Sorry fr die versptete Antwort!!
Logfile von FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Thomas (administrator) on THOMAS-VAIO on 06-01-2014 15:30:36
Running from C:\Users\Thomas\Desktop\Viren-Beseitigung
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exeac
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\SLManagerEasy\Inputps.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\SONY\Reader\Data\bin\launcher\eBook Library Launcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9636896 2009-12-16] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [208384 2009-11-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-01-01] (Sun Microsystems, Inc.)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MarketingTools] - C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe [26624 2009-01-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-09-10] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Blackcomb] - C:\Program Files (x86)\Samsung Connection Manager\ModemPnPService.exe [131072 2011-02-11] (Samsung Electronics.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-18] (Apple Inc.)
HKLM-x32\...\Run: [eBook Library Launcher] - C:\Program Files (x86)\SONY\Reader\Data\bin\launcher\eBook Library Launcher.exe [902440 2009-07-03] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2014-01-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2013-12-20] (APN)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Users\Thomas\AppData\Roaming\appConf32.exe,C:\Users\Thomas\AppData\Roaming\jabconf32.exe, [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Thomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-22] (Facebook Inc.)
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=790C2CC8-A335-48AA-AEB3-118EC7308978&ind=2013092113&n=77fd5911&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^YYA^de&si=flvrunner&ptb=790C2CC8-A335-48AA-AEB3-118EC7308978&ind=2013092113&n=77fd5911&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - ŸZ’2pvI�*X(Ž2s��(Jӵ �v˰!—(48и�patm6o�^Mp`�_iw˜!„�†x8€j*;a�[†8*~Rxœ8'-)�x** URL =
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default
FF SelectedSearchEngine: Hola Search
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Thomas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: VideoDownloadConverter - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\Extensions\4zffxtbr-bs@VideoDownloadConverter_4z.com
FF Extension: No Name - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\Extensions\8hffxtbr@Allin1Convert_8h.com
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2014-01-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2014-01-01] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 bufssvr; C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe [90112 2010-03-12] (BUFFALO INC.)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
R2 6077757b; C:\Windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-01-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-01-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 C2XXCOM; C:\Windows\System32\DRIVERS\C2XXCOM76.sys [49920 2010-08-09] (Samsung Electronics)
S3 C2xxUSB; C:\Windows\System32\DRIVERS\C2xxUSB76.sys [46080 2010-11-04] (Samsung Electronics)
S3 C2xxUsbStorage; C:\Windows\System32\DRIVERS\C2xSTR76.sys [9216 2010-06-10] (Samsung Electronics)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-06 14:05 - 2014-01-06 14:05 - 00025997 _____ C:\ComboFix.txt
2014-01-06 12:35 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-06 12:35 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-06 12:35 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-06 12:35 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-06 12:35 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-06 12:35 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-06 12:35 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-06 12:35 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-06 12:31 - 2014-01-06 14:05 - 00000000 ____D C:\Qoobox
2014-01-06 12:30 - 2014-01-06 13:06 - 00000000 ____D C:\Windows\erdnt
2014-01-04 01:19 - 2014-01-04 01:22 - 00000000 ____D C:\AdwCleaner
2014-01-03 03:02 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-03 03:02 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-03 03:02 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-03 03:02 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-03 01:03 - 2014-01-03 01:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf08172e6a9e70.job
2014-01-02 10:35 - 2014-01-06 15:30 - 00000000 ____D C:\Users\Thomas\Desktop\Viren-Beseitigung
2014-01-02 10:28 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-02 10:28 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-02 10:28 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-02 10:28 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-02 10:28 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-02 10:28 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-02 10:28 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-02 10:27 - 2014-01-02 10:27 - 00000286 ____H C:\Windows\Tasks\User_Feed_Synchronization-{D30B1914-6D71-46E4-813A-B2B3835BF810}.job
2014-01-02 10:27 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-02 10:27 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-02 10:27 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-02 10:27 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-02 10:27 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-01-02 10:27 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-02 10:27 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-02 10:27 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-02 10:27 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-01-02 10:27 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-02 10:27 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-02 10:27 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-02 03:09 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-02 03:04 - 2014-01-02 03:04 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-02 03:04 - 2014-01-02 03:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-02 03:04 - 2014-01-02 03:04 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-02 03:04 - 2014-01-02 03:04 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-02 03:04 - 2014-01-02 03:04 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-02 03:04 - 2014-01-02 03:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-02 03:04 - 2014-01-02 03:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-02 03:04 - 2014-01-02 03:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-02 03:04 - 2014-01-02 03:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-02 03:04 - 2014-01-02 03:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-02 03:04 - 2014-01-02 03:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-01 16:17 - 2014-01-02 03:09 - 00017589 _____ C:\Windows\IE11_main.log
2014-01-01 13:59 - 2014-01-06 15:30 - 00000000 ____D C:\FRST
==================== One Month Modified Files and Folders =======
2014-01-06 15:30 - 2014-01-02 10:35 - 00000000 ____D C:\Users\Thomas\Desktop\Viren-Beseitigung
2014-01-06 15:30 - 2014-01-01 13:59 - 00000000 ____D C:\FRST
2014-01-06 14:05 - 2014-01-06 14:05 - 00025997 _____ C:\ComboFix.txt
2014-01-06 14:05 - 2014-01-06 12:31 - 00000000 ____D C:\Qoobox
2014-01-06 13:50 - 2009-01-01 18:26 - 00000215 _____ C:\Windows\system.ini
2014-01-06 13:45 - 2009-01-01 03:02 - 01534689 _____ C:\Windows\WindowsUpdate.log
2014-01-06 13:12 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-06 13:06 - 2014-01-06 12:30 - 00000000 ____D C:\Windows\erdnt
2014-01-06 12:47 - 2011-01-28 20:03 - 00000000 ____D C:\Users\Thomas
2014-01-04 03:02 - 2009-07-14 05:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 03:02 - 2009-07-14 05:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 01:29 - 2009-07-14 06:13 - 01507406 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 01:29 - 2009-01-01 02:56 - 00657910 _____ C:\Windows\system32\perfh007.dat
2014-01-04 01:29 - 2009-01-01 02:56 - 00131250 _____ C:\Windows\system32\perfc007.dat
2014-01-04 01:26 - 2013-08-20 09:12 - 00000000 ___RD C:\Users\Thomas\Dropbox
2014-01-04 01:26 - 2013-08-20 09:10 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Dropbox
2014-01-04 01:23 - 2009-01-01 18:26 - 00156290 _____ C:\Windows\setupact.log
2014-01-04 01:22 - 2014-01-04 01:19 - 00000000 ____D C:\AdwCleaner
2014-01-04 01:22 - 2011-06-04 17:50 - 00000000 ____D C:\ProgramData\ICQ
2014-01-03 03:20 - 2009-07-14 05:45 - 00446640 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-03 03:18 - 2009-01-01 03:00 - 00693530 _____ C:\Windows\PFRO.log
2014-01-03 03:01 - 2011-03-16 08:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-03 01:03 - 2014-01-03 01:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf08172e6a9e70.job
2014-01-02 10:27 - 2014-01-02 10:27 - 00000286 ____H C:\Windows\Tasks\User_Feed_Synchronization-{D30B1914-6D71-46E4-813A-B2B3835BF810}.job
2014-01-02 03:30 - 2011-01-28 20:04 - 00001421 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-02 03:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-02 03:09 - 2014-01-01 16:17 - 00017589 _____ C:\Windows\IE11_main.log
2014-01-02 03:04 - 2014-01-02 03:04 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-02 03:04 - 2014-01-02 03:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-02 03:04 - 2014-01-02 03:04 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-02 03:04 - 2014-01-02 03:04 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-02 03:04 - 2014-01-02 03:04 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-02 03:04 - 2014-01-02 03:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-02 03:04 - 2014-01-02 03:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-02 03:04 - 2014-01-02 03:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-02 03:04 - 2014-01-02 03:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-02 03:04 - 2014-01-02 03:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-02 03:04 - 2014-01-02 03:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-02 03:04 - 2014-01-02 03:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-02 03:04 - 2014-01-02 03:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-01 16:25 - 2013-08-21 11:33 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-01 16:25 - 2013-08-21 11:28 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-01 16:25 - 2013-08-21 11:28 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-01 16:04 - 2011-01-28 20:04 - 00000000 ___RD C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-21 23:19
==================== End Of Log ============================
--- --- ---
Combofix Code:
ComboFix 14-01-04.03 - Thomas 06.01.2014 13:40:02.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3950.2100 [GMT 1:00]
ausgefhrt von:: c:\users\Thomas\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-06 bis 2014-01-06 ))))))))))))))))))))))))))))))
.
.
2014-01-06 12:50 . 2014-01-06 12:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-06 11:38 . 2014-01-06 11:38 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEEBB7D1-026F-44AD-A0E3-089C3033F572}\offreg.dll
2014-01-04 00:19 . 2014-01-04 00:22 -------- d-----w- C:\AdwCleaner
2014-01-03 09:22 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEEBB7D1-026F-44AD-A0E3-089C3033F572}\mpengine.dll
2014-01-03 02:02 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-03 02:02 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-01-03 02:02 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-01-03 02:02 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-01-03 02:02 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-01-02 09:28 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-01-02 09:28 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-01-02 09:28 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2014-01-02 09:28 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-01-02 09:28 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-02 09:28 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-01-02 09:28 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-01-02 09:27 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-01-02 09:27 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-01-02 09:27 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-01-02 09:27 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-01-02 09:27 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-01-02 09:27 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2014-01-02 09:27 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2014-01-02 09:27 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-01-02 09:27 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2014-01-02 09:27 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2014-01-02 09:27 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2014-01-02 09:27 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2014-01-02 02:09 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-01-01 12:59 . 2014-01-02 09:29 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-01 15:25 . 2013-08-21 10:33 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-01-01 15:25 . 2013-08-21 10:28 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-01-01 15:25 . 2013-08-21 10:28 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-11-26 11:25 . 2011-03-30 16:05 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-26 09:21 . 2013-08-21 10:28 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-10-12 02:30 . 2013-11-13 11:05 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 11:05 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 11:05 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 11:05 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 11:05 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintrge & legitime Standardeintrge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-12-20 19:17 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-12-20 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Thomas\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-22 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-13 98304]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-01-01 26624]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-09-10 99696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Blackcomb"="c:\program files (x86)\Samsung Connection Manager\ModemPnPService.exe" [2011-02-11 131072]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-18 152392]
"eBook Library Launcher"="c:\program files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe" [2009-07-03 902440]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-01-01 684600]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-12-20 1778640]
.
c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,c:\users\Thomas\AppData\Roaming\appConf32.exe,c:\users\Thomas\AppData\Roaming\jabconf32.exe,"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 C2XXCOM;LTE/HSPA COM Port USB Device;c:\windows\system32\DRIVERS\C2XXCOM76.sys;c:\windows\SYSNATIVE\DRIVERS\C2XXCOM76.sys [x]
R3 C2xxUSB;Samsung CMC2xx USB Network Driver;c:\windows\system32\DRIVERS\C2xxUSB76.sys;c:\windows\SYSNATIVE\DRIVERS\C2xxUSB76.sys [x]
R3 C2xxUsbStorage;Samsung CMC2xx USB LTE Storage Driver;c:\windows\system32\DRIVERS\C2xSTR76.sys;c:\windows\SYSNATIVE\DRIVERS\C2xSTR76.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 6077757b;6077757b;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 bufssvr;bufssvr;c:\program files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe;c:\program files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-901852694-1798116289-1978641750-1000Core.job
- c:\users\Thomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-21 08:32]
.
2013-08-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-901852694-1798116289-1978641750-1000UA.job
- c:\users\Thomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-21 08:32]
.
2014-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf08172e6a9e70.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-01-01 02:08]
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-01-01 02:08]
.
2014-01-02 c:\windows\Tasks\User_Feed_Synchronization-{D30B1914-6D71-46E4-813A-B2B3835BF810}.job
- c:\windows\system32\msfeedssync.exe [2014-01-02 02:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-12-20 19:17 13776 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" [2013-12-20 13776]
.
[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-01 171520]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Zustzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: Bild an &Bluetooth-Gert senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gert senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}: NameServer = 192.168.2.1
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\4584F4D41435D2651494F4F5E4564777F627B6: NameServer = 192.168.2.1
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\5416379724F687D2636333341303: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\
FF - prefs.js: browser.search.selectedEngine - Hola Search
FF - ExtSQL: !HIDDEN! 2013-09-21 19:31; 8hffxtbr@Allin1Convert_8h.com; c:\program files (x86)\Allin1Convert_8h\bar\1.bin
.
- - - - Entfernte verwaiste Registrierungseintrge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-06 14:04:58
ComboFix-quarantined-files.txt 2014-01-06 13:04
ComboFix2.txt 2014-01-06 12:12
.
Vor Suchlauf: 21 Verzeichnis(se), 400.767.692.800 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 400.456.286.208 Bytes frei
.
- - End Of File - - CBE9E6781AE59260F79241DE05C61253
adw cleaner: Code:
# AdwCleaner v3.016 - Bericht erstellt am 04/01/2014 um 01:22:24
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Thomas - THOMAS-VAIO
# Gestartet von : C:\Users\Thomas\Desktop\adwcleaner.exe
# Option : Lschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelscht : C:\Program Files (x86)\Iminent
Ordner Gelscht : C:\Program Files (x86)\jZip
Ordner Gelscht : C:\Program Files (x86)\FLV_Runner
Ordner Gelscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelscht : C:\Users\Thomas\AppData\Local\iac
Ordner Gelscht : C:\Users\Thomas\AppData\Local\jZip
Ordner Gelscht : C:\Users\Thomas\AppData\Local\Temp\AskSearch
Ordner Gelscht : C:\Users\Thomas\AppData\Local\Temp\boost_interprocess
Ordner Gelscht : C:\Users\Thomas\AppData\Local\Temp\Iminent
Ordner Gelscht : C:\Users\Thomas\AppData\Local\Temp\jZip
Ordner Gelscht : C:\Users\Thomas\AppData\Local\Temp\Smartbar
Ordner Gelscht : C:\Users\Thomas\AppData\LocalLow\holasearch
Ordner Gelscht : C:\Users\Thomas\AppData\LocalLow\FLV_Runner
Ordner Gelscht : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\Extensions\ffxtlbr@holasearch.com
Datei Gelscht : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\Extensions\webbooster@iminent.com.xpi
Datei Gelscht : C:\Windows\System32\roboot64.exe
Datei Gelscht : C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gelscht : C:\Users\Thomas\Desktop\jZip.lnk
Datei Gelscht : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\searchplugins\holasearch.xml
Datei Gelscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\StartWeb.xml
Datei Gelscht : C:\Windows\System32\Tasks\BrowserProtect
Datei Gelscht : C:\Windows\System32\Tasks\EPUpdater
Datei Gelscht : C:\Windows\System32\Tasks\PC Performer
Datei Gelscht : C:\Windows\Tasks\PC Performer_DEFAULT.job
Datei Gelscht : C:\Windows\System32\Tasks\PC Performer_DEFAULT
Datei Gelscht : C:\Windows\Tasks\PC Performer_UPDATES.job
Datei Gelscht : C:\Windows\System32\Tasks\PC Performer_UPDATES
Datei Gelscht : C:\Windows\System32\Tasks\RegClean Pro
***** [ Verknpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlssel Gelscht : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlssel Gelscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlssel Gelscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlssel Gelscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlssel Gelscht : HKLM\SOFTWARE\Classes\jZip.file
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Schlssel Gelscht : HKCU\Software\fe8ad8b638ee49
Schlssel Gelscht : HKLM\SOFTWARE\fe8ad8b638ee49
Schlssel Gelscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\AppID\{58B41DCD-55B2-48EB-A55A-E330070FFC00}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\CLSID\{07CEA379-7178-4758-9C80-969876E32395}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlssel Gelscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CEA379-7178-4758-9C80-969876E32395}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07CEA379-7178-4758-9C80-969876E32395}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD19E8A2-8024-4030-B2E8-E85888DFD2FC}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9C6B54F-9AD5-454A-9367-28AB345CFD79}
Schlssel Gelscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Wert Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}]
Wert Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Wert Gelscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Wert Gelscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlssel Gelscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlssel Gelscht : HKCU\Software\jZip
Schlssel Gelscht : HKCU\Software\FLV_Runner
Schlssel Gelscht : HKCU\Software\AppDataLow\Software\Conduit
Schlssel Gelscht : HKCU\Software\AppDataLow\Software\FLV_Runner
Schlssel Gelscht : HKLM\Software\DeviceVM
Schlssel Gelscht : HKLM\Software\ICQ\ICQToolbar
Schlssel Gelscht : HKLM\Software\jZip
Schlssel Gelscht : HKLM\Software\FLV_Runner
Schlssel Gelscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{491C9A4E-6E50-4B53-911D-861BA8DA3C21}
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\toolplugin
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlssel Gelscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar
Schlssel Gelscht : [x64] HKLM\SOFTWARE\DeviceVM
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v11.0 (de)
[ Datei : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\m2ghze7x.default\prefs.js ]
Zeile gelscht : user_pref("extensions.enabledAddons", "webbooster@iminent.com:7.41.2.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:11.0");
Zeile gelscht : user_pref("extensions.holasearch.admin", false);
Zeile gelscht : user_pref("extensions.holasearch.aflt", "babsst");
Zeile gelscht : user_pref("extensions.holasearch.appId", "{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}");
Zeile gelscht : user_pref("extensions.holasearch.autoRvrt", "false");
Zeile gelscht : user_pref("extensions.holasearch.dfltLng", "de");
Zeile gelscht : user_pref("extensions.holasearch.excTlbr", false);
Zeile gelscht : user_pref("extensions.holasearch.ffxUnstlRst", false);
Zeile gelscht : user_pref("extensions.holasearch.id", "d8d124280000000000002a8158fa0218");
Zeile gelscht : user_pref("extensions.holasearch.instlDay", "15888");
Zeile gelscht : user_pref("extensions.holasearch.instlRef", "sst");
Zeile gelscht : user_pref("extensions.holasearch.newTab", false);
Zeile gelscht : user_pref("extensions.holasearch.prdct", "holasearch");
Zeile gelscht : user_pref("extensions.holasearch.prtnrId", "holasearch");
Zeile gelscht : user_pref("extensions.holasearch.rvrt", "false");
Zeile gelscht : user_pref("extensions.holasearch.smplGrp", "none");
Zeile gelscht : user_pref("extensions.holasearch.tlbrId", "base");
Zeile gelscht : user_pref("extensions.holasearch.tlbrSrchUrl", "");
Zeile gelscht : user_pref("extensions.holasearch.vrsn", "1.8.16.16");
Zeile gelscht : user_pref("extensions.holasearch.vrsnTs", "1.8.16.1614:00:21");
Zeile gelscht : user_pref("extensions.holasearch.vrsni", "1.8.16.16");
Zeile gelscht : user_pref("iminent.LayoutId", "1");
Zeile gelscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelscht : user_pref("iminent.displayFavLinks", "1");
Zeile gelscht : user_pref("iminent.registerToolbarEvent101", "1381597230039");
Zeile gelscht : user_pref("iminent.registerToolbarEvent102", "1381593601823");
Zeile gelscht : user_pref("iminent.version", "7.41.2.1");
Zeile gelscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.33.3.1\",\"InstallEventCTime\":1376939623395,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1385287886904}");
*************************
AdwCleaner[R0].txt - [24405 octets] - [04/01/2014 01:21:08]
AdwCleaner[S0].txt - [23879 octets] - [04/01/2014 01:22:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23940 octets] ##########
|
+ R Taste und schreibe notepad in das Ausfhren Fenster.
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 