Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme

Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme


Log-Analyse und Auswertung: Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.03.2014, 22:53   #1
Ziege87
 
Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme - Standard

Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme


Hallo zusammen,

meinen Laptop habe ich in letzter Zeit nicht gescheit gepflegt und ihn eher selten genutzt. Zur Zeit nutze ich ihn eigentlich nur noch zum skypen und zum surfen für Urlaubsvorbereitungen.

Vor ein paar Wochen ist mir aufgefallen, dass die typischen Seiten wie trivago etc. lange zum laden brauchen. Ganz schlimm ist es bei "Ab in den Urlaub.de", da hängt sich dann alles komplett auf, sodass ich den PC neustarten muss.
Beim skypen hagt zwischendurch die Verbindung, meistens nur kurz.
Inzwischen ist es so schlimm, dass ich nicht mehr im Netz surfen kann wenn Skype läuft, dann hängt sich nämlich alles auf.

Heute hab ich mir AVG Antivirus 2014 und AVG Tune Up runtergeladen. Demnach habe ich mehrere Trojaner...
Was ich sehr komisch finde, wenn ich die 1-Klick-Wartung durchführen will, bleibt die Analyse immer bei "Browser bereinigen" stehen und es geht selbst nach Stunden nicht weiter.
Die Wartung konnte also nicht beendet werden.

Hier die Logfiles:

Defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:25 on 03/03/2014 (Neuanfang)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST-Logfile

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-03-2014
Ran by Neuanfang (administrator) on FRANZI on 03-03-2014 16:28:21
Running from C:\Documents and Settings\Neuanfang\Desktop
Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(Microsoft Corporation) C:\WINDOWS\vVX3000.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(RapidSolution Software AG) C:\Program Files\Audials\Audials 10\VCDWriter\32\VCDAudioService.exe
() C:\Program Files\Verbindungsassistent\WTGService.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16132608 2007-05-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ITSecMng] - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-19\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-20\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-21-725345543-287218729-682003330-1003\...\MountPoints2: {1017ae34-9434-11e0-a6c4-001f3abdc807} - CMD /C START Storage.{645FF040-5081-101B-9F08-00AA002F954E}\jY7bV0aX1p3Fc.sys
HKU\S-1-5-21-725345543-287218729-682003330-1003\...\MountPoints2: {3feb4c86-2195-11e0-a60f-001f3abdc807} - F:\Menu.exe
HKU\S-1-5-21-725345543-287218729-682003330-1003\...\MountPoints2: {5c41ba04-544d-11e2-a8ed-001f3abdc807} - F:\AutoRun.exe
HKU\S-1-5-21-725345543-287218729-682003330-1003\...\MountPoints2: {773c3312-37b0-11e1-a7b1-001f3abdc807} - F:\Setup.exe
HKU\S-1-5-21-725345543-287218729-682003330-1003\...\MountPoints2: {79ae6e9b-f66b-11df-a5b4-001f3abdc807} - G:\avira.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
Toolbar: HKLM - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Neuanfang\Application Data\toolplugin\toolbar.dll ()
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.89.1 194.25.0.60 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140
FF user.js: detected! => C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140\user.js
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Documents and Settings\Neuanfang\Desktop\npAmazonMP3DownloaderPlugin101799.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140\searchplugins\BitGuard.xml
FF SearchPlugin: C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Delta Toolbar - C:\Documents and Settings\Neuanfang\Application Data\Mozilla\Firefox\Profiles\rwoajh9q.default-1355656851140\Extensions\ffxtlbr@delta.com [2013-07-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-02-11]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-02-11]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2013-11-30]

Chrome: 
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CC74001F3ABDC807&affID=121562&tsp=4931
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google-Suche) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (SiteAdvisor) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-11-30]
CHR Extension: (AT_DonnaKaran) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2011-02-16]
CHR Extension: (DivX HiQ) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-02-13]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-09-16]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-02-13]
CHR Extension: (Google Mail) - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Documents and Settings\Neuanfang\Application Data\BabSolution\CR\Delta.crx [2013-07-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2013-11-30]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-30]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-07-15] (Oracle Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [118264 2014-02-18] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1741624 2013-12-18] (AVG)
R2 Virtual CDAudio Service; C:\Program Files\Audials\Audials 10\VCDWriter\32\VCDAudioService.exe [179464 2013-03-20] (RapidSolution Software AG)
R2 WTGService; C:\Program Files\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1123328 2007-09-20] (Broadcom Corp.)
S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [539072 2007-03-23] (Broadcom Corporation.)
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37424 2007-03-23] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [876384 2007-03-31] (Broadcom Corporation.)
S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [149123 2007-03-23] (Broadcom Corporation.)
S3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [55352 2007-03-31] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 RRNetCap; C:\WINDOWS\System32\DRIVERS\rrnetcap.sys [31848 2013-03-20] (RapidSolution Software AG)
R3 RRNetCapMP; C:\WINDOWS\System32\DRIVERS\rrnetcap.sys [31848 2013-03-20] (RapidSolution Software AG)
R3 rsvcdwdr; C:\WINDOWS\System32\DRIVERS\rsvcdwdr.sys [35976 2013-03-20] (RapidSolution Software AG)
R3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [39048 2013-03-20] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-03 16:28 - 2014-03-03 16:28 - 00025179 _____ () C:\Documents and Settings\Neuanfang\Desktop\FRST.txt
2014-03-03 16:28 - 2014-03-03 16:28 - 00000000 ____D () C:\FRST
2014-03-03 16:27 - 2014-03-03 16:27 - 01145344 _____ (Farbar) C:\Documents and Settings\Neuanfang\Desktop\FRST.exe
2014-03-03 16:25 - 2014-03-03 16:26 - 00000480 _____ () C:\Documents and Settings\Neuanfang\Desktop\defogger_disable.log
2014-03-03 16:21 - 2014-03-03 16:21 - 00000454 _____ () C:\Documents and Settings\Neuanfang\defogger_disable.log
2014-03-03 16:21 - 2014-03-03 16:21 - 00000000 _____ () C:\Documents and Settings\Neuanfang\defogger_reenable
2014-03-03 16:20 - 2014-03-03 16:20 - 00050477 _____ () C:\Documents and Settings\Neuanfang\Desktop\Defogger.exe
2014-03-03 13:08 - 2014-03-03 13:08 - 00001747 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-03-03 13:08 - 2014-03-03 13:08 - 00001745 _____ () C:\Documents and Settings\All Users\Desktop\AVG 1-Klick-Wartung.lnk
2014-03-03 13:08 - 2014-03-03 13:08 - 00001741 _____ () C:\Documents and Settings\All Users\Desktop\AVG PC TuneUp 2014.lnk
2014-03-03 13:08 - 2014-03-03 13:08 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\AVG
2014-03-03 13:08 - 2014-03-03 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014
2014-03-03 13:08 - 2013-12-18 09:38 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-03-03 13:05 - 2014-03-03 13:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG
2014-03-03 13:03 - 2014-03-03 13:03 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-03 12:31 - 2014-03-03 12:31 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\AVG2014
2014-03-03 12:30 - 2014-03-03 12:30 - 00000718 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-03-03 12:30 - 2014-03-03 12:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-03-03 12:29 - 2014-03-03 12:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-03-03 12:29 - 2014-03-03 12:29 - 00000000 ___HD () C:\$AVG
2014-03-03 12:28 - 2014-03-03 13:06 - 00000000 ____D () C:\Program Files\AVG
2014-03-03 12:25 - 2014-03-03 14:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-03-03 12:25 - 2014-03-03 12:31 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Avg2014
2014-03-03 12:25 - 2014-03-03 12:25 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Local Settings\Application Data\MFAData
2014-02-08 20:53 - 2014-02-08 20:53 - 00007680 ___SH () C:\WINDOWS\Thumbs.db

==================== One Month Modified Files and Folders =======

2014-03-03 16:28 - 2014-03-03 16:28 - 00025179 _____ () C:\Documents and Settings\Neuanfang\Desktop\FRST.txt
2014-03-03 16:28 - 2014-03-03 16:28 - 00000000 ____D () C:\FRST
2014-03-03 16:28 - 2011-11-11 11:19 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\toolplugin
2014-03-03 16:27 - 2014-03-03 16:27 - 01145344 _____ (Farbar) C:\Documents and Settings\Neuanfang\Desktop\FRST.exe
2014-03-03 16:26 - 2014-03-03 16:25 - 00000480 _____ () C:\Documents and Settings\Neuanfang\Desktop\defogger_disable.log
2014-03-03 16:21 - 2014-03-03 16:21 - 00000454 _____ () C:\Documents and Settings\Neuanfang\defogger_disable.log
2014-03-03 16:21 - 2014-03-03 16:21 - 00000000 _____ () C:\Documents and Settings\Neuanfang\defogger_reenable
2014-03-03 16:21 - 2010-11-19 15:57 - 00000000 ____D () C:\Documents and Settings\Neuanfang
2014-03-03 16:20 - 2014-03-03 16:20 - 00050477 _____ () C:\Documents and Settings\Neuanfang\Desktop\Defogger.exe
2014-03-03 16:19 - 2010-11-19 16:40 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-03 16:19 - 2010-11-19 16:40 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-03-03 16:15 - 2012-06-05 20:55 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-03 16:11 - 2011-02-13 12:57 - 00001206 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-287218729-682003330-1003UA.job
2014-03-03 16:05 - 2010-12-21 19:50 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-03 14:25 - 2014-03-03 12:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-03-03 14:02 - 2010-11-19 16:37 - 00512960 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-03 13:59 - 2010-11-19 16:36 - 03509621 _____ () C:\WINDOWS\setupapi.log
2014-03-03 13:58 - 2010-11-19 15:50 - 01144918 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-03 13:57 - 2010-12-21 19:50 - 00001100 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-03 13:57 - 2010-11-19 15:55 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-03 13:56 - 2010-11-19 15:55 - 00032628 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-03 13:55 - 2013-03-23 14:08 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-03-03 13:55 - 2010-11-19 15:57 - 00000278 ___SH () C:\Documents and Settings\Neuanfang\ntuser.ini
2014-03-03 13:09 - 2014-03-03 13:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG
2014-03-03 13:08 - 2014-03-03 13:08 - 00001747 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-03-03 13:08 - 2014-03-03 13:08 - 00001745 _____ () C:\Documents and Settings\All Users\Desktop\AVG 1-Klick-Wartung.lnk
2014-03-03 13:08 - 2014-03-03 13:08 - 00001741 _____ () C:\Documents and Settings\All Users\Desktop\AVG PC TuneUp 2014.lnk
2014-03-03 13:08 - 2014-03-03 13:08 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\AVG
2014-03-03 13:08 - 2014-03-03 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014
2014-03-03 13:06 - 2014-03-03 12:28 - 00000000 ____D () C:\Program Files\AVG
2014-03-03 13:03 - 2014-03-03 13:03 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-03 13:01 - 2013-09-25 20:00 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\File Scout
2014-03-03 12:52 - 2010-11-19 15:51 - 00001607 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-03-03 12:52 - 2010-11-19 15:48 - 00001574 _____ () C:\Documents and Settings\All Users\Start Menu\Microsoft Update.lnk
2014-03-03 12:51 - 2010-11-19 15:57 - 00001599 _____ () C:\Documents and Settings\Neuanfang\Start Menu\Programs\Remote Assistance.lnk
2014-03-03 12:48 - 2013-07-02 18:25 - 00000280 _____ () C:\WINDOWS\Tasks\EPUpdater.job
2014-03-03 12:38 - 2012-05-10 10:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-03 12:36 - 2014-03-03 12:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-03-03 12:31 - 2014-03-03 12:31 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\AVG2014
2014-03-03 12:31 - 2014-03-03 12:25 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Avg2014
2014-03-03 12:30 - 2014-03-03 12:30 - 00000718 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-03-03 12:30 - 2014-03-03 12:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-03-03 12:30 - 2013-03-23 14:07 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\TuneUp Software
2014-03-03 12:29 - 2014-03-03 12:29 - 00000000 ___HD () C:\$AVG
2014-03-03 12:25 - 2014-03-03 12:25 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Local Settings\Application Data\MFAData
2014-03-03 12:23 - 2013-07-01 16:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-03 11:31 - 2011-06-11 23:27 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-03-03 11:17 - 2011-01-05 15:52 - 00072192 _____ () C:\Documents and Settings\Neuanfang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-03 10:44 - 2013-11-30 10:02 - 00000000 ____D () C:\Program Files\McAfee
2014-03-03 10:44 - 2001-08-23 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-26 22:51 - 2010-12-13 17:18 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\Skype
2014-02-26 22:15 - 2012-06-05 20:55 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-26 22:15 - 2012-06-05 20:55 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-26 21:09 - 2011-02-13 12:57 - 00001154 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-287218729-682003330-1003Core.job
2014-02-08 20:53 - 2014-02-08 20:53 - 00007680 ___SH () C:\WINDOWS\Thumbs.db
2014-02-04 18:25 - 2011-04-26 21:52 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Application Data\PriceGong
2014-02-02 19:16 - 2011-04-09 22:55 - 00000000 ____D () C:\Documents and Settings\Neuanfang\Local Settings\Application Data\DVDVideoSoftTB

Some content of TEMP:
====================
C:\Documents and Settings\Neuanfang\Local Settings\Temp\AudibleDM_iTunesSetup.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\contentDATs.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\DataCard_Setup.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\ffunzip.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\GLF3B0.tmp.ConduitEngineSetup.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\GoogleChromeInstaller.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\pdf24-creator-update.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\prxGLF3B0.tmp.tbDVDV.dll
C:\Documents and Settings\Neuanfang\Local Settings\Temp\ResetDevice.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\setup_fsu_cid.exe
C:\Documents and Settings\Neuanfang\Local Settings\Temp\SkypeSetupFull(6.1.73.129)(Trackable457)trackable.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2007-06-24 08:38] - [2007-06-24 08:38] - 1033216 ____A (Microsoft Corporation) 42d32722b805d7df42d30487a0bcbd78 

C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 00:56] - [2004-08-04 00:56] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4 

C:\WINDOWS\system32\User32.dll
[2007-06-24 08:40] - [2007-06-24 08:40] - 0578048 ____A (Microsoft Corporation) 7aa4f6c00405dfc4b70ed4214e7d687b 

C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2007-06-24 08:39] - [2007-06-24 08:39] - 0399360 ____A (Microsoft Corporation) 348f04e3582ef2467ee5379d67b99fd7 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
Addition - Logfile

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-03-2014
Ran by Neuanfang at 2014-03-03 16:29:10
Running from C:\Documents and Settings\Neuanfang\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Audials (HKLM\...\{5B58108C-6290-4172-ADA4-C54E327FEFCE}) (Version: 10.2.14806.600 - Audials AG)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4335 - AVG Technologies)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4335 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (de-DE) (Version: 14.0.1001.295 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.295 - AVG)
AVG PC TuneUp 2014 (Version: 14.0.1001.295 - AVG) Hidden
BitGuard (HKLM\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - MediaTechSoft Inc.) <==== ATTENTION
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.12 - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Driver v4.170.25.12_Foxconn Installation Program (HKLM\...\{153F839F-0A63-41D8-890F-7324C0E13743}) (Version: 4.170.25.12 - Broadcom)
Broadcom Gigabit Integrated Controller (HKLM\...\{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}) (Version: 10.15.10 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-145C (HKLM\...\{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}) (Version: 1.1.8.0 - Brother Industries, Ltd.)
Cambridge- English Grammar in Use (HKLM\...\Cambridge- English Grammar in Use) (Version: 100A - Clarity Language Consultants Ltd)
Combined Community Codec Pack 2010-10-10 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.3.1.2 - DivX, LLC)
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.14.0.28 - DVDVideoSoftTB)
Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Studio version 5.0.8 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free Video to MP3 Converter version 5.0.26.628 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.26.628 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.6.104 - McAfee, Inc.)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version:  - )
PDF24 Creator 3.3.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5423 - Realtek Semiconductor Corp.)
SAMSUNG Intelli-studio (HKLM\...\Intelli-studio) (Version:  - )
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.12.13601 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Software Update for Web Folders (Version: 9.60.6715.0 - Microsoft Corporation) Hidden
toolplugin (HKLM\...\toolplugin) (Version:  - )
TuneUp Utilities Language Pack (en-US) (Version: 13.0.3000.138 - TuneUp Software) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
Verbindungsassistent (HKLM\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.7 (HKLM\...\VLC media player) (Version: 1.1.7 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{84814E6B-2581-46EC-926A-823BD1C670F6}) (Version: 5.1.0.3300 -  )
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Winmail Opener 1.4 (HKLM\...\Winmail Opener) (Version: 1.4 - Eolsoft)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
zbattle.net 1.09 SR-1 beta (HKLM\...\zbattle.net_is1) (Version:  - )
ZTE Handset USB Driver 5.2066.1.8B02 (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.8B02 - ZTE Corporation)

==================== Restore Points  =========================

02-02-2014 18:40:46 System Checkpoint
07-02-2014 19:55:04 System Checkpoint
08-02-2014 20:24:53 System Checkpoint
03-03-2014 11:28:29 AVG 2014 wurde installiert
03-03-2014 11:28:47 AVG 2014 wurde installiert
03-03-2014 12:04:30 Removed TuneUp Utilities 2013
03-03-2014 12:06:12 Installed AVG PC TuneUp 2014

==================== Hosts content: ==========================

2001-08-23 13:00 - 2001-08-23 13:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\EPUpdater.job => C:\DOCUME~1\NEUANF~1\APPLIC~1\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-287218729-682003330-1003Core.job => C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-287218729-682003330-1003UA.job => C:\Documents and Settings\Neuanfang\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-09-05 18:04 - 2011-09-05 18:04 - 00301056 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU
2011-06-01 23:08 - 2011-05-28 21:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-01-11 00:25 - 2011-01-11 00:25 - 01230704 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-01-11 00:25 - 2011-01-11 00:25 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-04-01 09:00 - 2007-04-01 09:00 - 02842624 _____ () C:\WINDOWS\system32\btwicons.dll
2007-04-01 08:57 - 2007-04-01 08:57 - 00053248 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2004-08-04 00:56 - 2004-08-04 00:56 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 00:56 - 2004-08-04 00:56 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-01-01 20:57 - 2009-03-03 12:45 - 00296400 ____N () C:\Program Files\Verbindungsassistent\WTGService.exe
2013-07-01 16:41 - 2014-03-03 12:23 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-02-26 22:15 - 2014-02-26 22:15 - 16265096 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Modem Device on High Definition Audio Bus
Description: Modem Device on High Definition Audio Bus
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/03/2014 00:41:03 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype Click to Call -- Installation cannot proceed on this operating system.

Error: (02/14/2014 08:44:21 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (02/08/2014 05:02:54 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.3.73.107, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Processing media-specific event for [skype.exe!ws!]

Error: (02/07/2014 11:01:10 PM) (Source: Application Hang) (User: )
Description: Hanging application Mein CEWE FOTOBUCH.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/04/2014 06:26:49 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 7.0.6000.20583, faulting module unknown, version 0.0.0.0, fault address 0x04f41e80.
Processing media-specific event for [iexplore.exe!ws!]

Error: (02/02/2014 07:19:11 PM) (Source: Application Hang) (User: )
Description: Hanging application IEXPLORE.EXE, version 7.0.6000.20583, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2014 08:55:04 PM) (Source: Application Hang) (User: )
Description: Hanging application IEXPLORE.EXE, version 7.0.6000.20583, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2014 08:43:12 PM) (Source: MsiInstaller) (User: FRANZI)
Description: Product: Bluetooth Stack for Windows by Toshiba -- Error 1327.Invalid Drive: H:\

Error: (01/22/2014 08:23:39 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/16/2014 08:57:15 PM) (Source: Application Hang) (User: )
Description: Hanging application IEXPLORE.EXE, version 7.0.6000.20583, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (03/03/2014 00:40:19 PM) (Source: Service Control Manager) (User: )
Description: The BitGuard service failed to start due to the following error: 
%%5

Error: (03/03/2014 00:39:27 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (02/08/2014 10:26:25 AM) (Source: 0) (User: )
Description: \Device\Scsi\rsvcdwdr1

Error: (02/03/2014 07:57:48 PM) (Source: 0) (User: )
Description: \Device\Scsi\rsvcdwdr1

Error: (02/02/2014 07:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Flash Player Update Service service failed to start due to the following error: 
%%1053

Error: (02/02/2014 07:16:02 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.

Error: (02/02/2014 06:41:34 PM) (Source: 0) (User: )
Description: \Device\Scsi\rsvcdwdr1

Error: (01/11/2014 07:47:42 PM) (Source: 0) (User: )
Description: \Device\Scsi\rsvcdwdr1

Error: (10/10/2013 07:58:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.


Microsoft Office Sessions:
=========================
Error: (03/03/2014 00:41:03 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Skype Click to Call -- Installation cannot proceed on this operating system.(NULL)(NULL)(NULL)

Error: (02/14/2014 08:44:21 PM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (02/08/2014 05:02:54 PM) (Source: Application Error)(User: )
Description: skype.exe6.3.73.107ntdll.dll5.1.2600.218000018fea

Error: (02/07/2014 11:01:10 PM) (Source: Application Hang)(User: )
Description: Mein CEWE FOTOBUCH.exe0.0.0.0hungapp0.0.0.000000000

Error: (02/04/2014 06:26:49 PM) (Source: Application Error)(User: )
Description: iexplore.exe7.0.6000.20583unknown0.0.0.004f41e80

Error: (02/02/2014 07:19:11 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE7.0.6000.20583hungapp0.0.0.000000000

Error: (01/22/2014 08:55:04 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE7.0.6000.20583hungapp0.0.0.000000000

Error: (01/22/2014 08:43:12 PM) (Source: MsiInstaller)(User: FRANZI)
Description: Product: Bluetooth Stack for Windows by Toshiba -- Error 1327.Invalid Drive: H:\(NULL)(NULL)(NULL)

Error: (01/22/2014 08:23:39 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/16/2014 08:57:15 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE7.0.6000.20583hungapp0.0.0.000000000


==================== Memory info =========================== 

Percentage of memory in use: 68%
Total physical RAM: 1014.36 MB
Available physical RAM: 320.77 MB
Total Pagefile: 2441.91 MB
Available Pagefile: 1668.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:34.18 GB) (Free:17.85 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:40.34 GB) (Free:26.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 5C26CFF8)
Partition 1: (Active) - (Size=34 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=40 GB) - (Type=OF Extended)

==================== End Of Log ============================

und das GMER - Logfile

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-03 16:49:41
Windows 5.1.2600 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD800BEVS-22RST0 rev.04.01G04 74,53GB
Running: Gmer-19357.exe; Driver: C:\DOCUME~1\NEUANF~1\LOCALS~1\Temp\pxtdypog.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwNotifyChangeKey [0xF77D66E0]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwNotifyChangeMultipleKeys [0xF77D6800]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwOpenProcess [0xF77D6010]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwOpenThread [0xF77D64D0]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwSuspendProcess [0xF77D6300]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwSuspendThread [0xF77D63E0]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwTerminateProcess [0xF77D6120]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwTerminateThread [0xF77D6210]
SSDT            \SystemRoot\system32\DRIVERS\avgidsshimx.sys                                                     ZwWriteVirtualMemory [0xF77D65E0]

---- Kernel code sections - GMER 2.1 ----

pnidata         C:\WINDOWS\system32\DRIVERS\secdrv.sys                                                           unknown last section [0xA90CBF00, 0x24000, 0x48000000]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[376] ntdll.dll!LdrLoadDll                           7C9161CA 5 Bytes  JMP 10001FFD C:\Program Files\Mozilla Firefox\mozglue.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[376] kernel32.dll!lstrlenW + 43                     7C809A6C 7 Bytes  JMP 01A10455 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[376] kernel32.dll!MapViewOfFileEx + 6A              7C80B920 7 Bytes  JMP 01A1049D C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[376] kernel32.dll!ValidateLocale + B088             7C844808 7 Bytes  JMP 01625A06 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[376] GDI32.dll!SetDIBitsToDevice + 208              77F19214 7 Bytes  JMP 01A104C4 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[980] USER32.dll!DefWindowProcA + 11A       7E41D5F0 7 Bytes  JMP 105F76A0 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[980] USER32.dll!SetWindowLongA + 19        7E41D60E 7 Bytes  JMP 105F7711 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[980] USER32.dll!GetWindowInfo              7E41DE7C 5 Bytes  JMP 105FB2EA C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[980] USER32.dll!GetMenuContextHelpId + 1A  7E465269 7 Bytes  JMP 105F4E6D C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] kernel32.dll!FindResourceW          7C80BBEE 5 Bytes  JMP 00440980 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] kernel32.dll!FindResourceA          7C80BEA9 5 Bytes  JMP 00440930 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] USER32.dll!LoadStringW              7E419E26 5 Bytes  JMP 00440FD0 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] USER32.dll!LoadStringA              7E420FC8 5 Bytes  JMP 00441110 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] USER32.dll!LoadMenuW                7E4219EA 5 Bytes  JMP 00440B40 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] USER32.dll!CreateDialogParamW       7E4282A4 5 Bytes  JMP 00440A50 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] USER32.dll!CreateDialogParamA       7E43C7C3 5 Bytes  JMP 004409D0 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
.text           C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe[2076] USER32.dll!LoadMenuA                7E44F99B 5 Bytes  JMP 00440AD0 C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\Tcpip \Device\Ip                                                                         avgtdix.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                        avgtdix.sys
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                        avgtdix.sys
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                      avgtdix.sys

---- EOF - GMER 2.1 ----

Im Anhang habe ich noch die Virenquarantänenliste. Vielleicht ist das ja hilfreich.

Wäre lieb, wenn mir jemand helfen könnte.

Beste Grüße
Die Ziege
Miniaturansicht angehängter Grafiken
Klicken Sie auf die Grafik für eine größere Ansicht Name: Virenquarantänenliste.JPG Hits: 243 Größe: 179,7 KB ID: 65291  

 

Themen zu Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme
antivirus, avg antivirus, chromium, converter, dvdvideosoft ltd., firefox, hängt, iexplore.exe, mozilla, msiinstaller, newtab, ntdll.dll, pup.bprotector, pup.optional.babylon.a, pup.optional.bprotector.a, pup.optional.browserprotect.a, pup.optional.conduit.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.filescout.a, pup.optional.opencandy, pup.optional.startpage, pup.optional.sweetim.a, registry, required, siteadvisor, svchost.exe, system, windows, windows xp


« Win7:Lautsprecher, Mikrofon & Kamera verselbständig, Probleme beim Hochladen | Hilfe... awsomehp-Trojaner eingefangen... was kann ich tun »


Ähnliche Themen: Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme


  1. Windows7 Internetprobleme SYN_GESENDET
    Log-Analyse und Auswertung - 17.09.2014 (3)
  2. windows7: Maus- und Internetprobleme nach BKA-Trojaner
    Log-Analyse und Auswertung - 21.11.2013 (3)
  3. Starke Internetprobleme
    Alles rund um Windows - 06.08.2013 (22)
  4. Internetprobleme, verdacht auf virus
    Plagegeister aller Art und deren Bekämpfung - 04.06.2013 (1)
  5. Internetprobleme
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (1)
  6. System- und Internetprobleme
    Alles rund um Windows - 06.07.2012 (1)
  7. internetprobleme durch Trojaner TR/Dropper.gen ?
    Plagegeister aller Art und deren Bekämpfung - 27.08.2010 (1)
  8. TR/Crypt.ZPACK.Gen Internetprobleme und Trojaner *HILFEEE!!!*
    Mülltonne - 15.09.2009 (6)
  9. Internetprobleme, Logfile
    Log-Analyse und Auswertung - 25.05.2009 (4)
  10. services.exe und Internetprobleme
    Mülltonne - 09.10.2008 (0)
  11. Internetprobleme
    Log-Analyse und Auswertung - 19.06.2008 (0)
  12. Trojaner TR/PSW.Steam (extreme Internetprobleme)
    Plagegeister aller Art und deren Bekämpfung - 16.01.2008 (3)
  13. InternetProbleme seit gestern..
    Plagegeister aller Art und deren Bekämpfung - 14.08.2006 (3)
  14. Rechner zickt rum - u.a. Internetprobleme
    Log-Analyse und Auswertung - 15.11.2005 (2)
  15. W2K Terminalserver Internetprobleme
    Log-Analyse und Auswertung - 30.08.2005 (11)
  16. Internetprobleme, werde wahnsinnig
    Plagegeister aller Art und deren Bekämpfung - 19.04.2005 (7)
  17. Internetprobleme und Viren
    Plagegeister aller Art und deren Bekämpfung - 18.04.2005 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme - Hallo zusammen, meinen Laptop habe ich in letzter Zeit nicht gescheit gepflegt und ihn eher selten genutzt. Zur Zeit nutze ich ihn eigentlich nur noch zum skypen und zum surfen - Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme...
Archiv
Du betrachtest: Win XP: Internetprobleme, mehrere Trojaner, Wartungsprobleme auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131