836CE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2325760055-144097416-1186797623-1000Core => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-21] (Facebook Inc.)
Task: {5B1ED78E-25E4-48F0-AC8C-1E118CF56F25} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2325760055-144097416-1186797623-1000UA => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-21] (Facebook Inc.)
Task: {7A567129-940A-4A5C-8161-288862B13F43} - System32\Tasks\couponsupport-S-649636217 => c:\support\couponsupport.exe
Task: {B2F3691F-BFFA-4D66-8685-AC947ADEC2FD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CABF8D98-6D58-49CE-BDCB-90F15EEDE610} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {E498DF7A-B789-4926-8B73-219C1E78FE8B} - System32\Tasks\AmiUpdXp => C:\Users\Paul\AppData\Local\SwvUpdater\Updater.exe [2013-11-21] (Amonetizé Ltd) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Paul\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\couponsupport-S-649636217.job => c:\support\couponsupport.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2325760055-144097416-1186797623-1000Core.job => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2325760055-144097416-1186797623-1000UA.job => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-06-10 09:36 - 2011-06-10 09:36 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2010-09-08 16:44 - 2010-09-08 16:44 - 00294400 _____ () C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00634176 _____ () C:\Program Files\HiSuite\core.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00302912 _____ () C:\Program Files\HiSuite\sdk.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00017832 _____ () C:\Program Files\HiSuite\mingwm10.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00049472 _____ () C:\Program Files\HiSuite\libgcc_s_dw2-1.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 02421568 _____ () C:\Program Files\HiSuite\QtCore4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00911168 _____ () C:\Program Files\HiSuite\QtNetwork4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 07723328 _____ () C:\Program Files\HiSuite\QtGui4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 12326208 _____ () C:\Program Files\HiSuite\QtWebKit4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00262464 _____ () C:\Program Files\HiSuite\phonon4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00855872 _____ () C:\Program Files\HiSuite\Proxy.DLL
2013-07-11 15:47 - 2013-07-11 15:47 - 00764224 _____ () C:\Program Files\HiSuite\Common.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00535360 _____ () C:\Program Files\HiSuite\Trace.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00596288 _____ () C:\Program Files\HiSuite\PluginContainer.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 01475392 _____ () C:\Program Files\HiSuite\AtComm.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00759616 _____ () C:\Program Files\HiSuite\AddrBookSrvPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00751424 _____ () C:\Program Files\HiSuite\vCardvCalPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00105792 _____ () C:\Program Files\HiSuite\CryptPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00586560 _____ () C:\Program Files\HiSuite\CalendarPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00558400 _____ () C:\Program Files\HiSuite\XCodec.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00953664 _____ () C:\Program Files\HiSuite\DeviceAppPlugin.dll
2013-07-11 15:46 - 2013-07-11 15:46 - 00635200 _____ () C:\Program Files\HiSuite\ADB.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00504640 _____ () C:\Program Files\HiSuite\OSPowerMgr.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00768832 _____ () C:\Program Files\HiSuite\XObex.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00070976 _____ () C:\Program Files\HiSuite\obex.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00613184 _____ () C:\Program Files\HiSuite\ADBAdapt.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00637760 _____ () C:\Program Files\HiSuite\OSAdapt.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00108864 _____ () C:\Program Files\HiSuite\SmsSrvPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00687936 _____ () C:\Program Files\HiSuite\SmsAppPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00844608 _____ () C:\Program Files\HiSuite\SyncPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00540480 _____ () C:\Program Files\HiSuite\APKManagerPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00572736 _____ () C:\Program Files\HiSuite\MusicPlaySrvPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00551744 _____ () C:\Program Files\HiSuite\ImageMgrSrvPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00089408 _____ () C:\Program Files\HiSuite\plugins\imageformats\qgif4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00088384 _____ () C:\Program Files\HiSuite\plugins\imageformats\qico4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00198464 _____ () C:\Program Files\HiSuite\plugins\imageformats\qjpeg4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00357184 _____ () C:\Program Files\HiSuite\plugins\imageformats\qmng4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00078656 _____ () C:\Program Files\HiSuite\plugins\imageformats\qsvg4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00305984 _____ () C:\Program Files\HiSuite\QtSvg4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00376640 _____ () C:\Program Files\HiSuite\plugins\imageformats\qtiff4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00253248 _____ () C:\Program Files\HiSuite\XFramePlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00332096 _____ () C:\Program Files\HiSuite\QtXml4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00222016 _____ () C:\Program Files\HiSuite\QtSql4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00147264 _____ () C:\Program Files\HiSuite\StatusBarMgrPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 01233216 _____ () C:\Program Files\HiSuite\AddrBookUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00208704 _____ () C:\Program Files\HiSuite\SettingUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00170304 _____ () C:\Program Files\HiSuite\RelationPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 01483072 _____ () C:\Program Files\HiSuite\SMSUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00598336 _____ () C:\Program Files\HiSuite\CalendarUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00273216 _____ () C:\Program Files\HiSuite\TaskUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00222528 _____ () C:\Program Files\HiSuite\DownLoadPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00106816 _____ () C:\Program Files\HiSuite\NotifyServicePlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 01455936 _____ () C:\Program Files\HiSuite\ImExportUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00159040 _____ () C:\Program Files\HiSuite\GmailOperation.DLL
2013-07-11 15:48 - 2013-07-11 15:48 - 00993600 _____ () C:\Program Files\HiSuite\libxml2.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00084288 _____ () C:\Program Files\HiSuite\zlib1.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00211264 _____ () C:\Program Files\HiSuite\Outlook.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00137536 _____ () C:\Program Files\HiSuite\OutlookExpress.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00119616 _____ () C:\Program Files\HiSuite\LayoutPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00227136 _____ () C:\Program Files\HiSuite\ModuleTreePlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00274752 _____ () C:\Program Files\HiSuite\HomeUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00897344 _____ () C:\Program Files\HiSuite\AppManagerUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 01560896 _____ () C:\Program Files\HiSuite\QtScript4.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 01182528 _____ () C:\Program Files\HiSuite\MusicMgrUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00713024 _____ () C:\Program Files\HiSuite\ImageMgrUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00239424 _____ () C:\Program Files\HiSuite\ScreenShotUIPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 02308928 _____ () C:\Program Files\HiSuite\UpdateUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00087360 _____ () C:\Program Files\HiSuite\HWEMUIEditToolsUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00083264 _____ () C:\Program Files\HiSuite\LogoPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00916288 _____ () C:\Program Files\HiSuite\DeviceMgrUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00552768 _____ () C:\Program Files\HiSuite\SyncUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 02282304 _____ () C:\Program Files\HiSuite\BackUpUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00203584 _____ () C:\Program Files\HiSuite\MenuMgrPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00364864 _____ () C:\Program Files\HiSuite\WebKitUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00171328 _____ () C:\Program Files\HiSuite\KuwoWebUIPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00832320 _____ () C:\Program Files\HiSuite\UpdateSrvPlugin.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 08507232 _____ () C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02354016 _____ () C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01014624 _____ () C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00364384 _____ () C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02480992 _____ () C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 01346912 _____ () C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00206176 _____ () C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 02653024 _____ () C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00033120 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00035680 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00207200 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 11166560 _____ () C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00276832 _____ () C:\Program Files\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00391600 _____ () C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 00059280 _____ () C:\Program Files\Nokia\Nokia Suite\securestorage.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00438624 _____ () C:\Program Files\Nokia\Nokia Suite\NService.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00446304 _____ () C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00520544 _____ () C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 20:29 - 2013-10-02 20:29 - 00720736 _____ () C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 20:28 - 2013-10-02 20:28 - 00606560 _____ () C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 20:30 - 2013-10-02 20:30 - 00093024 _____ () C:\Program Files\Nokia\Nokia Suite\qjson.dll
2013-11-15 20:38 - 2013-11-15 20:38 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-21 21:59 - 2013-10-21 21:59 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/11/2013 05:37:32 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (12/10/2013 05:26:34 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (12/10/2013 04:14:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 114114

Error: (12/10/2013 04:14:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 114114

Error: (12/10/2013 04:14:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/10/2013 04:12:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5038

Error: (12/10/2013 04:12:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5038

Error: (12/10/2013 04:12:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/10/2013 04:12:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4024

Error: (12/10/2013 04:12:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4024


System errors:
=============
Error: (12/10/2013 06:34:20 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/10/2013 05:26:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/10/2013 05:26:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (12/10/2013 06:49:17 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/10/2013 06:49:17 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (12/09/2013 10:58:02 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/09/2013 10:58:02 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (12/08/2013 08:10:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/08/2013 08:10:34 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (12/07/2013 03:55:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (12/11/2013 05:37:32 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue

Error: (12/10/2013 05:26:34 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue

Error: (12/10/2013 04:14:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 114114

Error: (12/10/2013 04:14:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 114114

Error: (12/10/2013 04:14:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/10/2013 04:12:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5038

Error: (12/10/2013 04:12:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5038

Error: (12/10/2013 04:12:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/10/2013 04:12:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4024

Error: (12/10/2013 04:12:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4024


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 2868.36 MB
Available physical RAM: 1402.61 MB
Total Pagefile: 5732.95 MB
Available Pagefile: 3679.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.27 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:583.07 GB) (Free:494.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: D2BB366E)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=583 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---
Thanks a lot for help!!

GMER Logfile:
Code:
ATTFilter
GMER 2.1.19163 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-12-12 07:23:11
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD64 rev.01.0 596,17GB
Running: 6lovoxr4.exe; Driver: C:\Users\Paul\AppData\Local\Temp\kwldapod.sys


---- System - GMER 2.1 ----

SSDT   91D08B1E                                                                                                                ZwCreateSection
SSDT   91D08AF6                                                                                                                ZwCreateSymbolicLinkObject
SSDT   91D08AFB                                                                                                                ZwLoadDriver
SSDT   91D08AF1                                                                                                                ZwOpenSection
SSDT   91D08B28                                                                                                                ZwRequestWaitReplyPort
SSDT   91D08B23                                                                                                                ZwSetContextThread
SSDT   91D08B2D                                                                                                                ZwSetSecurityObject
SSDT   91D08B00                                                                                                                ZwSetSystemInformation
SSDT   91D08B32                                                                                                                ZwSystemDebugControl
SSDT   91D08ABF                                                                                                                ZwTerminateProcess
SSDT   91D08ABA                                                                                                                ZwWriteVirtualMemory

---- Kernel code sections - GMER 2.1 ----

.text  ntoskrnl.exe!ZwRollbackEnlistment + 1409                                                                                8307D9A5 1 Byte  [06]
.text  ntoskrnl.exe!KiDispatchInterrupt + 5A2                                                                                  8309D512 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntoskrnl.exe!KeRemoveQueueEx + 14BF                                                                                     830A4AB4 4 Bytes  [1E, 8B, D0, 91] {PUSH DS; MOV EDX, EAX; XCHG ECX, EAX}
.text  ntoskrnl.exe!KeRemoveQueueEx + 14C7                                                                                     830A4ABC 4 Bytes  [F6, 8A, D0, 91]
.text  ntoskrnl.exe!KeRemoveQueueEx + 15DB                                                                                     830A4BD0 4 Bytes  [FB, 8A, D0, 91] {STI ; MOV DL, AL; XCHG ECX, EAX}
.text  ntoskrnl.exe!KeRemoveQueueEx + 1677                                                                                     830A4C6C 4 Bytes  [F1, 8A, D0, 91] {INT1 ; MOV DL, AL; XCHG ECX, EAX}
.text  ntoskrnl.exe!KeRemoveQueueEx + 181B                                                                                     830A4E10 4 Bytes  [28, 8B, D0, 91]
.text  ...                                                                                                                     

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{65E9D587-20D0-4001-AB32-70773CBF8B77}@InterfaceName  isatap.{BB04978B-95D3-433E-B603-4423EB90F970}
Reg    HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{65E9D587-20D0-4001-AB32-70773CBF8B77}@ReusableType   0
Reg    HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{9CC77618-CA56-46AF-B2A5-9634ECF2260E}@InterfaceName  Reusable ISATAP Interface {9CC77618-CA56-46AF-B2A5-9634ECF2260E}
Reg    HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{9CC77618-CA56-46AF-B2A5-9634ECF2260E}@ReusableType   1
Reg    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                         2026
Reg    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch                                                        1405

---- EOF - GMER 2.1 ----
--- --- ---
__________________
Geändert von stefan60 (11.12.2013 um 19:30 Uhr)

Alt 12.12.2013, 17:20   #4
Psychotic
/// Malwareteam
 
Virenbefall - Standard

Virenbefall


Bitte deinstalliere folgendes Programm:

Zitat:
MyPC Backup
In deinem Fall kann Antivir bleiben, da du über die kostenpflichtige Version verfügst, welche die Ask-Komponente nicht mit installiert.

MBAM



Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Vollständigen Scan durchführen und drücke auf Scannen.(Hinweis: Alle Festplatten anhaken!
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 13.12.2013, 08:02   #5
stefan60
 
Virenbefall - Standard

Virenbefall


Herzlichst! Dankeschön


Hallo
Bei mir kommt bei jedem Programmstart die Meldung
Dass das Programm HTMLayout.dll fehlt!! was ist das eigentlich?
und auch das "dieses Programm verfügt über bekannte Kompatibilitätsprobleme
Acer ePower Managment/ePower TRAY.EXE..:""" bei jedem Start die Meldung
und dann wenn ich "Online nach Lösungen suchen lasse" kommt nie nix raus....


Alt 13.12.2013, 09:08   #6
Psychotic
/// Malwareteam
 
Virenbefall - Standard

Virenbefall


und wo ist das mbam log?
__________________
--> Virenbefall

Antwort

Themen zu Virenbefall
adware/adware.a.2219, adware/adware.gen7, adware/agent.411136.2, adware/lollipop.a.504, appdata, avira, befall, desktop, download, downloads, heute, internet, microsoft, passwort, software, spr/smallhttp.b, support, temporary, tr/agent.852912, tr/downloader.gen, tr/symmi.14078.5, tr/zusy.69875.64, unternehmen, virenbefal, windows, wirklich


« Trojaner Topic Torch | 14 Funde bei Malwarebytes »


Ähnliche Themen: Virenbefall


  1. Trojaner/ Virenbefall
    Log-Analyse und Auswertung - 05.12.2013 (15)
  2. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (3)
  3. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 23.01.2012 (11)
  4. qtwebkit4.dll und virenbefall?
    Log-Analyse und Auswertung - 29.10.2011 (25)
  5. Virenbefall
    Log-Analyse und Auswertung - 17.08.2010 (3)
  6. Virenbefall?
    Alles rund um Windows - 21.11.2009 (8)
  7. Virenbefall?
    Log-Analyse und Auswertung - 13.11.2009 (1)
  8. Virenbefall!
    Plagegeister aller Art und deren Bekämpfung - 08.07.2009 (3)
  9. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 28.04.2009 (1)
  10. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 14.10.2008 (4)
  11. Eventueller Virenbefall?!
    Log-Analyse und Auswertung - 26.02.2008 (1)
  12. Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 07.02.2008 (6)
  13. Virenbefall
    Log-Analyse und Auswertung - 22.10.2006 (3)
  14. Virenbefall
    Log-Analyse und Auswertung - 05.11.2005 (10)
  15. virenbefall
    Plagegeister aller Art und deren Bekämpfung - 28.08.2005 (6)
  16. Virenbefall ?
    Log-Analyse und Auswertung - 25.03.2005 (10)
  17. Virenbefall?
    Plagegeister aller Art und deren Bekämpfung - 15.01.2005 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virenbefall - Heute merkte ich, dass der CURSOR wie wild zuckte und zitterte, bei jeder Mausbewegung ziellose, Doppelklicks wurden 3fach ausgeführt. Dann waren auch die PASSWÖRTER Zugänge in den mails FIX EINGETRAGEN, - Virenbefall...
Archiv
Du betrachtest: Virenbefall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54