Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.07.2014, 16:36   #1
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



  • Habe am 30.05 Adobe CS3 (m.legal.Key) installiert
  • ca. am 09/10.07 Audiograbber bei dem viel 'Anhang' dabei war
  • Bin danach kaum mehr ins internet gekommen
  • Systemwiederherstellung für 08.07
  • >>Das Element "Illustrator.exe" auf das sich die Verknüpfung bezieht, wurde verändert oder verschoben<< <-- heute bemerkt

Geändert von troJanina (16.07.2014 um 16:47 Uhr)

Alt 16.07.2014, 18:03   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 17.07.2014, 15:58   #3
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Habe heute einem 'Java 7 Update 65' Install nachgegeben.
Java -> Unsicherheitsfaktor?
__________________
Angehängte Dateien
Dateityp: txt FRST.txt (56,6 KB, 117x aufgerufen)
Dateityp: txt Addition.txt (21,8 KB, 121x aufgerufen)

Alt 17.07.2014, 18:08   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.07.2014, 13:59   #5
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Ja weis ich eigentlich,
nur wollte ich verhindern das meine Daten (ü. div Suchmaschinen)
durch Suchmaschinenrobots theoretisch auffindbar wären....
kann man das nicht irgendwie 'hidden' ?


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Admin (administrator) on ADMIN-PC on 17-07-2014 15:24:23
Running from C:\Users\Admin\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3107219873-2018675022-240828242-1000\...\MountPoints2: {706505d0-d90a-11e3-ba44-806e6f6e6963} - D:\EIProcessCaller.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk
ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} ->  No File
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: https://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: KeeFox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\Extensions\keefox@chris.tomlinson [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27]
FF HKCU\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR DefaultSearchKeyword: www.yahoo.com
CHR DefaultSearchProvider: Yahoo! (Avast)
CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKCU\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-30] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-17 15:24 - 2014-07-17 15:24 - 00014904 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:23 - 2014-07-17 15:24 - 00000000 ____D () C:\FRST
2014-07-17 15:23 - 2014-07-17 15:23 - 02086912 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:17 - 2014-07-17 15:14 - 00000168 _____ () C:\Windows\setupact.log
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 16:18 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 12:25 - 2014-07-16 12:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:24 - 2014-07-16 12:25 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 17:11 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 17:11 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 17:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 17:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 17:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 17:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 17:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 17:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 17:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 17:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 17:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 17:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 17:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 17:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 17:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 17:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 17:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 17:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 17:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 17:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 17:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 17:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 17:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 17:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 17:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 17:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 17:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 17:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 17:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 17:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 17:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 17:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:25 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\di4BlockAndSurf
2014-07-10 11:25 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-09 17:04 - 2014-07-10 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-09 16:40 - 2014-07-10 11:59 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-09 16:40 - 2014-07-10 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy
2014-07-09 16:40 - 2014-07-10 11:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\fst_de_89
2014-07-09 16:39 - 2014-07-10 11:41 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-09 16:39 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-09 16:39 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-09 16:39 - 2014-07-10 11:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-07-09 16:39 - 2014-07-09 17:08 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-09 16:39 - 2014-07-09 16:39 - 00002910 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.quick.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00000318 _____ () C:\Users\Admin\AppData\Roaming\aps.uninstall.scan.results
2014-07-09 16:38 - 2014-07-10 11:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\sweet-page
2014-07-09 16:38 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-09 16:27 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\SearchProtect
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-07-09 10:35 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:35 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:35 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:35 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:35 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:35 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:35 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:35 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:35 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:35 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:35 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:35 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 14:39 - 2014-07-17 14:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-06-27 14:37 - 2014-06-27 14:38 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:31 - 2014-06-27 16:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-07-17 10:17 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-27 13:43 - 2014-07-10 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-27 13:43 - 2014-07-04 10:56 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:42 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:38 - 2014-06-27 13:39 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 13:23 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-07-10 17:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:42 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:41 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:41 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2014-06-24 12:41 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2014-06-24 12:41 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll
2014-06-24 12:41 - 2012-04-18 15:24 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNQ4809O.dll
2014-06-24 12:41 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2014-06-24 12:41 - 2010-03-11 10:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNQ4809Y.dll
2014-06-24 12:39 - 2014-06-24 12:42 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-24 12:36 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\SysWOW64\CNQ4809N.DAT
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\system32\CNQ4809N.DAT
2014-06-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-06-24 12:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-06-21 18:06 - 2000-06-29 10:00 - 00036864 _____ (Agfa-Gevaert N.V.) C:\Windows\SysWOW64\agusbsti.dll
2014-06-21 18:05 - 1998-11-17 12:44 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-18 13:03 - 2014-06-18 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 11:03 - 2014-07-04 13:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-06-17 17:19 - 2014-06-17 17:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-06-17 17:16 - 2014-06-17 17:16 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-17 17:14 - 2014-06-17 17:14 - 00000000 ____D () C:\Users\Admin\Documents\Updater5
2014-06-17 17:13 - 2014-06-26 14:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2
2014-06-17 17:12 - 2014-06-17 17:12 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-17 17:10 - 2014-06-17 17:10 - 27843432 _____ (pdfforge ) C:\Users\Admin\Downloads\PDFCreator-1_7_3_setup.exe

==================== One Month Modified Files and Folders =======

2014-07-17 15:24 - 2014-07-17 15:24 - 00014904 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:23 - 00000000 ____D () C:\FRST
2014-07-17 15:23 - 2014-07-17 15:23 - 02086912 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-17 15:21 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 15:21 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 15:20 - 2014-05-20 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-17 15:20 - 2014-05-11 11:09 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-17 15:20 - 2011-04-12 09:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat
2014-07-17 15:20 - 2011-04-12 09:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat
2014-07-17 15:20 - 2009-07-14 07:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-17 15:17 - 2014-05-11 14:51 - 01846220 _____ () C:\Windows\WindowsUpdate.log
2014-07-17 15:14 - 2014-07-17 10:17 - 00000168 _____ () C:\Windows\setupact.log
2014-07-17 15:14 - 2014-05-11 11:09 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-17 15:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 14:30 - 2014-06-27 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 10:17 - 2014-06-27 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-17 02:49 - 2014-05-11 15:47 - 00000000 ____D () C:\Windows\Panther
2014-07-16 22:52 - 2014-05-29 14:54 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F773CA57-B648-47F7-B599-0236F79381D3}
2014-07-16 16:18 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 15:02 - 2014-05-31 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TV-Browser
2014-07-16 12:44 - 2014-07-16 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:25 - 2014-07-16 12:24 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-16 12:20 - 2014-05-27 17:05 - 00000000 ____D () C:\Users\Admin\Desktop\toolz
2014-07-11 22:39 - 2014-05-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-11 08:48 - 2014-05-11 11:11 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-11 08:44 - 2009-07-14 06:45 - 02236160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 08:43 - 2014-05-11 10:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 08:43 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:02 - 2014-05-31 18:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-05-31 18:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:20 - 2014-07-09 17:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 17:16 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-10 16:08 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-10 12:20 - 2014-05-20 15:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 12:20 - 2014-05-20 15:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 12:20 - 2014-05-20 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 11:59 - 2014-07-09 16:40 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:42 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin
2014-07-10 11:41 - 2014-07-09 16:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-10 11:41 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-10 11:41 - 2014-05-30 15:12 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\system32\Macromed
2014-07-10 11:41 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 11:34 - 2014-07-09 16:39 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-10 11:34 - 2014-07-09 16:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-10 11:33 - 2014-07-10 11:25 - 00000000 ____D () C:\Program Files (x86)\di4BlockAndSurf
2014-07-10 11:33 - 2014-07-09 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy
2014-07-10 11:33 - 2014-07-09 16:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-07-10 11:33 - 2014-07-09 16:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\sweet-page
2014-07-10 11:33 - 2014-07-09 16:38 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-10 11:33 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-10 11:33 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-10 11:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-10 11:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-10 11:28 - 2014-07-09 16:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\fst_de_89
2014-07-10 11:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-09 17:08 - 2014-07-09 16:39 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-09 16:39 - 2014-07-09 16:39 - 00002910 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.quick.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00000318 _____ () C:\Users\Admin\AppData\Roaming\aps.uninstall.scan.results
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\SearchProtect
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-07-07 17:04 - 2014-07-10 11:25 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-04 13:26 - 2014-06-18 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-07-04 10:56 - 2014-06-27 13:43 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-02 15:10 - 2014-05-27 17:05 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-30 04:09 - 2014-07-10 17:11 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 17:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 16:31 - 2014-06-27 14:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:38 - 2014-06-27 14:37 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:35 - 2014-05-11 10:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:39 - 2014-06-27 13:38 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-27 10:30 - 2014-05-11 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-27 10:29 - 2014-05-11 11:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-26 14:33 - 2014-06-17 17:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 16:10 - 2014-06-24 13:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:43 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:42 - 2014-06-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:42 - 2014-06-24 12:39 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-21 18:07 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-20 22:14 - 2014-07-10 17:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 10:35 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 22:15 - 2014-05-11 11:09 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 22:15 - 2014-05-11 11:09 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 03:39 - 2014-07-10 17:10 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-10 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-10 17:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-10 17:10 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-10 17:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:42 - 2014-07-09 10:35 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:41 - 2014-07-10 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-10 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-10 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-10 17:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-10 17:10 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-10 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 10:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-10 17:10 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-10 17:10 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-10 17:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-10 17:10 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 10:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-10 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-10 17:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 10:35 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-10 17:10 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 10:35 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-10 17:10 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 10:35 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-10 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-10 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 10:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-10 17:10 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-10 17:10 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-10 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-10 17:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 10:35 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 10:35 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-10 17:10 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-10 17:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-10 17:10 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 10:35 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-10 17:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-10 17:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-10 17:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-10 17:10 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-10 17:10 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-10 17:10 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-10 17:10 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-10 17:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-10 17:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-10 17:10 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-10 17:10 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-10 17:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-10 17:10 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 10:35 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-10 17:10 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-10 17:10 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 21:26 - 2014-05-20 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 13:03 - 2014-06-18 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 04:18 - 2014-07-10 17:11 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-10 17:11 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-10 17:11 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 17:19 - 2014-06-17 17:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-06-17 17:16 - 2014-06-17 17:16 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-17 17:14 - 2014-06-17 17:14 - 00000000 ____D () C:\Users\Admin\Documents\Updater5
2014-06-17 17:12 - 2014-06-17 17:12 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-17 17:10 - 2014-06-17 17:10 - 27843432 _____ (pdfforge ) C:\Users\Admin\Downloads\PDFCreator-1_7_3_setup.exe

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 18:12

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Admin at 2014-07-17 15:24:44
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
Adobe Acrobat 8 Professional - English, Français, Deutsch (x32 Version: 8.1.0 - Adobe Systems) Hidden
Adobe After Effects CS3 (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Presets (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Template Projects & Footage (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS3 (x32 Version: 4.1 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM-x32\...\Adobe_b8d47b526dcac7b06fa9efb844abcb5) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 Library (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Flash Video Encoder (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Functional Content (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Scores (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Video Profiles (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{ECFFD23C-3111-4685-8118-E1F79644203F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel(R) Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
mst IsUsedBy (HKLM-x32\...\{E4346E0D-7C75-4D7D-8E0E-3E6453862194}) (Version: 2.0.8.148 - mst software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.4.0 - Futuremark)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Super Finder XT 1.6.3.2 (HKLM-x32\...\Super Finder XT_is1) (Version:  - FSL - FreeSoftLand)
TV-Browser 3.3.3 (HKLM-x32\...\tvbrowser) (Version: 3.3.3 - TV-Browser Team)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)

==================== Restore Points  =========================

09-07-2014 14:41:47 Windows Defender Checkpoint
09-07-2014 15:19:24 Windows Update
09-07-2014 15:27:28 Windows Update
09-07-2014 21:36:01 Windows Update
10-07-2014 09:31:59 Wiederherstellungsvorgang
10-07-2014 09:34:29 avast! antivirus system restore point
10-07-2014 09:36:13 Wiederherstellungsvorgang
10-07-2014 09:58:51 Windows Defender Checkpoint
10-07-2014 15:10:07 Windows Update
10-07-2014 15:37:35 Windows Update
16-07-2014 07:03:20 Windows Update
17-07-2014 08:38:03 Installed Java 7 Update 65

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08F0B6A6-BC94-42EB-A16A-71960CC65AEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {1259B87E-2A35-408F-9327-C76CE9343B18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {15EB952D-1DB4-411A-86D6-BCF3F57ED93B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {196BD57A-22BB-4DDD-B5FD-2876E278BD04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {374A65CF-CE87-470F-9E4F-CD40F268695A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {5AB27DA4-1E86-475D-A089-9720DD4228E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {F4ED350A-9437-4661-988F-001F5EB2E222} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll
2014-06-24 12:43 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-06-22 06:48 - 2011-06-22 06:48 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssp7mdu.dll
2014-06-27 13:43 - 2014-06-27 13:43 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-17 10:17 - 2014-07-17 10:17 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071700\algo.dll
2014-06-27 13:43 - 2014-06-27 13:43 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-18 13:03 - 2014-06-18 13:03 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-10 12:20 - 2014-07-10 12:20 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
2014-05-11 15:06 - 2013-02-16 02:17 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Super Finder XT.lnk => C:\Windows\pss\Super Finder XT.lnk.Startup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2014 03:14:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 03:09:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 02:26:41 PM) (Source: MsiInstaller) (EventID: 11706) (User: Admin-PC)
Description: Produkt: Adobe Acrobat 8 Professional - English, Français, Deutsch -- Fehler 1706. Für das Produkt Adobe Acrobat 8 Professional - English, Français, Deutsch wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets AcroPro.msi.

Error: (07/17/2014 10:17:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 10:43:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 04:10:29 PM) (Source: MsiInstaller) (EventID: 11706) (User: Admin-PC)
Description: Produkt: Adobe Acrobat 8 Professional - English, Français, Deutsch -- Fehler 1706. Für das Produkt Adobe Acrobat 8 Professional - English, Français, Deutsch wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets AcroPro.msi.

Error: (07/16/2014 08:59:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 09:45:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 00:41:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/14/2014 10:48:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: 
%%14

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 16040 MB
Available physical RAM: 12287.84 MB
Total Pagefile: 32078.17 MB
Available Pagefile: 28204.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.39 GB) (Free:89.19 GB) NTFS
Drive e: (Daten) (Fixed) (Total:785.03 GB) (Free:784.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3331867A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=785 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Geändert von troJanina (18.07.2014 um 14:04 Uhr) Grund: rest(code)

Alt 18.07.2014, 20:00   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung

Alt 19.07.2014, 00:43   #7
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



erster Scan nicht von Desktop ausgeführt u. mit Browser
welcher offenbar laut Scan geschlossen wurde



Code:
ATTFilter
ComboFix 14-07-17.03 - Admin 19.07.2014   0:08.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16040.11450 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-18 bis 2014-07-18  ))))))))))))))))))))))))))))))
.
.
2014-07-18 22:12 . 2014-07-18 22:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-18 07:48 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0FD1984-80DE-43CD-B5A3-DEBA7D14F81A}\mpengine.dll
2014-07-17 13:23 . 2014-07-17 13:24	--------	d-----w-	C:\FRST
2014-07-17 08:38 . 2014-07-17 08:38	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-07-16 10:25 . 2014-07-16 10:44	--------	d-----w-	c:\users\Admin\AppData\Roaming\XnView
2014-07-16 10:24 . 2014-07-16 10:24	--------	d-----w-	c:\program files (x86)\XnView
2014-07-15 10:53 . 2014-07-18 15:05	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-07-10 15:10 . 2014-05-30 08:08	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-07-10 15:09 . 2014-06-05 14:45	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-07-10 15:09 . 2014-06-05 14:26	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-07-10 15:09 . 2014-06-05 14:25	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-07-10 09:25 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\di4BlockAndSurf
2014-07-10 09:25 . 2014-07-07 15:04	57528	----a-w-	c:\windows\system32\drivers\webinstr.sys
2014-07-09 20:57 . 2014-06-19 00:50	570368	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2014-07-09 15:04 . 2014-07-10 15:20	--------	d-----w-	c:\program files\CCleaner
2014-07-09 14:40 . 2014-07-10 09:59	--------	d-----w-	c:\program files (x86)\fst_de_89
2014-07-09 14:40 . 2014-07-10 09:28	--------	d-----w-	c:\users\Admin\AppData\Local\fst_de_89
2014-07-09 14:39 . 2014-07-10 09:34	--------	d-----w-	c:\programdata\IePluginServices
2014-07-09 14:39 . 2014-07-10 09:41	--------	d-----w-	c:\program files (x86)\SupTab
2014-07-09 14:39 . 2014-07-10 09:34	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-07-09 14:38 . 2014-07-10 09:33	--------	d-----w-	c:\users\Admin\AppData\Roaming\sweet-page
2014-07-09 14:38 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\AnyProtectEx
2014-07-09 14:28 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\Audiograbber
2014-07-09 14:28 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2014-07-09 14:27 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\Security Guard
2014-07-09 14:27 . 2014-07-09 14:27	--------	d-----w-	c:\users\Admin\AppData\Local\SearchProtect
2014-07-02 13:09 . 2014-07-02 13:09	--------	d-----w-	c:\windows\system32\appmgmt
2014-07-01 12:34 . 2014-07-01 12:34	--------	d-----w-	c:\program files (x86)\FSL
2014-06-27 14:47 . 2014-06-27 14:47	--------	d-----w-	c:\users\Admin\AppData\Local\KeePass
2014-06-27 12:39 . 2014-07-17 14:16	--------	d-----w-	c:\users\Admin\AppData\Roaming\KeePass
2014-06-27 12:31 . 2014-06-27 14:31	--------	d-----w-	c:\program files (x86)\KeePass Password Safe 2
2014-06-24 15:42 . 2014-06-24 15:42	--------	d-----w-	c:\programdata\CanonIJ
2014-06-24 11:23 . 2014-06-24 14:10	--------	d-----w-	c:\users\Admin\AppData\Roaming\Canon
2014-06-24 10:43 . 2014-06-24 10:43	--------	d-----w-	c:\program files\Common Files\CANON
2014-06-24 10:41 . 2012-07-04 09:55	1354240	----a-w-	c:\windows\system32\CNQ4809C.dll
2014-06-24 10:41 . 2012-07-04 09:55	112128	----a-w-	c:\windows\system32\CNQ4809I.dll
2014-06-24 10:41 . 2012-07-04 09:29	106496	----a-w-	c:\windows\SysWow64\CNQ4809U.dll
2014-06-24 10:41 . 2010-12-17 12:47	515584	----a-w-	c:\windows\system32\CNQ4809L.dll
2014-06-24 10:41 . 2010-03-11 08:57	248320	----a-w-	c:\windows\system32\CNQ4809Y.dll
2014-06-24 10:41 . 2012-04-18 13:24	103424	----a-w-	c:\windows\system32\CNQ4809O.dll
2014-06-24 10:41 . 2014-06-24 10:41	--------	d--h--w-	c:\program files\CanonBJ
2014-06-24 10:39 . 2014-06-24 10:42	--------	d-----w-	c:\program files (x86)\Canon
2014-06-24 10:36 . 2014-06-24 10:36	--------	d--h--w-	c:\windows\system32\CanonIJ Uninstaller Information
2014-06-24 10:36 . 2010-12-17 12:47	438272	----a-w-	c:\windows\SysWow64\CNQ4809L.dll
2014-06-24 10:36 . 2008-08-25 16:02	17920	----a-w-	c:\windows\system32\CNHMCA6.dll
2014-06-24 10:36 . 2008-08-25 16:02	15872	----a-w-	c:\windows\SysWow64\CNHMCA.dll
2014-06-21 16:06 . 2000-06-29 08:00	36864	----a-w-	c:\windows\SysWow64\agusbsti.dll
2014-06-21 13:04 . 2014-06-21 13:04	--------	d-----w-	c:\programdata\McAfee
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 01:02 . 2014-05-31 16:48	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-10 15:38 . 2014-05-11 08:01	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-10 10:20 . 2014-05-20 13:04	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 10:20 . 2014-05-20 13:04	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-11 09:25 . 2014-05-11 09:25	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2014-05-11 09:25 . 2014-05-11 09:25	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2014-05-11 08:20 . 2014-05-11 08:20	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-05-11 08:20 . 2014-05-11 08:20	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-05-11 08:20 . 2014-05-11 08:20	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20	413696	----a-w-	c:\windows\system32\html.iec
2014-05-11 08:20 . 2014-05-11 08:20	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-05-11 08:20 . 2014-05-11 08:20	247808	----a-w-	c:\windows\system32\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-05-11 08:20 . 2014-05-11 08:20	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20	81408	----a-w-	c:\windows\system32\icardie.dll
2014-05-11 08:20 . 2014-05-11 08:20	774144	----a-w-	c:\windows\system32\jscript.dll
2014-05-11 08:20 . 2014-05-11 08:20	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-05-11 08:20 . 2014-05-11 08:20	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-05-11 08:20 . 2014-05-11 08:20	235520	----a-w-	c:\windows\system32\url.dll
2014-05-11 08:20 . 2014-05-11 08:20	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20	147968	----a-w-	c:\windows\system32\occache.dll
2014-05-11 08:20 . 2014-05-11 08:20	143872	----a-w-	c:\windows\system32\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20	13824	----a-w-	c:\windows\system32\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-05-11 08:20 . 2014-05-11 08:20	101376	----a-w-	c:\windows\system32\inseng.dll
2014-05-11 08:17 . 2014-05-11 08:17	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17	363008	----a-w-	c:\windows\system32\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	296960	----a-w-	c:\windows\system32\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17	1643520	----a-w-	c:\windows\system32\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17	1238528	----a-w-	c:\windows\system32\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17	1175552	----a-w-	c:\windows\system32\FntCache.dll
2014-05-11 08:17 . 2014-05-11 08:17	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-25 15:44 . 2002-12-20 12:02	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-25 02:34 . 2014-06-12 08:39	801280	----a-w-	c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-12 08:39	626688	----a-w-	c:\windows\SysWow64\usp10.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-27 4086432]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2014-04-13 2099200]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Super Finder XT.lnk - c:\program files (x86)\FSL\SuperFinder\SuperFinder.exe auto [2014-7-1 2447360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 13:21	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-20 10:20]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-27 11:43	634872	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-18 13427784]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mSearch Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
uInternet Settings,ProxyOverride = *.local
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-19  00:13:36
ComboFix-quarantined-files.txt  2014-07-18 22:13
.
Vor Suchlauf: 9 Verzeichnis(se), 95.685.386.240 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 95.489.163.264 Bytes frei
.
- - End Of File - - A014D2A44104076446BC7D006AED77EB
A36C5E4F47E84449FF07ED3517B43A31
         
Code:
ATTFilter
ComboFix 14-07-17.03 - Admin 19.07.2014   0:28.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16040.13845 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-18 bis 2014-07-18  ))))))))))))))))))))))))))))))
.
.
2014-07-18 22:31 . 2014-07-18 22:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-18 07:48 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0FD1984-80DE-43CD-B5A3-DEBA7D14F81A}\mpengine.dll
2014-07-17 13:23 . 2014-07-17 13:24	--------	d-----w-	C:\FRST
2014-07-17 08:38 . 2014-07-17 08:38	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-07-16 10:25 . 2014-07-16 10:44	--------	d-----w-	c:\users\Admin\AppData\Roaming\XnView
2014-07-16 10:24 . 2014-07-16 10:24	--------	d-----w-	c:\program files (x86)\XnView
2014-07-15 10:53 . 2014-07-18 15:05	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-07-10 15:10 . 2014-05-30 08:08	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-07-10 15:09 . 2014-06-05 14:45	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-07-10 15:09 . 2014-06-05 14:26	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-07-10 15:09 . 2014-06-05 14:25	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-07-10 09:25 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\di4BlockAndSurf
2014-07-10 09:25 . 2014-07-07 15:04	57528	----a-w-	c:\windows\system32\drivers\webinstr.sys
2014-07-09 20:57 . 2014-06-19 00:50	570368	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2014-07-09 15:04 . 2014-07-10 15:20	--------	d-----w-	c:\program files\CCleaner
2014-07-09 14:40 . 2014-07-10 09:59	--------	d-----w-	c:\program files (x86)\fst_de_89
2014-07-09 14:40 . 2014-07-10 09:28	--------	d-----w-	c:\users\Admin\AppData\Local\fst_de_89
2014-07-09 14:39 . 2014-07-10 09:34	--------	d-----w-	c:\programdata\IePluginServices
2014-07-09 14:39 . 2014-07-10 09:41	--------	d-----w-	c:\program files (x86)\SupTab
2014-07-09 14:39 . 2014-07-10 09:34	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-07-09 14:38 . 2014-07-10 09:33	--------	d-----w-	c:\users\Admin\AppData\Roaming\sweet-page
2014-07-09 14:38 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\AnyProtectEx
2014-07-09 14:28 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\Audiograbber
2014-07-09 14:28 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2014-07-09 14:27 . 2014-07-10 09:33	--------	d-----w-	c:\program files (x86)\Security Guard
2014-07-09 14:27 . 2014-07-09 14:27	--------	d-----w-	c:\users\Admin\AppData\Local\SearchProtect
2014-07-02 13:09 . 2014-07-02 13:09	--------	d-----w-	c:\windows\system32\appmgmt
2014-07-01 12:34 . 2014-07-01 12:34	--------	d-----w-	c:\program files (x86)\FSL
2014-06-27 14:47 . 2014-06-27 14:47	--------	d-----w-	c:\users\Admin\AppData\Local\KeePass
2014-06-27 12:39 . 2014-07-17 14:16	--------	d-----w-	c:\users\Admin\AppData\Roaming\KeePass
2014-06-27 12:31 . 2014-06-27 14:31	--------	d-----w-	c:\program files (x86)\KeePass Password Safe 2
2014-06-24 15:42 . 2014-06-24 15:42	--------	d-----w-	c:\programdata\CanonIJ
2014-06-24 11:23 . 2014-06-24 14:10	--------	d-----w-	c:\users\Admin\AppData\Roaming\Canon
2014-06-24 10:43 . 2014-06-24 10:43	--------	d-----w-	c:\program files\Common Files\CANON
2014-06-24 10:41 . 2012-07-04 09:55	1354240	----a-w-	c:\windows\system32\CNQ4809C.dll
2014-06-24 10:41 . 2012-07-04 09:55	112128	----a-w-	c:\windows\system32\CNQ4809I.dll
2014-06-24 10:41 . 2012-07-04 09:29	106496	----a-w-	c:\windows\SysWow64\CNQ4809U.dll
2014-06-24 10:41 . 2010-12-17 12:47	515584	----a-w-	c:\windows\system32\CNQ4809L.dll
2014-06-24 10:41 . 2010-03-11 08:57	248320	----a-w-	c:\windows\system32\CNQ4809Y.dll
2014-06-24 10:41 . 2012-04-18 13:24	103424	----a-w-	c:\windows\system32\CNQ4809O.dll
2014-06-24 10:41 . 2014-06-24 10:41	--------	d--h--w-	c:\program files\CanonBJ
2014-06-24 10:39 . 2014-06-24 10:42	--------	d-----w-	c:\program files (x86)\Canon
2014-06-24 10:36 . 2014-06-24 10:36	--------	d--h--w-	c:\windows\system32\CanonIJ Uninstaller Information
2014-06-24 10:36 . 2010-12-17 12:47	438272	----a-w-	c:\windows\SysWow64\CNQ4809L.dll
2014-06-24 10:36 . 2008-08-25 16:02	17920	----a-w-	c:\windows\system32\CNHMCA6.dll
2014-06-24 10:36 . 2008-08-25 16:02	15872	----a-w-	c:\windows\SysWow64\CNHMCA.dll
2014-06-21 16:06 . 2000-06-29 08:00	36864	----a-w-	c:\windows\SysWow64\agusbsti.dll
2014-06-21 13:04 . 2014-06-21 13:04	--------	d-----w-	c:\programdata\McAfee
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 01:02 . 2014-05-31 16:48	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-10 15:38 . 2014-05-11 08:01	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-10 10:20 . 2014-05-20 13:04	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 10:20 . 2014-05-20 13:04	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-11 09:25 . 2014-05-11 09:25	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2014-05-11 09:25 . 2014-05-11 09:25	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2014-05-11 08:20 . 2014-05-11 08:20	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-05-11 08:20 . 2014-05-11 08:20	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-05-11 08:20 . 2014-05-11 08:20	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20	413696	----a-w-	c:\windows\system32\html.iec
2014-05-11 08:20 . 2014-05-11 08:20	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-05-11 08:20 . 2014-05-11 08:20	247808	----a-w-	c:\windows\system32\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-05-11 08:20 . 2014-05-11 08:20	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20	81408	----a-w-	c:\windows\system32\icardie.dll
2014-05-11 08:20 . 2014-05-11 08:20	774144	----a-w-	c:\windows\system32\jscript.dll
2014-05-11 08:20 . 2014-05-11 08:20	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-05-11 08:20 . 2014-05-11 08:20	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-05-11 08:20 . 2014-05-11 08:20	235520	----a-w-	c:\windows\system32\url.dll
2014-05-11 08:20 . 2014-05-11 08:20	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20	147968	----a-w-	c:\windows\system32\occache.dll
2014-05-11 08:20 . 2014-05-11 08:20	143872	----a-w-	c:\windows\system32\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20	13824	----a-w-	c:\windows\system32\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-05-11 08:20 . 2014-05-11 08:20	101376	----a-w-	c:\windows\system32\inseng.dll
2014-05-11 08:17 . 2014-05-11 08:17	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17	363008	----a-w-	c:\windows\system32\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	296960	----a-w-	c:\windows\system32\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17	1643520	----a-w-	c:\windows\system32\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17	1238528	----a-w-	c:\windows\system32\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17	1175552	----a-w-	c:\windows\system32\FntCache.dll
2014-05-11 08:17 . 2014-05-11 08:17	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-25 15:44 . 2002-12-20 12:02	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-25 02:34 . 2014-06-12 08:39	801280	----a-w-	c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-12 08:39	626688	----a-w-	c:\windows\SysWow64\usp10.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-27 4086432]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2014-04-13 2099200]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Super Finder XT.lnk - c:\program files (x86)\FSL\SuperFinder\SuperFinder.exe auto [2014-7-1 2447360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 13:21	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-20 10:20]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-27 11:43	634872	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-18 13427784]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mSearch Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
uInternet Settings,ProxyOverride = *.local
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-19  00:32:38
ComboFix-quarantined-files.txt  2014-07-18 22:32
.
Vor Suchlauf: 12 Verzeichnis(se), 95.916.478.464 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 95.614.971.904 Bytes frei
.
- - End Of File - - D0B1EEE5D53D08DF2ECE94CF1EB3A594
A36C5E4F47E84449FF07ED3517B43A31
         
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe?
Nebenbei:
macht
(Avast) Antivirus neben Windows Defender Sinn?
Das Win7 Sicherheits-Wartungscenter will offenbar beide

Geändert von troJanina (19.07.2014 um 00:53 Uhr) Grund: erster Scan nicht von Desktop ausgeführt u. mit Browser

Alt 19.07.2014, 21:44   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Defender wird vom AV schon abgeschaltet falls es stört


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.07.2014, 20:45   #9
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



als <code></code>?
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.07.2014
Suchlauf-Zeit: 18:33:59
Logdatei: suchlauf_verlaufsprotokoll.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.20.04
Rootkit Datenbank: v2014.07.17.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 302657
Verstrichene Zeit: 3 Min, 44 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 20
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [d9eb1d84d5a6bc7a0e731e9ba9597e82], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [d9eb1d84d5a6bc7a0e731e9ba9597e82], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\UI, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], 
PUP.Optional.FreeSoftwareToday.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy, In Quarantäne, [7b49d2cf98e39b9b0e1219a350b2e818], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x64, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x86, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\Download, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\fst_de_89, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\fst_de_89\1.10, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_de_89, In Quarantäne, [6c581a876219231359b8d2eb8c76f808], 

Dateien: 27
PUP.Optional.Trovi.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\trovi-search.xml, In Quarantäne, [863e7c25740765d1ab22fed4ea189f61], 
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [6064dcc5c3b826102369a86d12f2f20e], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [d9eb1d84d5a6bc7a0e731e9ba9597e82], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\CRASH_DUMP_P6540_T2624_D2014_07_09_T17_07_39.dmp, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\CRASH_REPORT_P6540_T2624_D2014_07_09_T17_07_39.txt, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-09[16-39-08-596].log, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\175.crx, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\175.dat, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\175.xpi, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\a.db, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\b.db, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\di0BlockAndSurfyv175.bin, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\di0BlockAndSurfyv175.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\di6BlockAndSurfM.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\Sqlite3.dll, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x64\TandemRunner.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x86\TandemRunner.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\upfst_de_89.cyl, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\upfst_de_89.exe, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\user_profil.cyp, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\fst_de_89\1.10\cnf.cyl, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], 
PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_de_89\unins000.dat, In Quarantäne, [6c581a876219231359b8d2eb8c76f808], 
PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_de_89\unins000.msg, In Quarantäne, [6c581a876219231359b8d2eb8c76f808], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Code:
ATTFilter
# AdwCleaner v3.216 - Bericht erstellt am 20/07/2014 um 19:26:30
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Downloads\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\aps.scan.quick.results
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\aps.scan.results
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\aps.uninstall.scan.results

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322196&octid=EB_ORIGINAL_CTID&ISID=MA1B62CB1-5364-43EE-B9DD-ED2D9A7D585D&SearchSource=58&CUI=&UM=6&UP=SP7DD54E2A-E878-4BF3-8857-B931A5991ECF&q={searchTerms}&SSPV=
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [1903 octets] - [20/07/2014 19:10:56]
AdwCleaner[S0].txt - [1778 octets] - [20/07/2014 19:26:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1838 octets] ##########
         
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Admin on 20.07.2014 at 19:33:53,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\z8c3id95.default\minidumps [104 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.07.2014 at 19:39:47,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---




und das FRST:



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Admin (administrator) on ADMIN-PC on 20-07-2014 20:04:22
Running from C:\Users\Admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch 
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk
ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} ->  No File
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: https://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: KeeFox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\Extensions\keefox@chris.tomlinson [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27]
FF HKCU\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR DefaultSearchKeyword: www.yahoo.com
CHR DefaultSearchProvider: Yahoo! (Avast)
CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKCU\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-30] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 20:03 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-07-20 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 19:05 - 2014-07-20 19:26 - 00000000 ____D () C:\AdwCleaner
2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe
2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt
2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt
2014-07-20 18:29 - 2014-07-20 19:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-20 18:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-20 18:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-20 18:29 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-19 12:21 - 2014-07-20 19:27 - 00013508 _____ () C:\Windows\PFRO.log
2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt
2014-07-19 00:25 - 2014-07-20 20:04 - 00003364 _____ () C:\Users\Admin\Desktop\win.txt
2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt
2014-07-19 00:08 - 2014-07-19 00:32 - 00000000 ____D () C:\Qoobox
2014-07-19 00:08 - 2014-07-19 00:12 - 00000000 ____D () C:\Windows\erdnt
2014-07-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk
2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip
2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56
2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe
2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe
2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-07-17 15:41 - 2014-07-20 20:04 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-07-17 15:23 - 2014-07-20 20:04 - 00000000 ____D () C:\FRST
2014-07-17 15:23 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:17 - 2014-07-20 19:27 - 00001120 _____ () C:\Windows\setupact.log
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 16:18 - 2014-07-20 18:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 12:25 - 2014-07-16 12:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:24 - 2014-07-16 12:25 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 17:11 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 17:11 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 17:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 17:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 17:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 17:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 17:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 17:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 17:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 17:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 17:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 17:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 17:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 17:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 17:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 17:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 17:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 17:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 17:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 17:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 17:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 17:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 17:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 17:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 17:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 17:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 17:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 17:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 17:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 17:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 17:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 17:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:25 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-09 17:04 - 2014-07-10 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-09 16:27 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-09 10:35 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:35 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:35 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:35 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:35 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:35 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:35 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:35 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:35 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:35 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:35 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:35 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 14:39 - 2014-07-17 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-06-27 14:37 - 2014-06-27 14:38 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:31 - 2014-06-27 16:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-07-20 19:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-27 13:43 - 2014-07-10 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-27 13:43 - 2014-07-04 10:56 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:42 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:38 - 2014-06-27 13:39 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 13:23 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-07-18 17:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:42 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:41 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:41 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2014-06-24 12:41 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2014-06-24 12:41 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll
2014-06-24 12:41 - 2012-04-18 15:24 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNQ4809O.dll
2014-06-24 12:41 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2014-06-24 12:41 - 2010-03-11 10:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNQ4809Y.dll
2014-06-24 12:39 - 2014-06-24 12:42 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-24 12:36 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\SysWOW64\CNQ4809N.DAT
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\system32\CNQ4809N.DAT
2014-06-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-06-24 12:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-06-21 18:06 - 2000-06-29 10:00 - 00036864 _____ (Agfa-Gevaert N.V.) C:\Windows\SysWOW64\agusbsti.dll
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

2014-07-20 20:04 - 2014-07-19 00:25 - 00003364 _____ () C:\Users\Admin\Desktop\win.txt
2014-07-20 20:04 - 2014-07-17 15:41 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-07-20 20:04 - 2014-07-17 15:23 - 00000000 ____D () C:\FRST
2014-07-20 20:02 - 2014-07-20 20:03 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-07-20 20:02 - 2014-07-17 15:23 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 19:33 - 2011-04-12 09:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat
2014-07-20 19:33 - 2011-04-12 09:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat
2014-07-20 19:33 - 2009-07-14 07:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-07-20 19:28 - 2014-07-20 18:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 19:27 - 2014-07-19 12:21 - 00013508 _____ () C:\Windows\PFRO.log
2014-07-20 19:27 - 2014-07-17 10:17 - 00001120 _____ () C:\Windows\setupact.log
2014-07-20 19:27 - 2014-06-27 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-20 19:27 - 2014-05-11 14:51 - 01943692 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 19:27 - 2014-05-11 11:09 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 19:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 19:26 - 2014-07-20 19:05 - 00000000 ____D () C:\AdwCleaner
2014-07-20 19:20 - 2014-05-20 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 19:20 - 2014-05-11 11:09 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe
2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt
2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt
2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-20 18:28 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-20 13:53 - 2014-05-29 14:54 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F773CA57-B648-47F7-B599-0236F79381D3}
2014-07-19 12:50 - 2014-05-31 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TV-Browser
2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt
2014-07-19 00:32 - 2014-07-19 00:08 - 00000000 ____D () C:\Qoobox
2014-07-19 00:31 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt
2014-07-19 00:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-19 00:12 - 2014-07-19 00:08 - 00000000 ____D () C:\Windows\erdnt
2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk
2014-07-18 17:26 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-18 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip
2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56
2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe
2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe
2014-07-18 15:22 - 2014-05-11 11:11 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 02:18 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-17 16:16 - 2014-06-27 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 02:49 - 2014-05-11 15:47 - 00000000 ____D () C:\Windows\Panther
2014-07-16 12:44 - 2014-07-16 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:25 - 2014-07-16 12:24 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-16 12:20 - 2014-05-27 17:05 - 00000000 ____D () C:\Users\Admin\Desktop\toolz
2014-07-11 22:39 - 2014-05-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-11 08:44 - 2009-07-14 06:45 - 02236160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 08:43 - 2014-05-11 10:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 08:43 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:02 - 2014-05-31 18:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-05-31 18:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:20 - 2014-07-09 17:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 12:20 - 2014-05-20 15:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 12:20 - 2014-05-20 15:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 12:20 - 2014-05-20 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:42 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin
2014-07-10 11:41 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-10 11:41 - 2014-05-30 15:12 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\system32\Macromed
2014-07-10 11:41 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-10 11:33 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-10 11:33 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-10 11:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-10 11:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-10 11:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-07 17:04 - 2014-07-10 11:25 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-04 13:26 - 2014-06-18 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-07-04 10:56 - 2014-06-27 13:43 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-02 15:10 - 2014-05-27 17:05 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-30 04:09 - 2014-07-10 17:11 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 17:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 16:31 - 2014-06-27 14:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:38 - 2014-06-27 14:37 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:35 - 2014-05-11 10:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:39 - 2014-06-27 13:38 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-27 10:30 - 2014-05-11 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-27 10:29 - 2014-05-11 11:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-26 14:33 - 2014-06-17 17:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 16:10 - 2014-06-24 13:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:43 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:42 - 2014-06-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:42 - 2014-06-24 12:39 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-21 18:07 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-20 22:14 - 2014-07-10 17:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 10:35 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 16:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Geändert von troJanina (20.07.2014 um 19:58 Uhr)

Alt 21.07.2014, 11:54   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.07.2014, 16:47   #11
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1ad772e712a5ab49afbeb21629390830
# engine=19277
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-21 02:34:24
# local_time=2014-07-21 04:34:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 967964 2083916 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 283555 157583114 0 0
# scanned=160767
# found=6
# cleaned=0
# scan_time=998
sh=C5883F4245AE2C0515FB1D04A08FD82885B06398 ft=1 fh=8d649859311d4519 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=16CF5D6E11C0F55548A67B8B5D04FA3460C76A2D ft=1 fh=7418003a088e68c3 vn="Win64/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=E26341069187332C55F4E5DC3DEB99EB4DFFA8A9 ft=1 fh=48600f80b4b84481 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=5F1CA50D4A8220CCF7C99930C3CFC877F7391498 ft=1 fh=4dfb759bf3cb5672 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe"
sh=2AC94F46C9DBB6CEA025C6E8FA97A26A8BA9C388 ft=1 fh=3a2a8c2dbf805015 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\PDFCreator-1_7_3_setup.exe"
         
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


SecurityCheck.exe vom Desktop ausgeführt
checkup.txt:

Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
^kann das stimmen?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Admin (administrator) on ADMIN-PC on 21-07-2014 16:54:56
Running from C:\Users\Admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch 
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk
ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} ->  No File
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: https://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: KeeFox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\Extensions\keefox@chris.tomlinson [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27]
FF HKCU\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR DefaultSearchKeyword: www.yahoo.com
CHR DefaultSearchProvider: Yahoo! (Avast)
CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKCU\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-30] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-21 16:50 - 2014-07-21 16:50 - 00854390 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-07-21 16:14 - 2014-07-21 16:14 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-21 16:12 - 2014-07-21 16:12 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-07-20 20:03 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-07-20 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 19:05 - 2014-07-20 19:26 - 00000000 ____D () C:\AdwCleaner
2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe
2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt
2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt
2014-07-20 18:29 - 2014-07-21 16:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-20 18:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-20 18:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-20 18:29 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-19 12:21 - 2014-07-20 19:27 - 00013508 _____ () C:\Windows\PFRO.log
2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt
2014-07-19 00:25 - 2014-07-21 16:50 - 00006217 _____ () C:\Users\Admin\Desktop\win.txt
2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt
2014-07-19 00:08 - 2014-07-19 00:32 - 00000000 ____D () C:\Qoobox
2014-07-19 00:08 - 2014-07-19 00:12 - 00000000 ____D () C:\Windows\erdnt
2014-07-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk
2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip
2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56
2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe
2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe
2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-07-17 15:41 - 2014-07-21 16:54 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-07-17 15:23 - 2014-07-21 16:54 - 00000000 ____D () C:\FRST
2014-07-17 15:23 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:17 - 2014-07-20 19:27 - 00001120 _____ () C:\Windows\setupact.log
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 16:18 - 2014-07-20 18:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 12:25 - 2014-07-16 12:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:24 - 2014-07-16 12:25 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 17:11 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 17:11 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 17:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 17:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 17:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 17:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 17:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 17:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 17:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 17:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 17:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 17:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 17:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 17:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 17:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 17:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 17:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 17:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 17:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 17:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 17:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 17:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 17:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 17:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 17:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 17:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 17:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 17:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 17:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 17:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 17:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 17:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:25 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-09 17:04 - 2014-07-10 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-09 16:27 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-09 10:35 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:35 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:35 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:35 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:35 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:35 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:35 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:35 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:35 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:35 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:35 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:35 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 14:39 - 2014-07-17 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-06-27 14:37 - 2014-06-27 14:38 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:31 - 2014-06-27 16:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-07-20 19:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-27 13:43 - 2014-07-10 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-27 13:43 - 2014-07-04 10:56 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:42 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:38 - 2014-06-27 13:39 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 13:23 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-07-18 17:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:42 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:41 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:41 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2014-06-24 12:41 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2014-06-24 12:41 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll
2014-06-24 12:41 - 2012-04-18 15:24 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNQ4809O.dll
2014-06-24 12:41 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2014-06-24 12:41 - 2010-03-11 10:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNQ4809Y.dll
2014-06-24 12:39 - 2014-06-24 12:42 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-24 12:36 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\SysWOW64\CNQ4809N.DAT
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\system32\CNQ4809N.DAT
2014-06-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-06-24 12:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-06-21 18:06 - 2000-06-29 10:00 - 00036864 _____ (Agfa-Gevaert N.V.) C:\Windows\SysWOW64\agusbsti.dll
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

2014-07-21 16:55 - 2014-07-17 15:41 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-07-21 16:54 - 2014-07-17 15:23 - 00000000 ____D () C:\FRST
2014-07-21 16:50 - 2014-07-21 16:50 - 00854390 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-07-21 16:50 - 2014-07-19 00:25 - 00006217 _____ () C:\Users\Admin\Desktop\win.txt
2014-07-21 16:49 - 2014-07-20 18:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 16:20 - 2014-05-20 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 16:20 - 2014-05-11 11:09 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 16:14 - 2014-07-21 16:14 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-21 16:12 - 2014-07-21 16:12 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-07-21 14:34 - 2014-05-29 14:54 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F773CA57-B648-47F7-B599-0236F79381D3}
2014-07-21 06:50 - 2014-05-11 14:51 - 01955888 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 22:20 - 2014-05-11 11:09 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 20:02 - 2014-07-20 20:03 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-07-20 20:02 - 2014-07-17 15:23 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 19:33 - 2011-04-12 09:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat
2014-07-20 19:33 - 2011-04-12 09:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat
2014-07-20 19:33 - 2009-07-14 07:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-07-20 19:27 - 2014-07-19 12:21 - 00013508 _____ () C:\Windows\PFRO.log
2014-07-20 19:27 - 2014-07-17 10:17 - 00001120 _____ () C:\Windows\setupact.log
2014-07-20 19:27 - 2014-06-27 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-20 19:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 19:26 - 2014-07-20 19:05 - 00000000 ____D () C:\AdwCleaner
2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe
2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt
2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt
2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-20 18:28 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-19 12:50 - 2014-05-31 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TV-Browser
2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt
2014-07-19 00:32 - 2014-07-19 00:08 - 00000000 ____D () C:\Qoobox
2014-07-19 00:31 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk
2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt
2014-07-19 00:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-19 00:12 - 2014-07-19 00:08 - 00000000 ____D () C:\Windows\erdnt
2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk
2014-07-18 17:26 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-18 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip
2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56
2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe
2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe
2014-07-18 15:22 - 2014-05-11 11:11 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 02:18 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-17 16:16 - 2014-06-27 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 02:49 - 2014-05-11 15:47 - 00000000 ____D () C:\Windows\Panther
2014-07-16 12:44 - 2014-07-16 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:25 - 2014-07-16 12:24 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-16 12:20 - 2014-05-27 17:05 - 00000000 ____D () C:\Users\Admin\Desktop\toolz
2014-07-11 22:39 - 2014-05-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-11 08:44 - 2009-07-14 06:45 - 02236160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 08:43 - 2014-05-11 10:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 08:43 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:02 - 2014-05-31 18:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-05-31 18:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:20 - 2014-07-09 17:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 12:20 - 2014-05-20 15:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 12:20 - 2014-05-20 15:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 12:20 - 2014-05-20 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:42 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin
2014-07-10 11:41 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-10 11:41 - 2014-05-30 15:12 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\system32\Macromed
2014-07-10 11:41 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-10 11:33 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-10 11:33 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-10 11:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-10 11:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-10 11:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-07 17:04 - 2014-07-10 11:25 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-04 13:26 - 2014-06-18 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-07-04 10:56 - 2014-06-27 13:43 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-02 15:10 - 2014-05-27 17:05 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-30 04:09 - 2014-07-10 17:11 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 17:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 16:31 - 2014-06-27 14:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:38 - 2014-06-27 14:37 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:35 - 2014-05-11 10:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:39 - 2014-06-27 13:38 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-27 10:30 - 2014-05-11 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-27 10:29 - 2014-05-11 11:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-26 14:33 - 2014-06-17 17:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 16:10 - 2014-06-24 13:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:43 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:42 - 2014-06-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:42 - 2014-06-24 12:39 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-21 18:07 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 16:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Geändert von troJanina (21.07.2014 um 17:02 Uhr)

Alt 22.07.2014, 11:49   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.07.2014, 12:59   #13
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



kann die Fixlog.txt Datei nicht mehr finden
..hätte ich wohl vor der DelFix Aktion posten sollen
Was jetzt ?

Alt 24.07.2014, 10:30   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



nicht schlimm
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.07.2014, 10:48   #15
troJanina
 
Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Standard

Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung



Habs nochmal wiederholt
(falls etz noch Sinn macht)

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014
Ran by Admin at 2014-07-24 10:44:06 Run:1
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
*****************

"C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.

==== End of Fixlog ====
         





Beide nebeneinander laufen lassen?
Windows Defender + Avast

-
-
-

Geändert von troJanina (24.07.2014 um 10:51 Uhr) Grund: Text hinzugefügt

Antwort

Themen zu Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung
adobe, anhang, audiograbber, download, installier, pup.optional.blockandsurf.a, pup.optional.freesofttoday.a, pup.optional.freesoftwaretoday.a, pup.optional.iepluginservices.a, pup.optional.searchprotect.a, pup.optional.sweetpage.a, pup.optional.trovi.a, pup.optional.wpm.a, sweet-page, sweet-page entfernen, sweetpage, sweetpage entfernen, systemwiederherstellung, sytemwiederherstellung, verschoben, win32/clientconnect.a, win32/downloadsponsor.a, win32/installmonetizer.aq, win64/thinknice.a, win64/thinknice.b



Ähnliche Themen: Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung


  1. Adobe Flash Shockw. stürzt ab - Laufwerk C: voll aber nicht viel drauf
    Plagegeister aller Art und deren Bekämpfung - 01.04.2015 (15)
  2. Sytemwiederherstellung
    Alles rund um Windows - 11.03.2015 (22)
  3. Search Protect - bei Installation von Audiograbber mitinstalliert?
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (13)
  4. , api-ms-win-download-user32-l1-1-0.dll auf dem Computer fehlt
    Plagegeister aller Art und deren Bekämpfung - 01.01.2015 (5)
  5. E-Mail Anhang herruntergeladen und geöffnet von eindeutig unseriösem Absender (Service AG Download)
    Log-Analyse und Auswertung - 07.05.2014 (10)
  6. Trojaner - Ordner werden zu Verknüpfung - Recycled (Verknüpfung) Recycler -system32
    Log-Analyse und Auswertung - 13.04.2014 (33)
  7. [müll] download adobe reader
    Mülltonne - 19.02.2012 (1)
  8. scheinbar von selbst gelöst: svchost verursacht viel Traffic (Adobe Updater?)
    Alles rund um Windows - 28.10.2011 (3)
  9. Adobe bietet nur noch vollständig gepatchte Reader-Version zum Download an
    Nachrichten - 14.07.2010 (0)
  10. Adobe schließt Lücke im Download Manager
    Nachrichten - 24.02.2010 (0)
  11. Sicherheitsprobleme in Adobe Download Manager
    Nachrichten - 19.02.2010 (0)
  12. Start Taskleiste fehlt, sound fehlt, kopieren & einfügen nicht mögli - hijack logfile
    Log-Analyse und Auswertung - 16.06.2009 (0)
  13. internet & pc immer langsamer! viel mehr up- als download!
    Plagegeister aller Art und deren Bekämpfung - 30.01.2009 (2)
  14. .mp3-anhang fehlt!
    Alles rund um Windows - 03.01.2009 (7)
  15. Probleme mit Desktop Symbolen /und Sytemwiederherstellung
    Log-Analyse und Auswertung - 09.10.2008 (2)
  16. adobe flashplayer-kein download möglich, bitte hilfe!!
    Alles rund um Windows - 24.07.2008 (6)
  17. Komisch.. Ne kb download rate von 7 und ganz viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 24.06.2008 (13)

Zum Thema Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung - Habe am 30.05 Adobe CS3 (m.legal.Key) installiert ca. am 09/10.07 Audiograbber bei dem viel 'Anhang' dabei war Bin danach kaum mehr ins internet gekommen Systemwiederherstellung für 08.07 >>Das Element "Illustrator.exe" - Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung...
Archiv
Du betrachtest: Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.