Alles klar, hier das FRST Log :dankeschoen:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013 02
Ran by ****** (administrator) on 12-08-2013 18:55:47
Running from C:\Users\******\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Acer\Empowering Technology\SysMonitor.exe
(HiTRUST) C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
() C:\Program Files\Winamp\winampa.exe
(T-Systems International GmbH) C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
() C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) c:\xampp\apache\bin\apache.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
(AVM Berlin) C:\Program Files\Common Files\AVM\de_serv.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(T-Systems International GmbH) C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe
(HiTRSUT) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Apache Software Foundation) C:\xampp\apache\bin\apache.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() c:\xampp\mysql\bin\mysqld-nt.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Windows\system32\PnkBstrB.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(ICQ) C:\Users\******\AppData\Roaming\ICQM\icq.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(AVM Berlin) C:\Program Files\ComCenter\IWatch.exe
() C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Acer Inc.) C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4423680 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [Acer Empowering Technology Monitor] - C:\Acer\Empowering Technology\SysMonitor.exe [319488 2007-01-24] ()
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [464168 2007-02-07] (HiTRUST)
HKLM\...\Run: [WarReg_PopUp] - C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.)
HKLM\...\Run: [Acer Tour Reminder] - C:\Acer\AcerTour\Reminder.exe [151552 2007-02-15] (Acer Inc.)
HKLM\...\Run: [PlayMovie] - C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe [178280 2007-07-13] (CyberLink Corp.)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [37888 2009-03-09] ()
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185896 2008-04-26] (RealNetworks, Inc.)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1822720 2007-03-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [T-Home Dialerschutz-Software] - C:\Program Files\T-Online\Dialerschutz-Software\Defender.exe [1411720 2010-03-29] (T-Systems International GmbH)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe [x]
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKCU Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [ICQ] - C:\Users\******\AppData\Roaming\ICQM\icq.exe [26606072 2013-01-03] (ICQ)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [Acer Tour Reminder] - [x]
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\RunOnce: [RUN] - C:\Windows\Acer_Normal\run_DT.exe [ 2007-04-19] ()
HKU\******\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\******\...\Policies\system: [LogonHoursAction] 2
HKU\******\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk
ShortcutTarget: ISDNWatch.lnk -> C:\Program Files\ComCenter\IWatch.exe (AVM Berlin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PCM Media Sharing.lnk
ShortcutTarget: PCM Media Sharing.lnk -> C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\T-Online\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\T-Online\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\T-Online\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {320A933D-F44D-490A-B19C-0E856CC284BD} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKCU - {54449A85-C3BC-4123-9190-EBDA6CBAA7E3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8
SearchScopes: HKCU - {5C690C58-4580-41B9-BA6C-63FCA058D76D} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tportal&q={searchTerms}&dia=tie8
SearchScopes: HKCU - {6D382378-CE67-4E5D-8661-0C94A5BC11E4} URL = hxxp://rover.ebay.com/rover/1/707-1403-9414-51/4?satitle={searchTerms}
SearchScopes: HKCU - {77274937-5D01-4FB1-B74E-2D470AE5C040} URL = hxxp://dict.leo.org/esde?lp=esde&search={searchTerms}
SearchScopes: HKCU - {8EB4C17A-3193-4F7A-B782-EAFFFD7E8C5A} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline-browser_toolbar3_search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {B161D297-2000-475E-BCA0-C701B6281214} URL = hxxp://preisvergleich.t-online.de/angebote/{searchTerms}?soid=42534758
SearchScopes: HKCU - {BF8CCD3E-9043-4E24-895D-470B02D586FD} URL = hxxp://dict.leo.org/frde?lp=frde&search={searchTerms}
SearchScopes: HKCU - {C0829E5E-9D6C-433E-A3A0-5245E974ECF7} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8
SearchScopes: HKCU - {D5EB2B56-8D33-4F88-98A9-F966457BA0C8} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GGIE_de
SearchScopes: HKCU - {DE112298-3CED-4725-A1AA-12D5B138E94E} URL = hxxp://dict.leo.org/ende?lp=ende&search={searchTerms}
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt - {C9603180-FA5C-4DB0-A013-ADC60309AF82} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll (Deutsche Telekom AG)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
Toolbar: HKLM - Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll (Deutsche Telekom AG)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU -Acer eDataSecurity Management - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
Toolbar: HKCU -Toolbar 3.0 der Telekom - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll (Deutsche Telekom AG)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=13 - C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\******AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\******AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Просмотр HTTP заголовков - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF Extension: FoxyDeal - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: toolbar - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\toolbar@web.de.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\pf3ft4lp.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [lspeaker@lyricsspeaker.net] C:\Program Files\LyricsSpeaker\125.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - hxxp://www.google.de/search?q={searchTerms}
CHR DefaultSuggestURL: (Google) - "suggest_url": ""
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Entanglement) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (AdBlock) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0
CHR Extension: (LyricsSpeaker) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo\1.125_0
CHR Extension: (Poppit) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Lavasoft NewTab) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.10_0
CHR HKLM\...\Chrome\Extension: [kmgeophbbmfgkjghdgfgelpipdoclljo] - C:\Program Files\LyricsSpeaker\125.crx
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [266343 2007-04-04] (CyberLink)
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2006-12-29] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-25] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; c:\xampp\apache\bin\apache.exe [24635 2008-01-18] (Apache Software Foundation)
R2 de_serv; C:\Program Files\Common Files\AVM\de_serv.exe [206128 2007-10-15] (AVM Berlin)
R2 DFSVC; C:\Program Files\T-Online\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512 2007-02-07] (HiTRSUT)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-01-31] (Acer Inc.)
S3 FileZilla Server; c:\xampp\FileZillaFTP\FileZillaServer.exe [586240 2007-12-25] (FileZilla Project)
R2 mysql; c:\xampp\mysql\bin\my.cnf [5291 2008-04-29] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2008-12-22] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2008-12-22] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360 2007-04-09] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 TDslMgrService; C:\Program Files\T-Online\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH)
S2 GWService; C:\Program Files\Ruling Technologies\GameWizardCombo\GWService.exe -service [x]
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2008-06-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64512 2007-08-15] (AVM GmbH)
R2 AVMPORT; C:\Windows\System32\drivers\avmport.sys [66472 2007-06-06] (AVM Berlin)
R3 DFSYS; C:\Program Files\T-Online\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [16448 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 dsltestSp5; C:\Windows\System32\Drivers\dsltestSp5.sys [26816 2007-09-12] (Printing Communications Assoc., Inc. (PCAUSA))
R3 DynCal; C:\Windows\System32\drivers\Dyncal.sys [12928 2007-11-07] (Padix Co., Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2012-12-21] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2012-12-21] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [567936 2007-08-15] (AVM Berlin)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-08-08] (GFI Software)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2008-06-04] ()
S3 MTOnlPktAlyX; C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [19200 2010-08-27] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 NETPPPOI; C:\Windows\System32\DRIVERS\NETPPPOI.SYS [334640 2007-10-15] (AVM Berlin)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20264 2007-02-07] (HiTRUST)
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-02-07] (HiTRUST)
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-02-07] (HiTRUST)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-07] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2011-04-19] ()
R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 UdfReadr; C:\Windows\System32\Drivers\UdfReadr.sys [214656 2002-02-23] (Roxio)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl [39408 2007-08-31] (Cyberlink Corp.)
U3 a496xswu; C:\Windows\System32\Drivers\a496xswu.sys [0 ] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\******\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-12 18:44 - 2013-08-12 18:44 - 00000000 ____D C:\Windows\ERUNT
2013-08-12 18:41 - 2013-08-12 18:41 - 00959697 _____ (Oleg N. Scherbakov) C:\Users\******\Desktop\JRT.exe
2013-08-12 18:36 - 2013-08-12 18:36 - 00001498 _____ C:\Users\******\Desktop\AdwCleaner[S2].txt
2013-08-12 18:30 - 2013-08-12 18:33 - 00001511 _____ C:\AdwCleaner[S2].txt
2013-08-10 16:30 - 2013-08-10 16:30 - 00143568 _____ C:\Windows\Minidump\Mini081013-01.dmp
2013-08-10 11:18 - 2013-05-02 02:06 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-08-09 12:43 - 2013-08-09 13:20 - 00047472 _____ C:\Users\******\Downloads\FRST.txt
2013-08-09 12:43 - 2013-08-09 13:12 - 00030623 _____ C:\Users\******\Downloads\Addition.txt
2013-08-09 12:40 - 2013-08-09 12:40 - 01230104 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-08-09 12:40 - 2013-08-09 12:40 - 00000000 ____D C:\FRST
2013-08-09 12:27 - 2013-08-09 12:27 - 00017648 _____ C:\ComboFix.txt
2013-08-09 12:07 - 2013-08-12 18:28 - 00000000 ____D C:\ComboFix
2013-08-09 12:07 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-09 12:07 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-09 12:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-09 12:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-09 12:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-09 12:07 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-09 12:07 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-09 12:07 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-09 12:05 - 2013-08-09 12:27 - 00000000 ____D C:\Qoobox
2013-08-09 12:04 - 2013-08-09 12:24 - 00000000 ____D C:\Windows\erdnt
2013-08-09 12:03 - 2013-08-09 12:03 - 05100713 ____R (Swearware) C:\Users\******\Downloads\ComboFix.exe
2013-08-09 11:37 - 2013-08-09 11:37 - 00045143 _____ C:\Users\******\AdwCleaner[S1].txt
2013-08-09 11:30 - 2013-08-09 11:33 - 00045143 _____ C:\AdwCleaner[S1].txt
2013-08-08 13:26 - 2013-08-08 13:26 - 00666633 _____ C:\Users\******\Desktop\adwcleaner.exe
2013-08-08 13:04 - 2013-08-08 13:04 - 00000000 ____D C:\Users\******AppData\Roaming\LavasoftStatistics
2013-08-08 12:47 - 2013-08-08 12:47 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-08-08 12:47 - 2013-08-08 12:47 - 00000000 ____D C:\Program Files\Toolbar Cleaner
2013-08-08 12:47 - 2013-08-08 12:47 - 00000000 ____D C:\Program Files\Lavasoft
2013-08-08 12:43 - 2013-08-08 12:43 - 00044424 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-08-08 12:43 - 2013-08-08 12:43 - 00013560 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-08-08 12:42 - 2013-08-08 12:43 - 05616264 _____ (Lavasoft Limited) C:\Users\******\Downloads\Adaware_Installer.exe
2013-08-08 12:09 - 2013-08-08 12:09 - 00001975 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-08 11:53 - 2013-08-08 11:53 - 00000850 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-08 11:50 - 2013-08-08 11:50 - 00282112 _____ (Mozilla) C:\Users\******\Downloads\Firefox Setup Stub 23.0.exe
2013-08-04 19:38 - 2013-08-04 19:38 - 01110476 _____ C:\Users\******\Downloads\7z920.exe
2013-07-27 11:16 - 2013-07-27 11:28 - 00000000 ____D C:\Users\******\Desktop\kirschwein
2013-07-27 10:28 - 2013-07-27 10:28 - 00002077 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-21 17:47 - 2013-07-21 17:46 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 17:47 - 2013-07-21 17:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 17:47 - 2013-07-21 17:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 17:47 - 2013-07-21 17:46 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
==================== One Month Modified Files and Folders =======
2013-08-12 18:51 - 2013-08-12 18:51 - 00004856 _____ C:\Users\******\Desktop\JRT.txt
2013-08-12 18:44 - 2013-08-12 18:44 - 00000000 ____D C:\Windows\ERUNT
2013-08-12 18:41 - 2013-08-12 18:41 - 00959697 _____ (Oleg N. Scherbakov) C:\Users\******\Desktop\JRT.exe
2013-08-12 18:41 - 2008-01-26 23:55 - 01887974 _____ C:\Windows\WindowsUpdate.log
2013-08-12 18:36 - 2013-08-12 18:36 - 00001498 _____ C:\Users\******\Desktop\AdwCleaner[S2].txt
2013-08-12 18:35 - 2013-07-04 12:43 - 00000376 _____ C:\Windows\Tasks\LyricsSpeaker Update.job
2013-08-12 18:34 - 2009-10-05 16:17 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-12 18:34 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-12 18:34 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-12 18:34 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-12 18:33 - 2013-08-12 18:30 - 00001511 _____ C:\AdwCleaner[S2].txt
2013-08-12 18:33 - 2006-11-02 15:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-12 18:30 - 2012-11-03 11:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-12 18:28 - 2013-08-09 12:07 - 00000000 ____D C:\ComboFix
2013-08-12 18:23 - 2009-10-05 16:17 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-10 16:30 - 2013-08-10 16:30 - 00143568 _____ C:\Windows\Minidump\Mini081013-01.dmp
2013-08-10 16:30 - 2012-03-05 20:04 - 140513257 _____ C:\Windows\MEMORY.DMP
2013-08-10 16:30 - 2008-08-31 14:18 - 00000000 ____D C:\Windows\Minidump
2013-08-09 21:53 - 2012-05-29 10:06 - 00000000 ____D C:\Users\******\AppData\Roaming\FileZilla
2013-08-09 13:20 - 2013-08-09 12:43 - 00047472 _____ C:\Users\******\Downloads\FRST.txt
2013-08-09 13:12 - 2013-08-09 12:43 - 00030623 _____ C:\Users\******\Downloads\Addition.txt
2013-08-09 12:40 - 2013-08-09 12:40 - 01230104 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-08-09 12:40 - 2013-08-09 12:40 - 00000000 ____D C:\FRST
2013-08-09 12:31 - 2012-01-15 16:15 - 00011214 _____ C:\Windows\PFRO.log
2013-08-09 12:27 - 2013-08-09 12:27 - 00017648 _____ C:\ComboFix.txt
2013-08-09 12:27 - 2013-08-09 12:05 - 00000000 ____D C:\Qoobox
2013-08-09 12:27 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-08-09 12:27 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-08-09 12:24 - 2013-08-09 12:04 - 00000000 ____D C:\Windows\erdnt
2013-08-09 12:23 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-08-09 12:03 - 2013-08-09 12:03 - 05100713 ____R (Swearware) C:\Users\******\Downloads\ComboFix.exe
2013-08-09 11:37 - 2013-08-09 11:37 - 00045143 _____ C:\Users\******\AdwCleaner[S1].txt
2013-08-09 11:37 - 2008-03-26 14:49 - 00000000 ____D C:\Users\******
2013-08-09 11:33 - 2013-08-09 11:30 - 00045143 _____ C:\AdwCleaner[S1].txt
2013-08-09 11:30 - 2010-03-01 19:37 - 00000000 ____D C:\ProgramData\ICQ
2013-08-09 11:30 - 2009-04-23 13:47 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-08-09 10:40 - 2009-03-24 18:15 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-08-08 19:04 - 2012-09-05 18:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-08 13:26 - 2013-08-08 13:26 - 00666633 _____ C:\Users\******\Desktop\adwcleaner.exe
2013-08-08 13:04 - 2013-08-08 13:04 - 00000000 ____D C:\Users\******\AppData\Roaming\LavasoftStatistics
2013-08-08 12:47 - 2013-08-08 12:47 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-08-08 12:47 - 2013-08-08 12:47 - 00000000 ____D C:\Program Files\Toolbar Cleaner
2013-08-08 12:47 - 2013-08-08 12:47 - 00000000 ____D C:\Program Files\Lavasoft
2013-08-08 12:47 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-08 12:43 - 2013-08-08 12:43 - 00044424 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-08-08 12:43 - 2013-08-08 12:43 - 00013560 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-08-08 12:43 - 2013-08-08 12:42 - 05616264 _____ (Lavasoft Limited) C:\Users\******\Downloads\Adaware_Installer.exe
2013-08-08 12:09 - 2013-08-08 12:09 - 00001975 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-08 12:09 - 2008-04-30 13:04 - 00000000 ____D C:\Program Files\Google
2013-08-08 11:53 - 2013-08-08 11:53 - 00000850 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-08 11:53 - 2008-04-29 16:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-08 11:50 - 2013-08-08 11:50 - 00282112 _____ (Mozilla) C:\Users\******\Downloads\Firefox Setup Stub 23.0.exe
2013-08-07 15:42 - 2013-05-01 12:47 - 00000000 ____D C:\Users\******\Documents\Online-BankingPlus
2013-08-04 19:38 - 2013-08-04 19:38 - 01110476 _____ C:\Users\******\Downloads\7z920.exe
2013-08-04 19:32 - 2008-04-11 13:25 - 00226816 _____ C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-04 12:59 - 2006-11-02 12:33 - 01481286 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 19:21 - 2009-04-04 18:52 - 00000000 ____D C:\Users\******\AppData\Roaming\Winamp
2013-07-27 11:28 - 2013-07-27 11:16 - 00000000 ____D C:\Users\******\Desktop\kirschwein
2013-07-27 10:28 - 2013-07-27 10:28 - 00002077 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-21 17:46 - 2013-07-21 17:47 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 17:46 - 2013-07-21 17:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 17:46 - 2013-07-21 17:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 17:46 - 2013-07-21 17:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-21 17:46 - 2012-09-06 16:36 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-07-21 17:46 - 2011-09-13 19:27 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 17:46 - 2011-09-13 19:25 - 00000000 ____D C:\Program Files\Java
2013-07-20 16:51 - 2013-05-09 10:31 - 00000000 ____D C:\Users\******\Desktop\N2l
2013-07-15 16:59 - 2013-06-08 11:31 - 00188072 _____ C:\Windows\DPINST.LOG
2013-07-14 11:01 - 2012-04-10 16:51 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-14 11:01 - 2011-08-27 20:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-14 11:01 - 2008-03-26 15:48 - 00000000 ____D C:\Users\******\AppData\Local\Adobe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-12 18:43
==================== End Of Log ============================ --- --- --- |