Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?

DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?


Plagegeister aller Art und deren Bekämpfung: DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.05.2015, 12:43   #16
AGRO123
 
DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert? - Standard

DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by ag (administrator) on AG-PC on 02-05-2015 13:09:00
Running from C:\Users\ag\Downloads
Loaded Profiles: ag (Available profiles: ag)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
() C:\Program Files (x86)\VVW\Update\VVWUpdateDienst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\VVW\Update\VVWUpdateTray.exe
(Dropbox, Inc.) C:\Users\ag\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE 60
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-10-10] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG)
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
Startup: C:\Users\ag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-01-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\ag\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VVWUpdateTray.lnk [2014-10-16]
ShortcutTarget: VVWUpdateTray.lnk -> C:\Program Files (x86)\VVW\Update\VVWUpdateTray.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ag\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1969579996-2544780815-1722642228-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1969579996-2544780815-1722642228-1001 -> {0B131811-4AEA-44BD-A470-68E0C30CA2DB} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1969579996-2544780815-1722642228-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ag\AppData\Roaming\Mozilla\Firefox\Profiles\zg88klxh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @eleco.com/o2cplayer -> C:\Program Files (x86)\o2c Player\npO2CPlayer.DLL [2011-03-30] (Eleco plc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-08-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-08-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-08-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-08-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-08-13] (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-04-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [4901888 2009-05-14] () [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [49136 2015-03-27] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-09-16] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-09-16] (Lenovo Group Limited)
R2 VVWUpdateService; C:\Program Files (x86)\VVW\Update\VVWUpdateDienst.exe [3079808 2014-03-28] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl564.sys [754688 2006-10-12] (Broadcom Corporation) [File not signed]
R3 DLKRT64; C:\Windows\System32\DRIVERS\DLKRT64.sys [215040 2009-08-06] (D-Link corp.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [34304 2005-11-19] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-07-02] (Lenovo (United States) Inc.)
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 12:02 - 2015-05-02 12:03 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-02 12:02 - 2015-05-02 12:02 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-02 12:02 - 2015-05-02 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-02 12:02 - 2015-05-02 12:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-02 12:02 - 2015-05-02 12:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-02 12:02 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-02 12:02 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-02 12:02 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-02 12:01 - 2015-05-02 12:01 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\ag\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-01 10:06 - 2015-05-02 11:39 - 00000000 ____D () C:\AdwCleaner
2015-05-01 10:05 - 2015-05-01 10:05 - 02224640 ____N () C:\Users\ag\Desktop\AdwCleaner_4.202.exe
2015-04-30 17:49 - 2015-04-30 17:49 - 00030259 ____N () C:\ComboFix.txt
2015-04-30 17:19 - 2015-04-30 17:49 - 00000000 ____D () C:\Qoobox
2015-04-30 17:19 - 2011-06-26 08:45 - 00256000 ____N () C:\Windows\PEV.exe
2015-04-30 17:19 - 2010-11-07 19:20 - 00208896 ____N () C:\Windows\MBR.exe
2015-04-30 17:19 - 2009-04-20 06:56 - 00060416 ____N (NirSoft) C:\Windows\NIRCMD.exe
2015-04-30 17:19 - 2000-08-31 02:00 - 00518144 ____N (SteelWerX) C:\Windows\SWREG.exe
2015-04-30 17:19 - 2000-08-31 02:00 - 00406528 ____N (SteelWerX) C:\Windows\SWSC.exe
2015-04-30 17:19 - 2000-08-31 02:00 - 00098816 ____N () C:\Windows\sed.exe
2015-04-30 17:19 - 2000-08-31 02:00 - 00080412 ____N () C:\Windows\grep.exe
2015-04-30 17:19 - 2000-08-31 02:00 - 00068096 ____N () C:\Windows\zip.exe
2015-04-30 17:18 - 2015-04-30 17:47 - 00000000 ____D () C:\Windows\erdnt
2015-04-30 17:12 - 2015-04-30 17:12 - 05619691 ____R (Swearware) C:\Users\ag\Desktop\ComboFix.exe
2015-04-30 16:51 - 2015-04-30 16:51 - 04197016 ____N (Kaspersky Lab ZAO) C:\Users\ag\Downloads\tdsskiller.exe
2015-04-30 10:56 - 2015-04-30 10:56 - 00060944 ____N () C:\Users\ag\Downloads\Addition.txt
2015-04-30 09:04 - 2015-05-02 13:09 - 00020338 _____ () C:\Users\ag\Downloads\FRST.txt
2015-04-30 09:04 - 2015-05-02 13:09 - 00000000 ____D () C:\FRST
2015-04-30 09:03 - 2015-04-30 09:03 - 02101248 ____N (Farbar) C:\Users\ag\Downloads\FRST64.exe
2015-04-30 00:04 - 2015-04-30 00:04 - 00000502 ____N () C:\Users\ag\Desktop\01.csv
2015-04-29 16:14 - 2015-04-29 16:15 - 46525608 ____N (Safer-Networking Ltd. ) C:\Users\ag\Downloads\spybot-2.4.40.exe
2015-04-22 09:56 - 2015-04-22 09:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2015-04-15 09:16 - 2015-03-25 05:24 - 03298816 ____N (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 02553856 ____N (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 00696320 ____N (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 00191488 ____N (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 00098304 ____N (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 00060416 ____N (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 00037376 ____N (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:16 - 2015-03-25 05:24 - 00035328 ____N (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:16 - 2015-03-25 05:23 - 00135168 ____N (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:16 - 2015-03-25 05:23 - 00036864 ____N (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:16 - 2015-03-25 05:23 - 00012288 ____N (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:16 - 2015-03-25 05:00 - 00566784 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:16 - 2015-03-25 05:00 - 00173056 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:16 - 2015-03-25 05:00 - 00092672 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:16 - 2015-03-25 05:00 - 00033792 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:16 - 2015-03-25 05:00 - 00029696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:16 - 2015-03-17 07:22 - 05557696 ____N (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:16 - 2015-03-17 07:19 - 01727904 ____N (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:16 - 2015-03-17 07:16 - 01163264 ____N (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 09:16 - 2015-03-17 07:16 - 00424448 ____N (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 09:16 - 2015-03-17 07:01 - 03920824 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 09:16 - 2015-03-17 06:59 - 01309696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 09:16 - 2015-03-10 05:25 - 01882624 ____N (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:16 - 2015-03-10 05:21 - 00002048 ____N (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:16 - 2015-03-10 05:08 - 01237504 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:16 - 2015-03-10 05:05 - 00002048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:16 - 2015-03-05 07:12 - 00404480 ____N (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:16 - 2015-03-05 06:05 - 00311808 ____N (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:15 - 2015-04-02 02:17 - 00389808 ____N (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:15 - 2015-04-02 01:49 - 00342704 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 09:15 - 2015-03-17 07:22 - 00155576 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:15 - 2015-03-17 07:22 - 00095672 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:15 - 2015-03-17 07:17 - 00362496 ____N (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 09:15 - 2015-03-17 07:17 - 00243712 ____N (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 09:15 - 2015-03-17 07:17 - 00013312 ____N (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 01461760 ____N (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00728064 ____N (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00503808 ____N (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00341504 ____N (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00314880 ____N (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00309760 ____N (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00296960 ____N (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:15 - 2015-03-17 07:16 - 00215040 ____N (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00210944 ____N (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00136192 ____N (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00112640 ____N (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:15 - 2015-03-17 07:16 - 00086528 ____N (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00050176 ____N (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00043520 ____N (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00029184 ____N (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00028160 ____N (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00022016 ____N (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:15 - 2015-03-17 07:16 - 00016384 ____N (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 09:15 - 2015-03-17 07:15 - 00338432 ____N (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 09:15 - 2015-03-17 07:15 - 00064000 ____N (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:15 - 2015-03-17 07:15 - 00031232 ____N (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:15 - 2015-03-17 07:13 - 00146432 ____N (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:15 - 2015-03-17 07:13 - 00060416 ____N (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00686080 ____N (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00006656 ____N (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 07:01 - 03976632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 09:15 - 2015-03-17 06:57 - 00550912 ____N (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00259584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00248832 ____N (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00221184 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00172032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00065536 ____N (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00043008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00022016 ____N (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 09:15 - 2015-03-17 06:57 - 00014336 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 09:15 - 2015-03-17 06:56 - 01114112 ____N (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 09:15 - 2015-03-17 06:56 - 00274944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 09:15 - 2015-03-17 06:56 - 00096768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 09:15 - 2015-03-17 06:56 - 00050176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 09:15 - 2015-03-17 06:56 - 00025600 ____N (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 09:15 - 2015-03-17 06:56 - 00017408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 09:15 - 2015-03-17 06:56 - 00005120 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 09:15 - 2015-03-17 06:53 - 00146432 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 09:15 - 2015-03-17 06:53 - 00060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00686080 ____N (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00006656 ____N (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 05:45 - 00007680 ____N (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 09:15 - 2015-03-17 05:45 - 00002048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 09:15 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:15 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:15 - 2015-03-13 06:32 - 24980480 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:15 - 2015-03-13 06:25 - 02724864 ____N (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:15 - 2015-03-13 06:25 - 00004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:15 - 2015-03-13 06:09 - 00066560 ____N (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:15 - 2015-03-13 06:08 - 00584192 ____N (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:15 - 2015-03-13 06:08 - 00417280 ____N (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:15 - 2015-03-13 06:08 - 00048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:15 - 2015-03-13 06:07 - 02886144 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:15 - 2015-03-13 06:06 - 00088064 ____N (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:15 - 2015-03-13 06:00 - 00054784 ____N (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:15 - 2015-03-13 05:59 - 00034304 ____N (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:15 - 2015-03-13 05:55 - 00633856 ____N (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:15 - 2015-03-13 05:54 - 00144384 ____N (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:15 - 2015-03-13 05:54 - 00114688 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:15 - 2015-03-13 05:53 - 00814080 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:15 - 2015-03-13 05:50 - 06025216 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:15 - 2015-03-13 05:44 - 00968704 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:15 - 2015-03-13 05:42 - 19695616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:15 - 2015-03-13 05:42 - 02724864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:15 - 2015-03-13 05:40 - 00490496 ____N (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:15 - 2015-03-13 05:32 - 00077824 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:15 - 2015-03-13 05:28 - 00503296 ____N (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:15 - 2015-03-13 05:28 - 00062464 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 09:15 - 2015-03-13 05:27 - 00340992 ____N (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:15 - 2015-03-13 05:27 - 00199680 ____N (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:15 - 2015-03-13 05:27 - 00047616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 09:15 - 2015-03-13 05:26 - 00092160 ____N (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:15 - 2015-03-13 05:26 - 00064000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 09:15 - 2015-03-13 05:23 - 00316928 ____N (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:15 - 2015-03-13 05:22 - 02278400 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:15 - 2015-03-13 05:20 - 00047104 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:15 - 2015-03-13 05:20 - 00030720 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 09:15 - 2015-03-13 05:17 - 00478208 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:15 - 2015-03-13 05:16 - 00115712 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:15 - 2015-03-13 05:15 - 00620032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 09:15 - 2015-03-13 05:08 - 00720384 ____N (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:15 - 2015-03-13 05:07 - 00801280 ____N (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:15 - 2015-03-13 05:06 - 00418304 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:15 - 2015-03-13 05:05 - 02125824 ____N (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:15 - 2015-03-13 05:05 - 01359360 ____N (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:15 - 2015-03-13 05:01 - 00060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:15 - 2015-03-13 05:00 - 14397440 ____N (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:15 - 2015-03-13 04:57 - 00168960 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 09:15 - 2015-03-13 04:56 - 00076288 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:15 - 2015-03-13 04:54 - 00285696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:15 - 2015-03-13 04:49 - 04305408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:15 - 2015-03-13 04:45 - 02358784 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:15 - 2015-03-13 04:44 - 00689152 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:15 - 2015-03-13 04:43 - 02052608 ____N (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:15 - 2015-03-13 04:42 - 01155072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 09:15 - 2015-03-13 04:34 - 12825600 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:15 - 2015-03-13 04:33 - 01548288 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:15 - 2015-03-13 04:22 - 00800768 ____N (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:15 - 2015-03-13 04:20 - 01888256 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:15 - 2015-03-13 04:16 - 01311232 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:15 - 2015-03-13 04:14 - 00710144 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 09:15 - 2015-03-04 06:55 - 00367552 ____N (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:15 - 2015-03-04 06:41 - 00079360 ____N (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:15 - 2015-03-04 06:10 - 00058880 ____N (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 09:15 - 2015-02-25 05:18 - 00754688 ____N (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-04-07 12:39 - 2015-04-07 12:39 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2015-04-06 15:31 - 2015-04-06 16:00 - 00001588 ____N () C:\Users\ag\Desktop\Neues Textdokument.txt
2015-04-03 09:34 - 2015-04-03 09:34 - 00137184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 13:00 - 2012-02-25 14:16 - 00003480 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-05-02 13:00 - 2012-02-25 14:16 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-05-02 13:00 - 2012-02-25 14:16 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-05-02 13:00 - 2010-10-27 15:08 - 00005523 _____ () C:\Windows\system32\lvcoinst.log
2015-05-02 12:59 - 2011-03-28 20:36 - 00000632 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2011.job
2015-05-02 12:58 - 2013-07-17 14:10 - 00000650 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2012.job
2015-05-02 12:52 - 2011-07-24 23:01 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 11:52 - 2011-07-24 23:01 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 11:50 - 2009-07-14 06:45 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 11:50 - 2009-07-14 06:45 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 11:45 - 2010-10-26 12:54 - 01099147 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 11:44 - 2012-01-10 17:55 - 00000000 ___RD () C:\Users\ag\Dropbox
2015-05-02 11:44 - 2012-01-10 17:52 - 00000000 ____D () C:\Users\ag\AppData\Roaming\Dropbox
2015-05-02 11:41 - 2011-05-28 12:09 - 00129968 _____ () C:\Windows\setupact.log
2015-05-02 11:41 - 2010-10-26 12:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-02 11:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 10:13 - 2010-10-26 18:06 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-01 12:38 - 2010-10-26 15:40 - 00000000 ____D () C:\SWSHARE
2015-05-01 12:32 - 2010-10-27 10:37 - 00000000 ____D () C:\Users\ag\ARCHITEKTUR
2015-05-01 11:52 - 2010-10-26 12:54 - 00000000 ____D () C:\Users\ag
2015-04-30 17:53 - 2010-10-26 13:39 - 00179708 ____N () C:\Windows\PFRO.log
2015-04-30 17:46 - 2009-07-14 04:34 - 00000215 ____N () C:\Windows\system.ini
2015-04-27 18:09 - 2010-10-27 14:33 - 00000000 ____D () C:\Users\ag\AppData\Roaming\Skype
2015-04-25 16:15 - 2014-10-20 16:19 - 00000991 ____N () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-25 16:15 - 2014-03-31 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-24 09:42 - 2012-01-10 17:55 - 00001017 ____N () C:\Users\ag\Desktop\Dropbox.lnk
2015-04-24 09:42 - 2012-01-10 17:53 - 00000000 ____D () C:\Users\ag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-23 09:28 - 2012-07-09 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 09:33 - 2013-07-17 10:40 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-22 09:33 - 2010-10-26 15:42 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2015-04-22 09:33 - 2010-10-26 15:40 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-04-22 09:33 - 2010-10-26 15:30 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-04-20 09:18 - 2012-02-25 14:16 - 00000528 ____N () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-04-19 18:00 - 2012-02-25 14:16 - 00004220 ____N () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-04-17 00:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 00:11 - 2009-07-14 19:58 - 00700130 ____N () C:\Windows\system32\perfh007.dat
2015-04-17 00:11 - 2009-07-14 19:58 - 00148926 ____N () C:\Windows\system32\perfc007.dat
2015-04-17 00:11 - 2009-07-14 07:13 - 01621148 ____N () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 17:54 - 2010-10-26 19:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 17:53 - 2011-02-21 19:45 - 01598106 ____N () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-12 14:00 - 2010-10-27 14:33 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2012-05-24 20:45 - 2012-09-18 13:11 - 0000132 _____ () C:\Users\ag\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-04-14 12:18 - 2012-04-14 12:19 - 0000132 _____ () C:\Users\ag\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-02-21 23:36 - 2014-12-26 00:48 - 0006656 _____ () C:\Users\ag\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-08-16 21:56 - 2011-08-16 21:56 - 0004096 ____H () C:\Users\ag\AppData\Local\keyfile3.drm
2010-10-27 14:35 - 2010-10-27 14:35 - 0000048 ____H () C:\ProgramData\ezsidmv.dat

ZeroAccess:
C:\Users\ag\AppData\Local\f1646c60
C:\Users\ag\AppData\Local\f1646c60\@

Some content of TEMP:
====================
C:\Users\ag\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprawe4y.dll
C:\Users\ag\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\ag\AppData\Local\Temp\Quarantine.exe
C:\Users\ag\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 12:29

==================== End Of Log ============================
--- --- ---
 

Themen zu DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?
andere, anderen, avg, beitrag, board, email, erhalte, explorer, fake, firefox, hilfe!, infiziert, interne, internet, internet explorer, link, namen, offline, spyware, trojaner, trojaner board, verbindung, versehentlich, virus, wahrscheinlich


« Toshiba Laptop bootet nur noch ins Recovery mit ständig wechselnden korrupten Dateien | Anhang (zip) von gefälschter Email geöffnet - Trojaner eingefangen? »


Ähnliche Themen: DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?


  1. Hab leider einen Link in einer Email angeklickt
    Plagegeister aller Art und deren Bekämpfung - 17.08.2015 (9)
  2. DHL Paketankündigung - Link angeklickt - Rechner verseucht?
    Log-Analyse und Auswertung - 27.05.2015 (17)
  3. DHL-Paketankündigung Mail - versehentlich Link angeklickt
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (9)
  4. DHL-Fake-Email Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (17)
  5. DHL-Paketankündigung-Email Link geöffnet
    Log-Analyse und Auswertung - 11.03.2015 (13)
  6. Windows 7: UPS Paketankündigungsmail bekommen und (leider) Link angeklickt
    Log-Analyse und Auswertung - 09.03.2015 (12)
  7. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (5)
  8. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (8)
  9. Link in verdächtiger Email angeklickt
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (13)
  10. Link angeklickt der von einer gehackten EMail Adresse kam und auf dann auf Seite mit Werbung weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 15.09.2014 (9)
  11. Linux Ubuntu: Link in email angeklickt
    Plagegeister aller Art und deren Bekämpfung - 12.09.2014 (3)
  12. Link in Email angeklickt durch gehackten Mail account
    Log-Analyse und Auswertung - 14.04.2013 (26)
  13. Link in Email angeklickt. PC mit Malware infiziert?
    Log-Analyse und Auswertung - 10.11.2012 (8)
  14. email link angeklickt - ist PC jetzt infiziert?
    Plagegeister aller Art und deren Bekämpfung - 27.08.2012 (11)
  15. Link in einer Email angeklickt! Ist mein Laptop jetzt infiziert?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (17)
  16. Link in eMail angeklickt: PC infiziert?
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (5)
  17. Per ICQ geschickter Link, leider angeklickt. Jetzt Viren.(?)
    Log-Analyse und Auswertung - 22.02.2007 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert? - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01 Ran by ag (administrator) on AG-PC on 02-05-2015 13:09:00 Running from - DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?...
Archiv
Du betrachtest: DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132