| unknownname | 24.06.2013 08:41 |
Hallo schrauber,
heute ist der PC nicht abgestürzt beim Abmelden als Admin und beim Hochfahren wurden beide Platten als Member-Disk(0) angezeigt. Das RAID scheint also auch wieder in Ordnung zu sein. Nur die Mails und die Serveranwendung ist noch da, wobei die Anwendung laut G Data in C:\Windows\System32\ liegt und bei den Mails anscheinend keine neuen verdoppelt wurden. Das Mailproblem müsste also eigentlich durch einfaches Löschen behoben sein.
Hier die FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by unknownname (administrator) on 24-06-2013 09:29:09
Running from C:\Users\unknownname\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Team Foundation Server 11.0\Application Tier\TfsJobAgent\TfsJobAgent.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216 2012-07-23] (Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444304 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\unknownname\...\Run: [PureSync] "C:\Program Files (x86)\PureSync\PureSyncTray.exe" [x]
Startup: C:\Users\unknownname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
ShortcutTarget: Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Startup: C:\Users\unknownname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\unknownname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKCU - {5BCCD8D7-E3F3-4411-8E95-6DA19C170DB1} URL = hxxp://www.google.de/search?q={searchTerms}
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\unknownname\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\unknownname\AppData\Roaming\HomeTab\HomeTab.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{8F511CA4-930F-47CA-9326-B3A0CB101CDA}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\unknownname\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ebs2d.default
FF Homepage: about:home
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: HomeTab - C:\Users\unknownname\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ebs2d.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: No Name - C:\Users\unknownname\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ebs2d.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\unknownname\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ebs2d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR RestoreOnStartup: "about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Plugin: ({"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"}) - {"extensions":{"settings":{"fgibjgmnimooanbagcfpnkmngejcojaf":{"ack_external":true}, "hcemhggbahmlmhgnbpbbdaklcojhbecn":{"from_bookmark":false, "location":1, "state":0, "was_installed_by_default":false, "install_time":"12997874066957085", "manifest":{"update_url":"hxxp://vz.iminent.com/vz/2FE796A5-06CC-48F6-8C8F-BDCC0ABB0D92/100/update.xml", "manifest_version":2, "description":"Iminent Toolbar", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqN+f19a393XEPY3ZeszTI4akZ3kSyfXNUW/EBCi17jWnQx4XusqnyllCnGfXP/cvCrW+yLW0ls0rpBYfv9PPsG8Vg8wF+XyHLZRzwxApKg4IZSMQcsTmkyHp0r544yw5gpXxas3iVkEfajt7/is0glbc2N3QTg03nFXb9n/9O3QIDAQAB", "name":"Iminent Toolbar", "version":"2.0.0.0"}, "from_webstore":false, "path":"hcemhggbahmlmhgnbpbbdaklcojhbecn\2.0.0.0_0", "disable_reason":1}}}, "browser":{"show_home_button":true}, "homepage":"about:newtab?source=home", "session":{"urls_to_restore_on_startup":["about:newtab?source=home"], "restore_on_startup":4}, "homepage_is_newtabpage":"true"} No File
CHR Extension: () - C:\Users\unknownname\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0\manifest.json
==================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2556896 2013-04-24] (G Data Software AG)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2926672 2013-03-22] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation)
R2 MySQL55; C:\ProgramData\MySQL\MySQL Server 5.5\my.ini [9171 2012-05-14] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 TFSJobAgent; C:\Program Files\Microsoft Team Foundation Server 11.0\Application Tier\TfsJobAgent\TfsJobAgent.exe [41432 2012-11-06] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-12] (DT Soft Ltd)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-12] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-12] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon64.sys [31448 2011-12-10] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon64.sys [31448 2011-12-10] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-05-01] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-12] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-05-01] (G Data Software)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-05-01] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-12] (G Data Software AG)
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [34472 2010-03-24] (Intel Corporation )
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS;
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-24 09:28 - 2013-06-24 09:28 - 01931364 ____A (Farbar) C:\Users\unknownname\Desktop\FRST64.exe
2013-06-23 22:19 - 2013-06-23 22:19 - 00287168 ____A C:\Windows\Minidump\062313-25740-01.dmp
2013-06-23 11:15 - 2013-06-23 11:28 - 00000716 ____A C:\SystemLook.txt
2013-06-22 20:17 - 2013-06-22 20:17 - 00000000 ____A C:\Windows\SysWOW64\REN1E0D.tmp
2013-06-22 20:17 - 2013-06-22 20:17 - 00000000 ____A C:\Windows\SysWOW64\REN1E0C.tmp
2013-06-22 20:17 - 2013-06-22 20:17 - 00000000 ____A C:\Windows\SysWOW64\REN1E0B.tmp
2013-06-22 20:15 - 2013-06-22 20:15 - 00000000 ____D C:\Users\unknownname\Downloads\JavaRa-2.2
2013-06-22 20:11 - 2013-06-22 20:11 - 00150667 ____A C:\Users\unknownname\Downloads\JavaRa-2.2.zip
2013-06-22 19:32 - 2013-06-22 19:32 - 00002260 ____A C:\06222013_193144.log
2013-06-22 19:29 - 2013-06-22 19:29 - 00000000 ____D C:\_OTL
2013-06-22 19:24 - 2013-06-22 19:24 - 00116779 ____A C:\Users\unknownname\Desktop\SoftwareUpdater.Ui.exe und ibsvc.exe - Seite 2 - Trojaner-Board.htm
2013-06-22 19:24 - 2013-06-22 19:24 - 00000000 ____D C:\Users\unknownname\Desktop\SoftwareUpdater.Ui.exe und ibsvc.exe - Seite 2 - Trojaner-Board-Dateien
2013-06-22 19:23 - 2013-06-22 19:23 - 00602112 ____A (OldTimer Tools) C:\Users\unknownname\Desktop\OTL.exe
2013-06-22 14:50 - 2013-06-22 14:50 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 14:31 - 2013-06-22 14:32 - 19677152 ____A (Mozilla) C:\Users\unknownname\Downloads\Thunderbird Setup 17.0.6.exe
2013-06-22 14:31 - 2013-06-22 14:31 - 31714216 ____A (Oracle Corporation) C:\Users\unknownname\Downloads\jre-7u25-windows-i586.exe
2013-06-22 14:27 - 2013-06-22 14:27 - 00903080 ____A (Oracle Corporation) C:\Users\unknownname\Downloads\jxpiinstall.exe
2013-06-22 14:19 - 2013-06-22 14:19 - 00000087 ____A C:\Users\unknownname\Desktop\cmd.txt
2013-06-22 14:18 - 2013-06-22 14:18 - 00165376 ____A C:\Users\unknownname\Desktop\SystemLook_x64.exe
2013-06-21 21:26 - 2013-06-21 21:35 - 00057747 ____A C:\FRST (2).txt
2013-06-21 21:23 - 2013-06-21 21:23 - 00001077 ____A C:\checkup.txt
2013-06-21 20:19 - 2013-06-21 21:31 - 00001491 ____A C:\ESET.txt
2013-06-21 08:38 - 2013-06-21 08:38 - 00890839 ____A C:\Users\unknownname\Desktop\SecurityCheck.exe
2013-06-21 08:37 - 2013-06-21 08:38 - 02347384 ____A (ESET) C:\Users\unknownname\Desktop\esetsmartinstaller_enu.exe
2013-06-20 19:53 - 2013-06-20 19:53 - 00022995 ____A C:\Users\unknownname\Desktop\AdwCleaner[S1].txt
2013-06-20 19:46 - 2013-06-20 19:58 - 00057070 ____A C:\FRST.txt
2013-06-20 19:42 - 2013-06-20 19:59 - 00001567 ____A C:\JRT.txt
2013-06-20 19:37 - 2013-06-20 19:37 - 00000000 ____D C:\Windows\ERUNT
2013-06-20 19:36 - 2013-06-20 19:36 - 00000000 ____D C:\JRT
2013-06-20 19:30 - 2013-06-20 19:30 - 00022772 ____A C:\AdwCleaner[S1].txt
2013-06-20 19:24 - 2013-06-20 19:24 - 00648201 ____A C:\Users\unknownname\Desktop\adwcleaner(1).exe
2013-06-20 19:24 - 2013-06-20 19:24 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\unknownname\Desktop\JRT.exe
2013-06-20 18:10 - 2013-06-20 18:10 - 00041947 ____A C:\Users\unknownname\Desktop\ComboFixCorrected.txt
2013-06-20 15:17 - 2013-06-20 15:17 - 00041790 ____A C:\ComboFix.txt
2013-06-20 13:04 - 2013-06-20 15:17 - 00000000 ____D C:\Qoobox
2013-06-20 13:04 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-20 13:04 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-20 13:04 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-20 13:04 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-20 13:04 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-20 13:04 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-20 13:04 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-20 13:04 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-20 13:03 - 2013-06-20 15:14 - 00000000 ____D C:\Windows\erdnt
2013-06-20 12:59 - 2013-06-20 12:59 - 05081021 ____R (Swearware) C:\Users\unknownname\Desktop\ComboFix.exe
2013-06-19 20:00 - 2013-06-19 20:06 - 00032226 ____A C:\Users\unknownname\Desktop\Addition.txt
2013-06-19 20:00 - 2013-06-19 20:03 - 00035914 ____A C:\Users\unknownname\Desktop\FRST.txt
2013-06-19 19:58 - 2013-06-19 19:58 - 00000000 ____D C:\FRST
2013-06-19 19:14 - 2013-06-19 19:14 - 00700783 ____A (Swearware) C:\Users\unknownname\Downloads\dds+.exe
2013-06-19 19:13 - 2013-06-19 19:13 - 00648201 ____A C:\Users\unknownname\Downloads\adwcleaner.exe
2013-06-18 13:01 - 2013-06-18 13:02 - 00000000 ____D C:\Users\unknownname\AppData\Local\{920A4F92-FDED-4C94-85F6-F4A5245C10F3}
2013-06-16 14:56 - 2013-06-16 14:56 - 00000000 ____D C:\Users\unknownname\AppData\Local\{E9F722AC-2DA3-427D-A9E7-10EFAECB1649}
2013-06-12 21:03 - 2013-06-12 21:03 - 00000000 ____D C:\Program Files (x86)\Team Tools
2013-06-12 21:03 - 2013-06-12 21:03 - 00000000 ____D C:\Program Files (x86)\Common7
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\Program Files\iTunes
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\Program Files\iPod
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-12 20:06 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 20:06 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 20:06 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 20:06 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 20:06 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 20:06 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 20:06 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 20:06 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 20:06 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 20:06 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 20:06 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 20:06 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 20:06 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 20:05 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 20:05 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 20:05 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 20:05 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 20:05 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 20:05 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 20:05 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 20:05 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 20:05 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 20:05 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 20:05 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 20:05 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 19:52 - 2013-06-12 19:52 - 00000000 ____D C:\Users\unknownname\AppData\Local\{CA05EF1B-FD3C-4EB6-A7C4-861A3E7F8B55}
2013-06-12 19:50 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 19:50 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 19:50 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 19:50 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 19:50 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 19:50 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 19:50 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 19:50 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 19:50 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 19:50 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 19:50 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 19:50 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 19:50 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 19:50 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 19:50 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 19:50 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 19:50 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 19:50 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 19:50 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 16:06 - 2013-06-11 16:06 - 00000000 ____D C:\Users\unknownname\AppData\Local\{930DE47D-4A74-4C04-B572-2B6946B93C02}
2013-06-10 17:05 - 2013-06-10 17:05 - 00000000 ____D C:\Users\unknownname\AppData\Local\{3F15F85A-C5DF-4E83-B3EF-E02B026A0201}
2013-06-03 11:22 - 2013-06-03 11:22 - 00000000 ____D C:\Users\unknownname\AppData\Roaming\OpenOffice.org
2013-06-03 11:06 - 2013-06-03 11:08 - 152249762 ____A C:\Users\unknownname\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
2013-06-03 10:57 - 2013-06-03 10:57 - 06529210 ____A C:\Users\unknownname\Downloads\dict-en.oxt
2013-06-03 10:42 - 2012-05-23 11:57 - 00183144 ___AT (Marvell Semiconductor, Inc.) C:\Windows\System32\Drivers\mv61xx.sys
2013-06-03 10:42 - 2012-05-23 11:57 - 00014696 ___AT (Marvell Semiconductor Inc.) C:\Windows\System32\Drivers\mv61xxmm.sys
2013-06-03 10:42 - 2009-09-14 19:14 - 00041984 ___AT (<Marvell>) C:\Windows\System32\mvcoinst.dll
2013-06-03 10:27 - 2013-06-03 10:27 - 21151576 ____A (Mozilla) C:\Users\unknownname\Downloads\Firefox Setup 21.0.exe
2013-06-03 09:39 - 2013-06-03 09:39 - 03234774 ____A C:\Users\unknownname\Downloads\dict-de_DE-igerman98_2011-06-21.oxt
2013-06-03 09:38 - 2013-06-03 09:38 - 04606812 ____A C:\Users\unknownname\Downloads\dict-de_DE-frami_2012-06-17.oxt
2013-06-02 20:40 - 2013-06-02 20:40 - 00000000 ____D C:\Program Files\IDT
2013-06-02 20:20 - 2013-06-03 10:02 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-06-02 20:20 - 2013-06-02 20:20 - 00000000 ____D C:\Users\unknownname\Documents\Freemium Driver Utilities
2013-06-02 20:17 - 2013-06-02 20:17 - 00000000 ____D C:\Users\unknownname\AppData\Local\DownloadGuide
2013-06-02 20:07 - 2013-06-02 20:07 - 00000000 ____D C:\Users\unknownname\AppData\Local\Freemium
2013-06-02 19:56 - 2013-06-13 05:58 - 00031816 ____A C:\Windows\Launcher.exe
2013-06-02 19:53 - 2013-06-02 19:53 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-05-31 22:08 - 2013-05-31 22:08 - 00000435 ____A C:\Users\unknownname\Desktop\vgn.txt
2013-05-31 16:05 - 2013-05-31 16:05 - 00000000 ____D C:\Users\unknownname\AppData\Local\{BBC3CC0C-FFC6-41A9-B899-4AC1FC856DCF}
2013-05-29 21:17 - 2013-05-29 21:17 - 00000000 ____D C:\Program Files (x86)\Coq
2013-05-29 21:15 - 2013-05-29 21:15 - 53693262 ____A C:\Users\unknownname\Downloads\coq-installer-8.4pl2-win-0.exe
2013-05-27 13:11 - 2013-05-27 13:11 - 00000000 ____D C:\Program Files (x86)\QuickTime
==================== One Month Modified Files and Folders =======
2013-06-24 09:28 - 2013-06-24 09:28 - 01931364 ____A (Farbar) C:\Users\unknownname\Desktop\FRST64.exe
2013-06-24 09:25 - 2012-02-19 19:12 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-24 09:25 - 2012-02-16 15:15 - 00055213 ____A C:\Windows\setupact.log
2013-06-24 09:25 - 2011-12-08 16:57 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-24 09:25 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-23 22:34 - 2011-12-08 16:25 - 01810881 ____A C:\Windows\WindowsUpdate.log
2013-06-23 22:28 - 2009-07-14 06:45 - 00014944 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-23 22:28 - 2009-07-14 06:45 - 00014944 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-23 22:19 - 2013-06-23 22:19 - 00287168 ____A C:\Windows\Minidump\062313-25740-01.dmp
2013-06-23 22:19 - 2013-04-24 22:46 - 00000000 ____D C:\Windows\Minidump
2013-06-23 22:19 - 2013-04-24 22:45 - 555257047 ____A C:\Windows\MEMORY.DMP
2013-06-23 14:56 - 2012-04-02 09:24 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-23 14:48 - 2012-02-19 19:12 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-23 11:28 - 2013-06-23 11:15 - 00000716 ____A C:\SystemLook.txt
2013-06-22 20:17 - 2013-06-22 20:17 - 00000000 ____A C:\Windows\SysWOW64\REN1E0D.tmp
2013-06-22 20:17 - 2013-06-22 20:17 - 00000000 ____A C:\Windows\SysWOW64\REN1E0C.tmp
2013-06-22 20:17 - 2013-06-22 20:17 - 00000000 ____A C:\Windows\SysWOW64\REN1E0B.tmp
2013-06-22 20:17 - 2013-05-13 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-22 20:17 - 2011-12-08 22:10 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-22 20:15 - 2013-06-22 20:15 - 00000000 ____D C:\Users\unknownname\Downloads\JavaRa-2.2
2013-06-22 20:11 - 2013-06-22 20:11 - 00150667 ____A C:\Users\unknownname\Downloads\JavaRa-2.2.zip
2013-06-22 19:32 - 2013-06-22 19:32 - 00002260 ____A C:\06222013_193144.log
2013-06-22 19:29 - 2013-06-22 19:29 - 00000000 ____D C:\_OTL
2013-06-22 19:24 - 2013-06-22 19:24 - 00116779 ____A C:\Users\unknownname\Desktop\SoftwareUpdater.Ui.exe und ibsvc.exe - Seite 2 - Trojaner-Board.htm
2013-06-22 19:24 - 2013-06-22 19:24 - 00000000 ____D C:\Users\unknownname\Desktop\SoftwareUpdater.Ui.exe und ibsvc.exe - Seite 2 - Trojaner-Board-Dateien
2013-06-22 19:23 - 2013-06-22 19:23 - 00602112 ____A (OldTimer Tools) C:\Users\unknownname\Desktop\OTL.exe
2013-06-22 19:20 - 2012-06-02 22:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-22 14:50 - 2013-06-22 14:50 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 14:50 - 2012-09-09 10:17 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-22 14:50 - 2011-12-08 22:10 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 14:33 - 2012-06-17 21:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-22 14:32 - 2013-06-22 14:31 - 19677152 ____A (Mozilla) C:\Users\unknownname\Downloads\Thunderbird Setup 17.0.6.exe
2013-06-22 14:31 - 2013-06-22 14:31 - 31714216 ____A (Oracle Corporation) C:\Users\unknownname\Downloads\jre-7u25-windows-i586.exe
2013-06-22 14:27 - 2013-06-22 14:27 - 00903080 ____A (Oracle Corporation) C:\Users\unknownname\Downloads\jxpiinstall.exe
2013-06-22 14:19 - 2013-06-22 14:19 - 00000087 ____A C:\Users\unknownname\Desktop\cmd.txt
2013-06-22 14:18 - 2013-06-22 14:18 - 00165376 ____A C:\Users\unknownname\Desktop\SystemLook_x64.exe
2013-06-21 21:52 - 2012-05-14 13:21 - 00354228 ____A C:\Windows\PFRO.log
2013-06-21 21:35 - 2013-06-21 21:26 - 00057747 ____A C:\FRST (2).txt
2013-06-21 21:31 - 2013-06-21 20:19 - 00001491 ____A C:\ESET.txt
2013-06-21 21:23 - 2013-06-21 21:23 - 00001077 ____A C:\checkup.txt
2013-06-21 20:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-21 08:38 - 2013-06-21 08:38 - 00890839 ____A C:\Users\unknownname\Desktop\SecurityCheck.exe
2013-06-21 08:38 - 2013-06-21 08:37 - 02347384 ____A (ESET) C:\Users\unknownname\Desktop\esetsmartinstaller_enu.exe
2013-06-20 19:59 - 2013-06-20 19:42 - 00001567 ____A C:\JRT.txt
2013-06-20 19:58 - 2013-06-20 19:46 - 00057070 ____A C:\FRST.txt
2013-06-20 19:53 - 2013-06-20 19:53 - 00022995 ____A C:\Users\unknownname\Desktop\AdwCleaner[S1].txt
2013-06-20 19:37 - 2013-06-20 19:37 - 00000000 ____D C:\Windows\ERUNT
2013-06-20 19:36 - 2013-06-20 19:36 - 00000000 ____D C:\JRT
2013-06-20 19:30 - 2013-06-20 19:30 - 00022772 ____A C:\AdwCleaner[S1].txt
2013-06-20 19:24 - 2013-06-20 19:24 - 00648201 ____A C:\Users\unknownname\Desktop\adwcleaner(1).exe
2013-06-20 19:24 - 2013-06-20 19:24 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\unknownname\Desktop\JRT.exe
2013-06-20 18:10 - 2013-06-20 18:10 - 00041947 ____A C:\Users\unknownname\Desktop\ComboFixCorrected.txt
2013-06-20 15:17 - 2013-06-20 15:17 - 00041790 ____A C:\ComboFix.txt
2013-06-20 15:17 - 2013-06-20 13:04 - 00000000 ____D C:\Qoobox
2013-06-20 15:17 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-06-20 15:14 - 2013-06-20 13:03 - 00000000 ____D C:\Windows\erdnt
2013-06-20 15:12 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-20 12:59 - 2013-06-20 12:59 - 05081021 ____R (Swearware) C:\Users\unknownname\Desktop\ComboFix.exe
2013-06-20 12:56 - 2013-04-27 09:57 - 00000000 ___RD C:\Users\unknownname\Dropbox
2013-06-20 12:56 - 2013-04-27 09:49 - 00000000 ____D C:\Users\unknownname\AppData\Roaming\Dropbox
2013-06-19 20:06 - 2013-06-19 20:00 - 00032226 ____A C:\Users\unknownname\Desktop\Addition.txt
2013-06-19 20:03 - 2013-06-19 20:00 - 00035914 ____A C:\Users\unknownname\Desktop\FRST.txt
2013-06-19 19:58 - 2013-06-19 19:58 - 00000000 ____D C:\FRST
2013-06-19 19:14 - 2013-06-19 19:14 - 00700783 ____A (Swearware) C:\Users\unknownname\Downloads\dds+.exe
2013-06-19 19:13 - 2013-06-19 19:13 - 00648201 ____A C:\Users\unknownname\Downloads\adwcleaner.exe
2013-06-18 13:02 - 2013-06-18 13:01 - 00000000 ____D C:\Users\unknownname\AppData\Local\{920A4F92-FDED-4C94-85F6-F4A5245C10F3}
2013-06-16 14:56 - 2013-06-16 14:56 - 00000000 ____D C:\Users\unknownname\AppData\Local\{E9F722AC-2DA3-427D-A9E7-10EFAECB1649}
2013-06-14 20:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-13 05:58 - 2013-06-02 19:56 - 00031816 ____A C:\Windows\Launcher.exe
2013-06-12 21:25 - 2012-11-19 21:47 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-12 21:07 - 2012-12-03 15:13 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-12 21:03 - 2013-06-12 21:03 - 00000000 ____D C:\Program Files (x86)\Team Tools
2013-06-12 21:03 - 2013-06-12 21:03 - 00000000 ____D C:\Program Files (x86)\Common7
2013-06-12 21:03 - 2013-05-12 19:12 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-12 21:02 - 2013-05-12 18:55 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-12 20:57 - 2013-05-12 18:55 - 00000000 ____D C:\Windows\System32\1033
2013-06-12 20:57 - 2012-04-02 09:24 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 20:57 - 2011-12-11 11:46 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 20:55 - 2013-05-12 19:17 - 00000000 ____D C:\Users\unknownname\Documents\Visual Studio 2012
2013-06-12 20:46 - 2011-12-08 20:57 - 00094832 ____A C:\Users\unknownname\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-12 20:45 - 2011-12-08 22:13 - 00000000 ____D C:\Users\unknownname\AppData\Roaming\Notepad++
2013-06-12 20:45 - 2011-12-08 22:13 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-12 20:40 - 2011-12-10 15:39 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-12 20:24 - 2011-12-10 15:39 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-12 20:24 - 2011-12-10 15:39 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\Program Files\iTunes
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\Program Files\iPod
2013-06-12 20:14 - 2013-06-12 20:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-12 20:10 - 2011-12-10 15:39 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-12 20:07 - 2011-12-08 21:13 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 20:03 - 2012-12-30 19:06 - 00000000 ____D C:\Users\unknownname\AppData\Local\Apple Computer
2013-06-12 20:02 - 2011-12-09 16:16 - 02041226 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-12 20:02 - 2009-07-14 19:58 - 00877286 ____A C:\Windows\System32\perfh007.dat
2013-06-12 20:02 - 2009-07-14 19:58 - 00209618 ____A C:\Windows\System32\perfc007.dat
2013-06-12 20:02 - 2009-07-14 07:13 - 02041226 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-12 19:59 - 2012-01-01 23:01 - 00000000 ____D C:\Users\unknownname\AppData\Roaming\Apple Computer
2013-06-12 19:52 - 2013-06-12 19:52 - 00000000 ____D C:\Users\unknownname\AppData\Local\{CA05EF1B-FD3C-4EB6-A7C4-861A3E7F8B55}
2013-06-11 16:06 - 2013-06-11 16:06 - 00000000 ____D C:\Users\unknownname\AppData\Local\{930DE47D-4A74-4C04-B572-2B6946B93C02}
2013-06-10 17:05 - 2013-06-10 17:05 - 00000000 ____D C:\Users\unknownname\AppData\Local\{3F15F85A-C5DF-4E83-B3EF-E02B026A0201}
2013-06-10 17:04 - 2011-12-11 16:21 - 00094832 ____A C:\Users\unknownname\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-09 12:08 - 2013-04-26 18:19 - 00000000 ____D C:\Users\unknownname\Desktop\physik
2013-06-08 16:08 - 2013-06-12 20:05 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-12 20:05 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-12 20:05 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-12 20:05 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-12 20:05 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-12 20:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-12 20:05 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-12 20:05 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-12 20:05 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-12 20:05 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-12 20:05 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-12 20:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-04 18:09 - 2013-04-26 18:19 - 00000000 ____D C:\Users\unknownname\Desktop\kommpar
2013-06-04 17:56 - 2011-12-10 11:35 - 00094832 ____A C:\Users\unknownname\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-04 17:52 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-04 17:40 - 2009-07-14 06:45 - 00373072 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-03 11:22 - 2013-06-03 11:22 - 00000000 ____D C:\Users\unknownname\AppData\Roaming\OpenOffice.org
2013-06-03 11:14 - 2011-12-08 22:11 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-06-03 11:08 - 2013-06-03 11:06 - 152249762 ____A C:\Users\unknownname\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
2013-06-03 10:57 - 2013-06-03 10:57 - 06529210 ____A C:\Users\unknownname\Downloads\dict-en.oxt
2013-06-03 10:32 - 2011-12-10 11:34 - 00000000 ____D C:\users\unknownname
2013-06-03 10:27 - 2013-06-03 10:27 - 21151576 ____A (Mozilla) C:\Users\unknownname\Downloads\Firefox Setup 21.0.exe
2013-06-03 10:03 - 2013-05-01 18:36 - 00000000 ____D C:\users\DefaultAppPool
2013-06-03 10:03 - 2012-11-19 22:19 - 00000000 ____D C:\users\Classic .NET AppPool
2013-06-03 10:03 - 2011-12-10 11:36 - 00000000 ____D C:\users\unknownname
2013-06-03 10:02 - 2013-06-02 20:20 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-06-03 10:02 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-03 10:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-03 09:39 - 2013-06-03 09:39 - 03234774 ____A C:\Users\unknownname\Downloads\dict-de_DE-igerman98_2011-06-21.oxt
2013-06-03 09:38 - 2013-06-03 09:38 - 04606812 ____A C:\Users\unknownname\Downloads\dict-de_DE-frami_2012-06-17.oxt
2013-06-02 20:40 - 2013-06-02 20:40 - 00000000 ____D C:\Program Files\IDT
2013-06-02 20:20 - 2013-06-02 20:20 - 00000000 ____D C:\Users\unknownname\Documents\Freemium Driver Utilities
2013-06-02 20:17 - 2013-06-02 20:17 - 00000000 ____D C:\Users\unknownname\AppData\Local\DownloadGuide
2013-06-02 20:07 - 2013-06-02 20:07 - 00000000 ____D C:\Users\unknownname\AppData\Local\Freemium
2013-06-02 19:53 - 2013-06-02 19:53 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-05-31 22:08 - 2013-05-31 22:08 - 00000435 ____A C:\Users\unknownname\Desktop\vgn.txt
2013-05-31 16:05 - 2013-05-31 16:05 - 00000000 ____D C:\Users\unknownname\AppData\Local\{BBC3CC0C-FFC6-41A9-B899-4AC1FC856DCF}
2013-05-29 22:54 - 2013-04-26 18:19 - 00000000 ____D C:\Users\unknownname\Desktop\semprog
2013-05-29 21:17 - 2013-05-29 21:17 - 00000000 ____D C:\Program Files (x86)\Coq
2013-05-29 21:15 - 2013-05-29 21:15 - 53693262 ____A C:\Users\unknownname\Downloads\coq-installer-8.4pl2-win-0.exe
2013-05-27 13:11 - 2013-05-27 13:11 - 00000000 ____D C:\Program Files (x86)\QuickTime
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-23 14:28
==================== End Of Log ============================
--- --- ---
Schöne Grüße
unknownname |
