Trojaner-Board - Qvo6.xml ist das ein Trojaner?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Qvo6.xml ist das ein Trojaner? (https://www.trojaner-board.de/139687-qvo6-xml-trojaner.html)

Hallo Heiko,
danke, habe ich soweit alles gemacht. Muß heute Abend nochmal schauen. Der Rechner ist plötzlich ganz langsam und die CPU-Auslastung steht auf 100 %.
Ich melde mich wieder.

Hi, dann bitte folgendes:

lösche die alte Version von FRST die ist nicht mehr aktuell...

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hallo Heiko,
habe keine neuere Version von FRST für mein WinXP als die Vers. 3.3.8.1 gefunden.
Mir ist nur eine FRST.txt leider keine Addition.txt erstellt worden.
50 % der CPU-Auslastung kommen von jqs.exe
Beim Löschen von TuneUpUtilities 2012 ist das Programm hängengeblieben weil wohl eine msiexec.exe die CPU-Auslastung komplette auf 100% gesetzt hat.
Sorry !

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-08-2013 02 (ATTENTION: ====> FRST version is 12 days old and could be outdated)

Ran by Administrator (administrator) on 23-08-2013 19:16:22

Running from C:\

Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Safe Mode (with Networking)
 

==================== Processes (Whitelisted) ===================
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDCPL] - REM RTHDCPL.EXE [x]

HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)

HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)

HKLM\...\Run: [CHotkey] - REM mHotkey.exe [x]

HKLM\...\Run: [TrueImageMonitor.exe] - C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe [1009835 2006-01-04] (Acronis)

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [118784 2006-01-04] (Acronis)

HKLM\...\Run: [mspd] - C:\WINDOWS\system32\mspd.exe [389632 2003-08-27] ()

HKLM\...\Run: [Adobe Reader Speed Launcher] - Z:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)

HKLM\...\Run: [UpdatePDRShortCut] - z:\Programme\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)

HKLM\...\Run: [iTunesHelper] - F:\Programme\iTunes\iTunesHelper.exe [141608 2010-01-22] (Apple Inc.)

HKLM\...\Run: [] -  [x]

HKLM\...\Run: [KiesTrayAgent] - Z:\Kies\KiesTrayAgent.exe [309688 2012-11-12] (Samsung Electronics Co., Ltd.)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM\...\Run: [avgnt] - Z:\Programme\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-06] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [avast] - C:\Programme\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)

Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll [X]

Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)

HKCU\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKCU\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Programme\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB [x]

HKCU\...\RunOnce: [NeroHomeFirstStart] - "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe" [16680 2007-06-27] (Nero AG)

HKCU\...\Runonce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe [x]

HKU\Default User\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)

HKU\UpdatusUser\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKU\UpdatusUser\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)

Lsa: [Authentication Packages] msv1_0 relog_ap

Lsa: [Notification Packages] :\WINDOWS\system3

BootExecute: autocheck autochk * oodbs
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search

SearchScopes: HKLM - {074A4B8E-16EA-418f-82D3-FDF259FCC700} URL = hxxp://go.web.de/suchbox/amazon?field-keywords={searchTerms}

SearchScopes: HKLM - {5A90DDBA-05B8-4689-A5D5-F209DD8B4D62} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}

SearchScopes: HKLM - {96DEA305-33AB-4BFF-A2E3-3D9BD23472E0} URL = hxxp://go.web.de/suchbox/webdesuche?su={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {7980FFE6-9DFE-4d9d-920A-CEB86D279C79} URL = 

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: metaspinner GmbH - {84B94901-3645-4D80-A6B7-4D0050B19455} - F:\Programme\teXXas\IEButtonAmazonInterface.dll ()

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll (AVAST Software)

BHO: ZuneIEPlugin.ZuneBHO - {A8533C62-9399-4640-B36B-D1DDE91EB8B1} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

BHO: metaspinner GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - F:\Programme\teXXas\IEButtonEbayInterface.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File

Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128778405937

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141142460296

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab

DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} hxxp://www.netnews.cc/netfoto/XUpload.ocx

Handler: ipp - No CLSID Value - 

Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msdaipp - No CLSID Value - 

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)

ShellExecuteHooks: CShellExecuteHookImpl Object - {57B86673-276A-48B2-BAE7-C6DBB3020EB8} -  No File [ ]

Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\29.0.1547.57\pdf.dll ()

CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)

CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))

CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)

CHR Plugin: (Adobe Acrobat) - Z:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (iTunes Application Detector) - F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (DivX\u00AE Content Upload Plugin) - z:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)

CHR Plugin: (DivX Player Netscape Plugin) - z:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

CHR Plugin: (DivX Web Player) - z:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

CHR Plugin: (Picasa) - z:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - z:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealJukebox NS Plugin) - z:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - z:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

CHR Extension: (Google Docs) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Google Wallet Service) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0

CHR Extension: (Gmail) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Dokumente und Einstellungen\Helmut\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx

CHR StartMenuInternet: Google Chrome - C:\Programme\Google\Chrome\Application\chrome.exe
 

========================== Services (Whitelisted) =================
 

S2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)

S2 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [172032 2006-01-04] (Acronis)

S4 AdminSVC; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Web.de\adminsvc.exe [180224 2006-10-12] (hablamax)

S2 AntiVirSchedulerService; Z:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-07-06] (Avira Operations GmbH & Co. KG)

S2 AntiVirService; Z:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-06] (Avira Operations GmbH & Co. KG)

S2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)

S2 avast! Antivirus; C:\Programme\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

S2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)

S4 CLCapSvc; z:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [221257 2005-12-01] ()

S4 CLSched; z:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [110663 2005-12-01] ()

S2 CyberLink Media Library Service; C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [61440 2005-12-01] (Cyberlink)

S2 DBService; C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)

S2 FSService; z:\Programme\Folder Shield\FSService.exe [45056 2006-04-13] ()

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-28] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-28] (Google Inc.)

S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-13] (Google)

S4 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)

S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545576 2010-01-22] (Apple Inc.)

S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [79136 2007-10-18] (Hewlett-Packard Company)

S2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-20] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-08-14] (Mozilla Foundation)

S4 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)

S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)

S2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-09-23] (NVIDIA Corporation)

S2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH)

S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

S2 PSI_SVC_2; C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe [189728 2010-03-10] (Protexis Inc.)

S4 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [247152 2009-04-17] ()

S2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)

S4 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-03-13] (Ulead Systems, Inc.)

S2 vToolbarUpdater15.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-05-21] (AVG Secure Search)

S4 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)

S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]

S4 AVG Anti-Spyware Guard; F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe [x]

S2 FileZilla Server; "z:\Programme\FileZilla Server\FileZilla Server.exe" [x]

S2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
 

==================== Drivers (Whitelisted) ====================
 

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [826752 2005-12-06] (Philips Semiconductors GmbH)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)

S2 A4SII300; C:\Windows\System32\drivers\A4SII300.SYS [25632 1998-02-26] (Microsoft Corporation)

S2 acedrv11; C:\WINDOWS\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

S2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [19915 2005-10-09] (Meetinghouse Data Communications)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)

R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)

S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)

R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)

S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()

S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-22] (AVAST Software)

S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-22] (AVAST Software)

S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)

S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-22] ()

S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [13696 2008-04-14] (Microsoft Corporation)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-05-21] (AVG Technologies)

S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)

S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

R0 bxShield; C:\Windows\System32\Drivers\bxShield.sys [45056 2006-04-13] (Alfa Corporation)

S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)

R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)

S1 cdrport; C:\Windows\System32\DRIVERS\cdrport.sys [4608 2005-03-11] (Canopus Co,. Ltd.)

R3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [72320 2005-10-04] (C-Media Corporation)

S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20032 2012-05-23] (Devguru Co., Ltd)

R3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-09-17] ()

S3 GT680x; C:\Windows\System32\Drivers\Gt680x.sys [17504 2003-02-19] (   )

S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)

R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)

S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)

S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [49024 2008-04-14] (Microsoft Corporation)

S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)

S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)

S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)

S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)

R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)

S1 PQNTDrv; C:\Windows\System32\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation)

R3 RT2500USB; C:\Windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)

R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)

S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [642560 2008-09-16] ()

S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)

S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-07-20] (RapidSolution Software AG)

R1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)

S2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [30688 2008-10-09] (Acronis)

S3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-08] (TuneUp Software)

S3 usbsermptxp; C:\Windows\System32\DRIVERS\usbsermptxp.sys [25600 2007-12-22] (Microsoft Corporation)

R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [117248 2008-01-22] (VIA Technologies inc,.ltd)

R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)

S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)

R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)

S3 akshhl; system32\DRIVERS\akshhl.sys [x]

S1 AVG Anti-Spyware Driver; \??\F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.sys [x]

S1 AvgAsCln; System32\DRIVERS\AvgAsCln.sys [x]

S4 IntelIde; No ImagePath

S0 rseb; No ImagePath

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-22 20:36 - 2013-08-22 20:36 - 00000700 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000000 ____D C:\Programme\Mozilla Maintenance Service

2013-08-22 19:51 - 2013-08-22 19:51 - 00001781 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk

2013-08-22 19:51 - 2013-08-22 19:51 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce9f604adfe6ec.job

2013-08-22 19:49 - 2013-08-23 05:41 - 00000370 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-08-22 19:49 - 2013-08-22 19:49 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00001657 _____ C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum

2013-08-22 19:49 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys

2013-08-22 19:49 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2013-08-22 19:29 - 2013-08-22 19:29 - 00000000 ____D C:\Programme\AVAST Software

2013-08-22 19:29 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2013-08-22 17:28 - 2013-08-22 17:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$

2013-08-19 18:00 - 2013-08-19 18:00 - 00000000 ____D C:\Programme\ESET

2013-08-19 17:49 - 2013-08-19 17:50 - 00042850 _____ C:\2013-08-19-FRST-danach.txt

2013-08-19 17:47 - 2013-08-19 17:47 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\PrivacIE

2013-08-15 07:09 - 2013-08-15 07:09 - 00006154 _____ C:\WINDOWS\KB2863058.log

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

2013-08-14 09:01 - 2013-08-14 09:01 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

2013-08-14 07:17 - 2013-08-22 17:29 - 00014930 _____ C:\WINDOWS\KB2850869.log

2013-08-14 07:17 - 2013-08-15 07:09 - 00012682 _____ C:\WINDOWS\KB2859537.log

2013-08-13 20:57 - 2013-08-13 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\mbam-setup-1.75.0.1300.exe

2013-08-13 09:41 - 2013-08-13 09:41 - 00000000 ____D C:\WINDOWS\ERUNT

2013-08-12 14:12 - 2013-08-12 09:27 - 01068593 _____ (Farbar) C:\FRST.exe

2013-08-12 11:59 - 2013-08-12 11:59 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\IETldCache

2013-08-12 09:28 - 2013-08-19 17:03 - 00000000 ____D C:\FRST

2013-08-11 08:38 - 2013-08-11 19:55 - 00000000 ____D C:\Programme\WinZipper

2013-08-09 22:01 - 2013-08-10 21:02 - 00000000 ____D C:\Programme\Check Point Software Technologies LTD

2013-08-09 22:00 - 2013-08-10 21:02 - 00000000 ____D C:\Programme\East Imperial Soft

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SAM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG

2013-08-08 16:29 - 2013-08-08 16:29 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG

2013-08-06 11:02 - 2013-08-10 19:03 - 00000000 ____D C:\Programme\MSECache

2013-07-30 05:27 - 2013-07-30 05:32 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-07-25 19:03 - 2013-07-30 05:34 - 00011489 _____ C:\WINDOWS\KB2834886.log

2013-07-25 19:03 - 2013-07-30 05:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$

2013-07-25 19:03 - 2013-07-25 19:03 - 00004458 _____ C:\WINDOWS\KB2834904.log

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$

2013-07-25 19:02 - 2013-07-25 19:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$

2013-07-25 18:59 - 2013-07-25 19:00 - 00004146 _____ C:\WINDOWS\KB2845142.log

2013-07-25 18:59 - 2013-07-25 19:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845142_WM64$
 

==================== One Month Modified Files and Folders =======
 

2013-08-23 19:15 - 2007-01-27 10:54 - 00922162 _____ C:\WINDOWS\system32\OODBS.lor

2013-08-23 19:15 - 2005-10-09 07:46 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl

2013-08-23 19:14 - 2011-02-18 20:03 - 00327680 _____ C:\WINDOWS\system32\config\TuneUp.evt

2013-08-23 19:14 - 2006-06-06 20:48 - 00000274 _____ C:\WINDOWS\wiadebug.log

2013-08-23 19:14 - 2006-06-06 20:48 - 00000052 _____ C:\WINDOWS\wiaservc.log

2013-08-23 19:14 - 2006-06-06 17:53 - 01992607 _____ C:\WINDOWS\WindowsUpdate.log

2013-08-23 19:06 - 2010-11-05 19:18 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini

2013-08-23 18:55 - 2006-06-06 18:02 - 00000000 ____D C:\Dokumente und Einstellungen\Helmut

2013-08-23 17:28 - 2013-08-23 17:28 - 00001891 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk

2013-08-23 17:28 - 2005-10-09 12:25 - 00000000 ____D C:\Programme\Google

2013-08-23 05:41 - 2013-08-22 19:49 - 00000370 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-08-22 20:36 - 2013-08-22 20:36 - 00000700 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000000 ____D C:\Programme\Mozilla Maintenance Service

2013-08-22 20:36 - 2005-10-08 23:52 - 00000000 ___RD C:\Programme

2013-08-22 20:35 - 2009-03-22 12:16 - 00000000 ____D C:\Programme\Mozilla Firefox

2013-08-22 19:56 - 2007-01-27 10:57 - 00000000 ____D C:\WINDOWS\system32\oodag

2013-08-22 19:51 - 2013-08-22 19:51 - 00001781 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk

2013-08-22 19:51 - 2013-08-22 19:51 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce9f604adfe6ec.job

2013-08-22 19:49 - 2013-08-22 19:49 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00001657 _____ C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum

2013-08-22 19:49 - 2005-10-08 22:57 - 00003000 _____ C:\WINDOWS\system32\config.nt

2013-08-22 19:29 - 2013-08-22 19:29 - 00000000 ____D C:\Programme\AVAST Software

2013-08-22 17:47 - 2005-10-08 15:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET

2013-08-22 17:35 - 2012-06-07 13:32 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-08-22 17:32 - 2005-10-08 23:52 - 01166212 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-08-22 17:29 - 2013-08-22 17:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$

2013-08-22 17:29 - 2013-08-14 07:17 - 00014930 _____ C:\WINDOWS\KB2850869.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00756252 _____ C:\WINDOWS\setupapi.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00517343 _____ C:\WINDOWS\FaxSetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00248304 _____ C:\WINDOWS\ocgen.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00198156 _____ C:\WINDOWS\tsoc.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00172496 _____ C:\WINDOWS\comsetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00104470 _____ C:\WINDOWS\ntdtcsetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00082802 _____ C:\WINDOWS\iis6.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00028728 _____ C:\WINDOWS\ocmsn.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00025956 _____ C:\WINDOWS\msgsocm.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00001374 _____ C:\WINDOWS\imsins.log

2013-08-22 17:29 - 2012-04-12 17:36 - 00084745 _____ C:\WINDOWS\updspapi.log

2013-08-20 20:24 - 2013-06-20 18:30 - 00000000 ____D C:\Magazin-1

2013-08-20 19:54 - 2006-06-07 19:57 - 00000116 _____ C:\WINDOWS\NeroDigital.ini

2013-08-20 18:30 - 2005-10-09 14:27 - 00000400 _____ C:\WINDOWS\ODBC.INI

2013-08-19 18:00 - 2013-08-19 18:00 - 00000000 ____D C:\Programme\ESET

2013-08-19 17:50 - 2013-08-19 17:49 - 00042850 _____ C:\2013-08-19-FRST-danach.txt

2013-08-19 17:47 - 2013-08-19 17:47 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\PrivacIE

2013-08-19 17:47 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe

2013-08-19 17:47 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator

2013-08-19 17:03 - 2013-08-12 09:28 - 00000000 ____D C:\FRST

2013-08-18 15:30 - 2013-06-22 08:58 - 00007680 ___SH C:\WINDOWS\Thumbs.db

2013-08-18 12:58 - 2012-04-01 10:57 - 00023405 _____ C:\WINDOWS\wmsetup.log

2013-08-18 09:47 - 2006-06-16 12:16 - 00005134 _____ C:\WINDOWS\xnview.ini

2013-08-17 17:41 - 2013-06-20 16:56 - 00000000 ____D C:\Programme\Hybrid

2013-08-17 17:41 - 2012-07-19 19:14 - 00000000 ____D C:\Programme\TuneUp Utilities 2012

2013-08-17 12:24 - 2006-06-11 09:50 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2013-08-17 11:22 - 2005-10-08 22:56 - 00000000 ____D C:\WINDOWS\Registration

2013-08-15 07:09 - 2013-08-15 07:09 - 00006154 _____ C:\WINDOWS\KB2863058.log

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

2013-08-15 07:09 - 2013-08-14 07:17 - 00012682 _____ C:\WINDOWS\KB2859537.log

2013-08-15 07:09 - 2012-04-12 17:37 - 00001374 _____ C:\WINDOWS\imsins.BAK

2013-08-15 07:09 - 2007-02-18 04:01 - 00883452 _____ C:\WINDOWS\system32\TZLog.log

2013-08-14 09:28 - 2012-12-27 10:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2753842-v2$

2013-08-14 09:28 - 2009-03-11 22:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB959772_WM11$

2013-08-14 09:01 - 2013-08-14 09:01 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

2013-08-13 20:57 - 2013-08-13 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\mbam-setup-1.75.0.1300.exe

2013-08-13 20:48 - 2006-06-17 09:33 - 00001966 _____ C:\WINDOWS\Ulead32.ini

2013-08-13 18:48 - 2005-10-08 23:52 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente

2013-08-13 09:41 - 2013-08-13 09:41 - 00000000 ____D C:\WINDOWS\ERUNT

2013-08-13 09:35 - 2012-04-09 10:41 - 00000000 ____D C:\Programme\Gemeinsame Dateien\AVG Secure Search

2013-08-12 11:59 - 2013-08-12 11:59 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\IETldCache

2013-08-12 09:27 - 2013-08-12 14:12 - 01068593 _____ (Farbar) C:\FRST.exe

2013-08-11 19:55 - 2013-08-11 08:38 - 00000000 ____D C:\Programme\WinZipper

2013-08-11 19:55 - 2005-10-08 23:51 - 00430984 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-08-11 19:54 - 2005-10-08 23:00 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService

2013-08-11 19:54 - 2005-10-08 23:00 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService

2013-08-11 19:53 - 2006-06-06 17:54 - 00032452 _____ C:\WINDOWS\SchedLgU.Txt

2013-08-11 19:53 - 2005-10-08 23:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-08-11 09:05 - 2009-12-28 08:49 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-10 21:03 - 2005-10-08 23:52 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü

2013-08-10 21:02 - 2013-08-09 22:01 - 00000000 ____D C:\Programme\Check Point Software Technologies LTD

2013-08-10 21:02 - 2013-08-09 22:00 - 00000000 ____D C:\Programme\East Imperial Soft

2013-08-10 21:02 - 2013-07-17 21:20 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Uniblue

2013-08-10 21:02 - 2013-07-17 21:00 - 00000000 ____D C:\Programme\DVDVideoSoft

2013-08-10 21:02 - 2013-07-09 17:07 - 00000000 ____D C:\Programme\DsNET Corp

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ___SD C:\Dokumente und Einstellungen\UpdatusUser\UserData

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ___RD C:\Dokumente und Einstellungen\UpdatusUser\Startmenü

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ____D C:\Dokumente und Einstellungen\UpdatusUser\WINDOWS

2013-08-10 21:02 - 2013-06-27 14:52 - 00000000 ____D C:\NVIDIA

2013-08-10 21:02 - 2013-06-20 18:15 - 00000000 ____D C:\Programme\Greenshot

2013-08-10 21:02 - 2013-06-19 16:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Skype

2013-08-10 21:02 - 2013-05-23 17:22 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft

2013-08-10 21:02 - 2013-03-09 21:46 - 00000000 ____D C:\Programme\CheckPoint

2013-08-10 21:02 - 2012-12-12 19:21 - 00000000 ____D C:\Programme\Dropbox

2013-08-10 21:02 - 2012-03-04 20:51 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot(3)

2013-08-10 21:02 - 2012-03-04 20:51 - 00000000 ____D C:\Programme\Application Updater(3)

2013-08-10 21:02 - 2011-09-20 14:59 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Protexis

2013-08-10 21:02 - 2011-09-11 14:36 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Corel

2013-08-10 21:02 - 2011-09-10 20:45 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot(2)

2013-08-10 21:02 - 2011-09-10 20:45 - 00000000 ____D C:\Programme\Application Updater(2)

2013-08-10 21:02 - 2011-02-26 17:45 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Aladdin Shared

2013-08-10 21:02 - 2011-02-26 14:19 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Aladdin Shared(2)

2013-08-10 21:02 - 2011-02-19 14:38 - 00000000 ____D C:\Programme\CodecOption

2013-08-10 21:02 - 2010-11-27 16:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Snell & Wilcox Shared

2013-08-10 21:02 - 2010-11-27 16:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Grass Valley

2013-08-10 21:02 - 2010-11-24 21:37 - 00000000 ____D C:\Programme\directx

2013-08-10 21:02 - 2010-11-23 20:14 - 00000000 ____D C:\MappedFiles

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___SD C:\Dokumente und Einstellungen\Administrator\UserData

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Startmenü

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Dokumente

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\WINDOWS

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Mein Geld

2013-08-10 21:02 - 2009-11-27 20:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\CyberLink

2013-08-10 21:02 - 2009-11-27 20:23 - 00000000 ____D C:\Dokumente und Einstellungen\Besitzer\Startmenü

2013-08-10 21:02 - 2009-11-21 22:16 - 00000000 ____D C:\Programme\Bonjour

2013-08-10 21:02 - 2009-11-11 20:38 - 00000000 ____D C:\Programme\AVS4YOU

2013-08-10 21:02 - 2009-11-01 14:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Apple

2013-08-10 21:02 - 2009-07-05 12:11 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SWF Studio

2013-08-10 21:02 - 2008-12-19 20:32 - 00000000 ____D C:\Programme\DATA BECKER

2013-08-10 21:02 - 2008-12-16 19:43 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DATA BECKER Shared

2013-08-10 21:02 - 2008-10-29 19:59 - 00000000 ____D C:\Intel

2013-08-10 21:02 - 2008-10-27 18:37 - 00000000 ____D C:\Programme\BearPaw 2448TA Plus

2013-08-10 21:02 - 2008-10-21 21:12 - 00000000 ____D C:\Programme\Gemeinsame Dateien\TechSmith Shared

2013-08-10 21:02 - 2008-10-09 19:03 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Acronis

2013-08-10 21:02 - 2008-10-09 19:03 - 00000000 ____D C:\Programme\Acronis

2013-08-10 21:02 - 2008-10-09 17:42 - 00000000 ____D C:\Programme\Canon

2013-08-10 21:02 - 2008-10-09 17:36 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Canon

2013-08-10 21:02 - 2008-09-16 20:58 - 00000000 ____D C:\Programme\Gemeinsame Dateien\xing shared

2013-08-10 21:02 - 2007-12-22 18:20 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Motorola Shared

2013-08-10 21:02 - 2007-06-18 20:16 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SONY Digital Images

2013-08-10 21:02 - 2007-06-10 12:27 - 00000000 ____D C:\Programme\Gemeinsame Dateien\AVSMedia

2013-08-10 21:02 - 2007-02-07 19:28 - 00000000 ____D C:\Programme\Codec Pack - All In 1

2013-08-10 21:02 - 2007-02-06 20:52 - 00000000 ____D C:\Programme\Apple Software Update

2013-08-10 21:02 - 2007-01-21 22:50 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe

2013-08-10 21:02 - 2007-01-10 14:32 - 00000000 ____D C:\Dokumente und Einstellungen\Besitzer

2013-08-10 21:02 - 2006-10-08 15:03 - 00000000 ____D C:\Programme\Canopus

2013-08-10 21:02 - 2006-08-03 08:39 - 00000000 ____D C:\Programme\Gemeinsame Dateien\ODBC

2013-08-10 21:02 - 2006-07-01 09:43 - 00000000 ____D C:\Programme\AOL

2013-08-10 21:02 - 2006-06-16 11:29 - 00000000 ____D C:\Programme\Digitale Telefonauskunft

2013-08-10 21:02 - 2006-06-07 19:00 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InterVideo

2013-08-10 21:02 - 2006-06-07 19:00 - 00000000 ____D C:\Programme\Creative

2013-08-10 21:02 - 2006-06-07 18:38 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Canopus Shared

2013-08-10 21:02 - 2006-06-07 18:04 - 00000000 ____D C:\MSCAN

2013-08-10 21:02 - 2006-06-06 20:58 - 00000000 ____D C:\Programme\Dornier GmbH

2013-08-10 21:02 - 2006-06-06 20:07 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Ulead Systems

2013-08-10 21:02 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DESIGNER

2013-08-10 21:02 - 2006-02-28 16:57 - 00000000 ____D C:\Programme\Gemeinsame Dateien\aol

2013-08-10 21:02 - 2006-02-28 16:07 - 00000000 ____D C:\Programme\Home Cinema

2013-08-10 21:02 - 2006-02-28 16:07 - 00000000 ____D C:\Programme\CyberLink

2013-08-10 21:02 - 2006-02-28 16:03 - 00000000 ____D C:\Programme\Gemeinsame Dateien\LightScribe

2013-08-10 21:02 - 2006-02-28 16:02 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Ahead

2013-08-10 21:02 - 2006-02-28 16:02 - 00000000 ____D C:\Programme\Ahead

2013-08-10 21:02 - 2006-02-28 16:01 - 00000000 ____D C:\PCM

2013-08-10 21:02 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java

2013-08-10 21:02 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Adobe

2013-08-10 21:02 - 2006-02-28 15:51 - 00000000 ____D C:\Programme\C-Media USB2.0 Card Reader

2013-08-10 21:02 - 2005-10-09 14:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MAGIX Shared

2013-08-10 21:02 - 2005-10-09 14:55 - 00000000 ____D C:\Programme\ALDI Sued Foto Service

2013-08-10 21:02 - 2005-10-09 14:49 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DataDesign

2013-08-10 21:02 - 2005-10-09 14:46 - 00000000 ____D C:\Programme\Gemeinsame Dateien\muvee Technologies

2013-08-10 21:02 - 2005-10-09 14:33 - 00000000 ____D C:\Programme\Encarta

2013-08-10 21:02 - 2005-10-09 12:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Nullsoft

2013-08-10 21:02 - 2005-10-09 12:25 - 00000000 ____D C:\Programme\DivX

2013-08-10 21:02 - 2005-10-09 11:25 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Real

2013-08-10 21:02 - 2005-10-08 23:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SpeechEngines

2013-08-10 21:02 - 2005-10-08 23:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Microsoft Shared

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\System

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MSSoap

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Dienste

2013-08-10 21:02 - 2005-10-08 15:59 - 00000000 ____D C:\Programme\HighMAT CD Writing Wizard

2013-08-10 21:02 - 2005-10-08 15:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InstallShield

2013-08-10 19:03 - 2013-08-06 11:02 - 00000000 ____D C:\Programme\MSECache

2013-08-10 19:03 - 2013-07-07 20:43 - 00000000 ____D C:\Programme\Ontrack

2013-08-10 19:03 - 2013-06-20 18:06 - 00000000 ____D C:\Programme\MediaInfo

2013-08-10 19:03 - 2013-04-13 18:52 - 00000000 ____D C:\Programme\NVIDIA Corporation

2013-08-10 19:03 - 2013-04-05 19:07 - 00000000 ____D C:\Programme\NCH Software

2013-08-10 19:03 - 2013-03-29 17:06 - 00000000 ____D C:\Programme\SIW

2013-08-10 19:03 - 2012-07-05 20:03 - 00000000 ____D C:\Programme\MarkAny

2013-08-10 19:03 - 2012-06-26 20:29 - 00000000 ____D C:\Programme\Office 2007

2013-08-10 19:03 - 2011-09-20 15:00 - 00000000 ____D C:\Programme\Microsoft SDKs

2013-08-10 19:03 - 2011-09-10 22:26 - 00000000 ____D C:\Programme\Microsoft Visual Studio 9.0

2013-08-10 19:03 - 2011-03-10 21:05 - 00000000 ____D C:\Programme\Microsoft Silverlight

2013-08-10 19:03 - 2010-02-13 22:01 - 00000000 ____D C:\Programme\iPod

2013-08-10 19:03 - 2009-11-27 20:23 - 00000000 ____D C:\Programme\SmartSound Software

2013-08-10 19:03 - 2009-08-15 14:40 - 00000000 ____D C:\Programme\Reference Assemblies

2013-08-10 19:03 - 2009-08-15 14:40 - 00000000 ____D C:\Programme\MSBuild

2013-08-10 19:03 - 2009-08-15 14:37 - 00000000 ____D C:\Programme\MSXML 6.0

2013-08-10 19:03 - 2009-07-30 09:56 - 00000000 ____D C:\Programme\Sony

2013-08-10 19:03 - 2008-10-28 21:59 - 00000000 ____D C:\Programme\Trend Micro

2013-08-10 19:03 - 2008-10-09 20:59 - 00000000 ____D C:\Programme\Kaspersky Lab

2013-08-10 19:03 - 2007-12-22 16:53 - 00000000 ____D C:\Programme\Motorola Phone Tools

2013-08-10 19:03 - 2007-02-25 18:27 - 00000000 ____D C:\Programme\Multi_Media_Germany

2013-08-10 19:03 - 2007-02-11 18:49 - 00000000 ____D C:\Programme\Nero

2013-08-10 19:03 - 2006-11-19 21:11 - 00000000 ____D C:\Programme\MSXML 4.0

2013-08-10 19:03 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Microsoft.NET

2013-08-10 19:03 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Microsoft Visual Studio

2013-08-10 19:03 - 2006-02-28 18:22 - 00000000 ____D C:\Programme\MSN Messenger

2013-08-10 19:03 - 2006-02-28 16:57 - 00000000 ____D C:\Programme\Learn2.com

2013-08-10 19:03 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Java

2013-08-10 19:03 - 2006-02-28 15:52 - 00000000 ____D C:\Programme\Medion Info Display

2013-08-10 19:03 - 2006-01-30 12:25 - 00000000 ____D C:\Programme\Realtek

2013-08-10 19:03 - 2005-10-09 19:13 - 00000000 ____D C:\Programme\NVIDIA Demo Kiosk

2013-08-10 19:03 - 2005-10-09 14:46 - 00000000 ____D C:\Programme\muvee Technologies

2013-08-10 19:03 - 2005-10-09 14:36 - 00000000 ____D C:\Programme\Microsoft AutoRoute

2013-08-10 19:03 - 2005-10-09 14:26 - 00000000 ____D C:\Programme\Microsoft Office

2013-08-10 19:03 - 2005-10-09 14:23 - 00000000 ____D C:\Programme\Microsoft Works Suite 2006

2013-08-10 19:03 - 2005-10-09 14:23 - 00000000 ____D C:\Programme\Microsoft Works

2013-08-10 19:03 - 2005-10-09 11:53 - 00000000 ____D C:\Programme\RALINK

2013-08-10 19:03 - 2005-10-09 11:25 - 00000000 ____D C:\Programme\Real

2013-08-10 19:03 - 2005-10-08 22:58 - 00000000 ____D C:\Programme\microsoft frontpage

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Outlook Express

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Online-Dienste

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\NetMeeting

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Movie Maker

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\Online Services

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\MSN Gaming Zone

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\MSN

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\Messenger

2013-08-10 19:03 - 2005-10-08 15:24 - 00000000 ____D C:\Programme\Intel

2013-08-10 19:03 - 2003-01-01 11:14 - 00000000 ____D C:\Programme\StreamTransport

2013-08-09 22:03 - 2005-10-09 11:11 - 00001479 _____ C:\WINDOWS\system32\InstallUtil.InstallLog

2013-08-08 17:20 - 2009-03-21 12:16 - 00002259 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Jaksta Streaming Media Recorder and Converter.lnk

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SAM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG

2013-08-08 16:34 - 2005-10-09 00:51 - 58982400 _____ C:\WINDOWS\system32\config\SOFTWARE_tureg_old

2013-08-08 16:34 - 2005-10-09 00:51 - 10485760 _____ C:\WINDOWS\system32\config\SYSTEM_tureg_old

2013-08-08 16:34 - 2005-10-08 23:51 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY_tureg_old

2013-08-08 16:29 - 2013-08-08 16:29 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG

2013-08-08 16:27 - 2005-10-09 00:51 - 00786432 _____ C:\WINDOWS\system32\config\DEFAULT_tureg_old

2013-08-08 16:27 - 2005-10-08 23:51 - 00024576 _____ C:\WINDOWS\system32\config\SAM_tureg_old

2013-08-03 13:05 - 2009-03-22 22:18 - 00001044 _____ C:\WINDOWS\Tasks\Google Software Updater.job

2013-07-30 05:34 - 2013-07-25 19:03 - 00011489 _____ C:\WINDOWS\KB2834886.log

2013-07-30 05:34 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$

2013-07-30 05:32 - 2013-07-30 05:27 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-07-27 20:29 - 2007-02-06 20:52 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2013-07-27 11:08 - 2006-04-13 15:02 - 00000174 _____ C:\WINDOWS\system32\fsbx.ini

2013-07-25 19:03 - 2013-07-25 19:03 - 00004458 _____ C:\WINDOWS\KB2834904.log

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$

2013-07-25 19:03 - 2013-07-11 16:46 - 00025336 _____ C:\WINDOWS\KB2850851.log

2013-07-25 19:02 - 2013-07-25 19:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$

2013-07-25 19:02 - 2013-07-11 16:45 - 00023359 _____ C:\WINDOWS\KB2845187.log

2013-07-25 19:00 - 2013-07-25 18:59 - 00004146 _____ C:\WINDOWS\KB2845142.log

2013-07-25 19:00 - 2013-07-25 18:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845142_WM64$
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe

[2005-10-09 07:46] - [2008-04-14 08:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 
 

C:\Windows\System32\winlogon.exe

[2005-10-09 07:46] - [2008-04-14 08:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 
 

C:\Windows\System32\svchost.exe

[2005-10-09 07:46] - [2008-04-14 08:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 
 

C:\Windows\System32\services.exe

[2008-09-18 20:21] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 
 

C:\Windows\System32\User32.dll

[2005-10-09 07:46] - [2008-04-14 08:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 
 

C:\Windows\System32\userinit.exe

[2008-09-18 20:21] - [2008-04-14 08:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 
 

C:\Windows\System32\Drivers\volsnap.sys

[2008-09-18 20:21] - [2008-04-14 08:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 
 
 

==================== End Of Log ============================

--- --- ---

kein Problem, bedeutet das, dass deine CPU Auslastung wieder normal ist?

Nur "halbnormal" Heiko. 50 % der CPU-Auslastung sind immer noch konstant vorhanden (von jqs.exe).
Wie soll ich jetzt weiter vorgehen. Soll ich jqs.exe einfach löschen?

Habe jetzt den TFC im abgesicherten Modus laufen lassen (total files cleaned 401 MB) und danach nochmal den FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-08-2013

Ran by Administrator (administrator) on 24-08-2013 11:48:29

Running from C:\

Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Safe Mode (with Networking)
 

==================== Processes (Whitelisted) ===================
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDCPL] - REM RTHDCPL.EXE [x]

HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)

HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)

HKLM\...\Run: [CHotkey] - REM mHotkey.exe [x]

HKLM\...\Run: [TrueImageMonitor.exe] - C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe [1009835 2006-01-04] (Acronis)

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [118784 2006-01-04] (Acronis)

HKLM\...\Run: [mspd] - C:\WINDOWS\system32\mspd.exe [389632 2003-08-27] ()

HKLM\...\Run: [Adobe Reader Speed Launcher] - Z:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)

HKLM\...\Run: [UpdatePDRShortCut] - z:\Programme\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)

HKLM\...\Run: [iTunesHelper] - F:\Programme\iTunes\iTunesHelper.exe [141608 2010-01-22] (Apple Inc.)

HKLM\...\Run: [] -  [x]

HKLM\...\Run: [KiesTrayAgent] - Z:\Kies\KiesTrayAgent.exe [309688 2012-11-12] (Samsung Electronics Co., Ltd.)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM\...\Run: [avgnt] - Z:\Programme\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-06] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [avast] - C:\Programme\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)

Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll [X]

Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)

HKCU\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKCU\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Programme\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB [x]

HKCU\...\RunOnce: [NeroHomeFirstStart] - "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe" [16680 2007-06-27] (Nero AG)

HKCU\...\Runonce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe [x]

HKU\Default User\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)

HKU\UpdatusUser\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKU\UpdatusUser\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)

Lsa: [Authentication Packages] msv1_0 relog_ap

Lsa: [Notification Packages] :\WINDOWS\system3

BootExecute: autocheck autochk * oodbs
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search

SearchScopes: HKLM - {074A4B8E-16EA-418f-82D3-FDF259FCC700} URL = hxxp://go.web.de/suchbox/amazon?field-keywords={searchTerms}

SearchScopes: HKLM - {5A90DDBA-05B8-4689-A5D5-F209DD8B4D62} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}

SearchScopes: HKLM - {96DEA305-33AB-4BFF-A2E3-3D9BD23472E0} URL = hxxp://go.web.de/suchbox/webdesuche?su={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {7980FFE6-9DFE-4d9d-920A-CEB86D279C79} URL = 

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: metaspinner GmbH - {84B94901-3645-4D80-A6B7-4D0050B19455} - F:\Programme\teXXas\IEButtonAmazonInterface.dll ()

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll (AVAST Software)

BHO: ZuneIEPlugin.ZuneBHO - {A8533C62-9399-4640-B36B-D1DDE91EB8B1} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

BHO: metaspinner GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - F:\Programme\teXXas\IEButtonEbayInterface.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File

Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128778405937

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141142460296

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab

DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} hxxp://www.netnews.cc/netfoto/XUpload.ocx

Handler: ipp - No CLSID Value - 

Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msdaipp - No CLSID Value - 

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)

ShellExecuteHooks: CShellExecuteHookImpl Object - {57B86673-276A-48B2-BAE7-C6DBB3020EB8} -  No File [ ]

Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\29.0.1547.57\pdf.dll ()

CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)

CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))

CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)

CHR Plugin: (Adobe Acrobat) - Z:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (iTunes Application Detector) - F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (DivX\u00AE Content Upload Plugin) - z:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)

CHR Plugin: (DivX Player Netscape Plugin) - z:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

CHR Plugin: (DivX Web Player) - z:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

CHR Plugin: (Picasa) - z:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - z:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealJukebox NS Plugin) - z:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - z:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

CHR Extension: (Google Docs) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Google Wallet Service) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0

CHR Extension: (Gmail) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Dokumente und Einstellungen\Helmut\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
 

========================== Services (Whitelisted) =================
 

S2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)

S2 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [172032 2006-01-04] (Acronis)

S4 AdminSVC; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Web.de\adminsvc.exe [180224 2006-10-12] (hablamax)

S2 AntiVirSchedulerService; Z:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-07-06] (Avira Operations GmbH & Co. KG)

S2 AntiVirService; Z:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-06] (Avira Operations GmbH & Co. KG)

S2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)

S2 avast! Antivirus; C:\Programme\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

S2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)

S4 CLCapSvc; z:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [221257 2005-12-01] ()

S4 CLSched; z:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [110663 2005-12-01] ()

S2 CyberLink Media Library Service; C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [61440 2005-12-01] (Cyberlink)

S2 DBService; C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)

S2 FSService; z:\Programme\Folder Shield\FSService.exe [45056 2006-04-13] ()

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-28] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-28] (Google Inc.)

S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-13] (Google)

S4 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)

S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545576 2010-01-22] (Apple Inc.)

S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [79136 2007-10-18] (Hewlett-Packard Company)

S3 McComponentHostService; 

S2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-20] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-08-14] (Mozilla Foundation)

S4 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)

S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)

S2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-09-23] (NVIDIA Corporation)

S2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH)

S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

S2 PSI_SVC_2; C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe [189728 2010-03-10] (Protexis Inc.)

S4 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [247152 2009-04-17] ()

S2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)

S4 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-03-13] (Ulead Systems, Inc.)

S2 vToolbarUpdater15.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-05-21] (AVG Secure Search)

S4 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)

S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]

S4 AVG Anti-Spyware Guard; F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe [x]

S2 FileZilla Server; "z:\Programme\FileZilla Server\FileZilla Server.exe" [x]

S2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
 

==================== Drivers (Whitelisted) ====================
 

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [826752 2005-12-06] (Philips Semiconductors GmbH)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)

S2 A4SII300; C:\Windows\System32\drivers\A4SII300.SYS [25632 1998-02-26] (Microsoft Corporation)

S2 acedrv11; C:\WINDOWS\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

S2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [19915 2005-10-09] (Meetinghouse Data Communications)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)

R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)

S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)

R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)

S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()

S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-22] (AVAST Software)

S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-22] (AVAST Software)

S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)

S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-22] ()

S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [13696 2008-04-14] (Microsoft Corporation)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-05-21] (AVG Technologies)

S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)

S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

R0 bxShield; C:\Windows\System32\Drivers\bxShield.sys [45056 2006-04-13] (Alfa Corporation)

R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)

S1 cdrport; C:\Windows\System32\DRIVERS\cdrport.sys [4608 2005-03-11] (Canopus Co,. Ltd.)

R3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [72320 2005-10-04] (C-Media Corporation)

R3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-09-17] ()

S3 GT680x; C:\Windows\System32\Drivers\Gt680x.sys [17504 2003-02-19] (   )

S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)

S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)

S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [49024 2008-04-14] (Microsoft Corporation)

S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)

S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)

S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)

R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)

S1 PQNTDrv; C:\Windows\System32\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation)

R3 RT2500USB; C:\Windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)

R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [642560 2008-09-16] ()

S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-07-20] (RapidSolution Software AG)

R1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)

S2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [30688 2008-10-09] (Acronis)

S3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-08] (TuneUp Software)

S3 usbsermptxp; C:\Windows\System32\DRIVERS\usbsermptxp.sys [25600 2007-12-22] (Microsoft Corporation)

R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [117248 2008-01-22] (VIA Technologies inc,.ltd)

R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)

R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)

S3 akshhl; system32\DRIVERS\akshhl.sys [x]

S1 AVG Anti-Spyware Driver; \??\F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.sys [x]

S1 AvgAsCln; System32\DRIVERS\AvgAsCln.sys [x]

S4 IntelIde; No ImagePath

S0 rseb; No ImagePath

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-24 11:22 - 2013-08-24 11:22 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2013-08-24 11:22 - 2013-08-24 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2013-08-24 11:22 - 2013-08-24 11:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-08-24 11:03 - 2013-08-24 10:11 - 00448512 _____ (OldTimer Tools) C:\TFC.exe

2013-08-23 17:28 - 2013-08-23 17:28 - 00001891 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000700 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000000 ____D C:\Programme\Mozilla Maintenance Service

2013-08-22 19:51 - 2013-08-22 19:51 - 00001781 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk

2013-08-22 19:51 - 2013-08-22 19:51 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce9f604adfe6ec.job

2013-08-22 19:49 - 2013-08-23 05:41 - 00000370 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-08-22 19:49 - 2013-08-22 19:49 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00001657 _____ C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum

2013-08-22 19:49 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys

2013-08-22 19:49 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2013-08-22 19:29 - 2013-08-22 19:29 - 00000000 ____D C:\Programme\AVAST Software

2013-08-22 19:29 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2013-08-22 17:28 - 2013-08-22 17:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$

2013-08-19 18:00 - 2013-08-19 18:00 - 00000000 ____D C:\Programme\ESET

2013-08-19 17:47 - 2013-08-19 17:47 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\PrivacIE

2013-08-15 07:09 - 2013-08-15 07:09 - 00006154 _____ C:\WINDOWS\KB2863058.log

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

2013-08-14 09:01 - 2013-08-14 09:01 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

2013-08-14 07:17 - 2013-08-22 17:29 - 00014930 _____ C:\WINDOWS\KB2850869.log

2013-08-14 07:17 - 2013-08-15 07:09 - 00012682 _____ C:\WINDOWS\KB2859537.log

2013-08-13 20:57 - 2013-08-13 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\mbam-setup-1.75.0.1300.exe

2013-08-13 09:41 - 2013-08-13 09:41 - 00000000 ____D C:\WINDOWS\ERUNT

2013-08-12 11:59 - 2013-08-12 11:59 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\IETldCache

2013-08-12 09:28 - 2013-08-19 17:03 - 00000000 ____D C:\FRST

2013-08-11 08:38 - 2013-08-11 19:55 - 00000000 ____D C:\Programme\WinZipper

2013-08-09 22:01 - 2013-08-10 21:02 - 00000000 ____D C:\Programme\Check Point Software Technologies LTD

2013-08-09 22:00 - 2013-08-10 21:02 - 00000000 ____D C:\Programme\East Imperial Soft

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SAM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG

2013-08-08 16:29 - 2013-08-08 16:29 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG

2013-08-06 11:02 - 2013-08-10 19:03 - 00000000 ____D C:\Programme\MSECache

2013-07-30 05:27 - 2013-07-30 05:32 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-07-25 19:03 - 2013-07-30 05:34 - 00011489 _____ C:\WINDOWS\KB2834886.log

2013-07-25 19:03 - 2013-07-30 05:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$

2013-07-25 19:03 - 2013-07-25 19:03 - 00004458 _____ C:\WINDOWS\KB2834904.log

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$

2013-07-25 19:02 - 2013-07-25 19:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$

2013-07-25 18:59 - 2013-07-25 19:00 - 00004146 _____ C:\WINDOWS\KB2845142.log

2013-07-25 18:59 - 2013-07-25 19:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845142_WM64$
 

==================== One Month Modified Files and Folders =======
 

2013-08-24 11:47 - 2005-10-09 07:46 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl

2013-08-24 11:46 - 2007-01-27 10:54 - 00924498 _____ C:\WINDOWS\system32\OODBS.lor

2013-08-24 11:45 - 2011-02-18 20:03 - 00327680 _____ C:\WINDOWS\system32\config\TuneUp.evt

2013-08-24 11:45 - 2006-06-06 20:48 - 00000275 _____ C:\WINDOWS\wiadebug.log

2013-08-24 11:45 - 2006-06-06 20:48 - 00000052 _____ C:\WINDOWS\wiaservc.log

2013-08-24 11:45 - 2006-06-06 17:53 - 02022403 _____ C:\WINDOWS\WindowsUpdate.log

2013-08-24 11:40 - 2012-04-12 17:37 - 00008071 _____ C:\WINDOWS\setupact.log

2013-08-24 11:22 - 2013-08-24 11:22 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2013-08-24 11:22 - 2013-08-24 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2013-08-24 11:22 - 2013-08-24 11:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-08-24 11:22 - 2005-10-08 23:52 - 00000000 ___RD C:\Programme

2013-08-24 11:09 - 2010-11-05 19:18 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini

2013-08-24 10:35 - 2006-06-06 18:02 - 00000000 ____D C:\Dokumente und Einstellungen\Helmut

2013-08-24 10:11 - 2013-08-24 11:03 - 00448512 _____ (OldTimer Tools) C:\TFC.exe

2013-08-23 18:34 - 2013-08-24 11:39 - 01070315 _____ (Farbar) C:\FRST.exe

2013-08-23 17:28 - 2013-08-23 17:28 - 00001891 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk

2013-08-23 17:28 - 2005-10-09 12:25 - 00000000 ____D C:\Programme\Google

2013-08-23 05:41 - 2013-08-22 19:49 - 00000370 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-08-22 20:36 - 2013-08-22 20:36 - 00000700 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000000 ____D C:\Programme\Mozilla Maintenance Service

2013-08-22 20:35 - 2009-03-22 12:16 - 00000000 ____D C:\Programme\Mozilla Firefox

2013-08-22 19:56 - 2007-01-27 10:57 - 00000000 ____D C:\WINDOWS\system32\oodag

2013-08-22 19:51 - 2013-08-22 19:51 - 00001781 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk

2013-08-22 19:51 - 2013-08-22 19:51 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce9f604adfe6ec.job

2013-08-22 19:49 - 2013-08-22 19:49 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00001657 _____ C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum

2013-08-22 19:49 - 2005-10-08 22:57 - 00003000 _____ C:\WINDOWS\system32\config.nt

2013-08-22 19:29 - 2013-08-22 19:29 - 00000000 ____D C:\Programme\AVAST Software

2013-08-22 17:47 - 2005-10-08 15:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET

2013-08-22 17:35 - 2012-06-07 13:32 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-08-22 17:32 - 2005-10-08 23:52 - 01166212 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-08-22 17:29 - 2013-08-22 17:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$

2013-08-22 17:29 - 2013-08-14 07:17 - 00014930 _____ C:\WINDOWS\KB2850869.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00756252 _____ C:\WINDOWS\setupapi.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00517343 _____ C:\WINDOWS\FaxSetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00248304 _____ C:\WINDOWS\ocgen.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00198156 _____ C:\WINDOWS\tsoc.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00172496 _____ C:\WINDOWS\comsetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00104470 _____ C:\WINDOWS\ntdtcsetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00082802 _____ C:\WINDOWS\iis6.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00028728 _____ C:\WINDOWS\ocmsn.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00025956 _____ C:\WINDOWS\msgsocm.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00001374 _____ C:\WINDOWS\imsins.log

2013-08-22 17:29 - 2012-04-12 17:36 - 00084745 _____ C:\WINDOWS\updspapi.log

2013-08-20 20:24 - 2013-06-20 18:30 - 00000000 ____D C:\Magazin-1

2013-08-20 19:54 - 2006-06-07 19:57 - 00000116 _____ C:\WINDOWS\NeroDigital.ini

2013-08-20 18:30 - 2005-10-09 14:27 - 00000400 _____ C:\WINDOWS\ODBC.INI

2013-08-19 18:00 - 2013-08-19 18:00 - 00000000 ____D C:\Programme\ESET

2013-08-19 17:47 - 2013-08-19 17:47 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\PrivacIE

2013-08-19 17:47 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe

2013-08-19 17:47 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator

2013-08-19 17:03 - 2013-08-12 09:28 - 00000000 ____D C:\FRST

2013-08-18 15:30 - 2013-06-22 08:58 - 00007680 ___SH C:\WINDOWS\Thumbs.db

2013-08-18 12:58 - 2012-04-01 10:57 - 00023405 _____ C:\WINDOWS\wmsetup.log

2013-08-18 09:47 - 2006-06-16 12:16 - 00005134 _____ C:\WINDOWS\xnview.ini

2013-08-17 17:41 - 2013-06-20 16:56 - 00000000 ____D C:\Programme\Hybrid

2013-08-17 17:41 - 2012-07-19 19:14 - 00000000 ____D C:\Programme\TuneUp Utilities 2012

2013-08-17 12:24 - 2006-06-11 09:50 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2013-08-17 11:22 - 2005-10-08 22:56 - 00000000 ____D C:\WINDOWS\Registration

2013-08-15 07:09 - 2013-08-15 07:09 - 00006154 _____ C:\WINDOWS\KB2863058.log

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

2013-08-15 07:09 - 2013-08-14 07:17 - 00012682 _____ C:\WINDOWS\KB2859537.log

2013-08-15 07:09 - 2012-04-12 17:37 - 00001374 _____ C:\WINDOWS\imsins.BAK

2013-08-15 07:09 - 2007-02-18 04:01 - 00883452 _____ C:\WINDOWS\system32\TZLog.log

2013-08-14 09:28 - 2012-12-27 10:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2753842-v2$

2013-08-14 09:28 - 2009-03-11 22:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB959772_WM11$

2013-08-14 09:01 - 2013-08-14 09:01 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

2013-08-13 20:57 - 2013-08-13 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\mbam-setup-1.75.0.1300.exe

2013-08-13 20:48 - 2006-06-17 09:33 - 00001966 _____ C:\WINDOWS\Ulead32.ini

2013-08-13 18:48 - 2005-10-08 23:52 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente

2013-08-13 09:41 - 2013-08-13 09:41 - 00000000 ____D C:\WINDOWS\ERUNT

2013-08-13 09:35 - 2012-04-09 10:41 - 00000000 ____D C:\Programme\Gemeinsame Dateien\AVG Secure Search

2013-08-12 11:59 - 2013-08-12 11:59 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\IETldCache

2013-08-11 19:55 - 2013-08-11 08:38 - 00000000 ____D C:\Programme\WinZipper

2013-08-11 19:55 - 2005-10-08 23:51 - 00430984 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-08-11 19:54 - 2005-10-08 23:00 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService

2013-08-11 19:54 - 2005-10-08 23:00 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService

2013-08-11 19:53 - 2006-06-06 17:54 - 00032452 _____ C:\WINDOWS\SchedLgU.Txt

2013-08-11 19:53 - 2005-10-08 23:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-08-11 09:05 - 2009-12-28 08:49 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-10 21:03 - 2005-10-08 23:52 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü

2013-08-10 21:02 - 2013-08-09 22:01 - 00000000 ____D C:\Programme\Check Point Software Technologies LTD

2013-08-10 21:02 - 2013-08-09 22:00 - 00000000 ____D C:\Programme\East Imperial Soft

2013-08-10 21:02 - 2013-07-17 21:20 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Uniblue

2013-08-10 21:02 - 2013-07-17 21:00 - 00000000 ____D C:\Programme\DVDVideoSoft

2013-08-10 21:02 - 2013-07-09 17:07 - 00000000 ____D C:\Programme\DsNET Corp

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ___SD C:\Dokumente und Einstellungen\UpdatusUser\UserData

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ___RD C:\Dokumente und Einstellungen\UpdatusUser\Startmenü

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ____D C:\Dokumente und Einstellungen\UpdatusUser\WINDOWS

2013-08-10 21:02 - 2013-06-27 14:52 - 00000000 ____D C:\NVIDIA

2013-08-10 21:02 - 2013-06-20 18:15 - 00000000 ____D C:\Programme\Greenshot

2013-08-10 21:02 - 2013-06-19 16:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Skype

2013-08-10 21:02 - 2013-05-23 17:22 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft

2013-08-10 21:02 - 2013-03-09 21:46 - 00000000 ____D C:\Programme\CheckPoint

2013-08-10 21:02 - 2012-12-12 19:21 - 00000000 ____D C:\Programme\Dropbox

2013-08-10 21:02 - 2012-03-04 20:51 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot(3)

2013-08-10 21:02 - 2012-03-04 20:51 - 00000000 ____D C:\Programme\Application Updater(3)

2013-08-10 21:02 - 2011-09-20 14:59 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Protexis

2013-08-10 21:02 - 2011-09-11 14:36 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Corel

2013-08-10 21:02 - 2011-09-10 20:45 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot(2)

2013-08-10 21:02 - 2011-09-10 20:45 - 00000000 ____D C:\Programme\Application Updater(2)

2013-08-10 21:02 - 2011-02-26 17:45 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Aladdin Shared

2013-08-10 21:02 - 2011-02-26 14:19 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Aladdin Shared(2)

2013-08-10 21:02 - 2011-02-19 14:38 - 00000000 ____D C:\Programme\CodecOption

2013-08-10 21:02 - 2010-11-27 16:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Snell & Wilcox Shared

2013-08-10 21:02 - 2010-11-27 16:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Grass Valley

2013-08-10 21:02 - 2010-11-24 21:37 - 00000000 ____D C:\Programme\directx

2013-08-10 21:02 - 2010-11-23 20:14 - 00000000 ____D C:\MappedFiles

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___SD C:\Dokumente und Einstellungen\Administrator\UserData

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Startmenü

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Dokumente

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\WINDOWS

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Mein Geld

2013-08-10 21:02 - 2009-11-27 20:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\CyberLink

2013-08-10 21:02 - 2009-11-27 20:23 - 00000000 ____D C:\Dokumente und Einstellungen\Besitzer\Startmenü

2013-08-10 21:02 - 2009-11-21 22:16 - 00000000 ____D C:\Programme\Bonjour

2013-08-10 21:02 - 2009-11-11 20:38 - 00000000 ____D C:\Programme\AVS4YOU

2013-08-10 21:02 - 2009-11-01 14:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Apple

2013-08-10 21:02 - 2009-07-05 12:11 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SWF Studio

2013-08-10 21:02 - 2008-12-19 20:32 - 00000000 ____D C:\Programme\DATA BECKER

2013-08-10 21:02 - 2008-12-16 19:43 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DATA BECKER Shared

2013-08-10 21:02 - 2008-10-29 19:59 - 00000000 ____D C:\Intel

2013-08-10 21:02 - 2008-10-27 18:37 - 00000000 ____D C:\Programme\BearPaw 2448TA Plus

2013-08-10 21:02 - 2008-10-21 21:12 - 00000000 ____D C:\Programme\Gemeinsame Dateien\TechSmith Shared

2013-08-10 21:02 - 2008-10-09 19:03 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Acronis

2013-08-10 21:02 - 2008-10-09 19:03 - 00000000 ____D C:\Programme\Acronis

2013-08-10 21:02 - 2008-10-09 17:42 - 00000000 ____D C:\Programme\Canon

2013-08-10 21:02 - 2008-10-09 17:36 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Canon

2013-08-10 21:02 - 2008-09-16 20:58 - 00000000 ____D C:\Programme\Gemeinsame Dateien\xing shared

2013-08-10 21:02 - 2007-12-22 18:20 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Motorola Shared

2013-08-10 21:02 - 2007-06-18 20:16 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SONY Digital Images

2013-08-10 21:02 - 2007-06-10 12:27 - 00000000 ____D C:\Programme\Gemeinsame Dateien\AVSMedia

2013-08-10 21:02 - 2007-02-07 19:28 - 00000000 ____D C:\Programme\Codec Pack - All In 1

2013-08-10 21:02 - 2007-02-06 20:52 - 00000000 ____D C:\Programme\Apple Software Update

2013-08-10 21:02 - 2007-01-21 22:50 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe

2013-08-10 21:02 - 2007-01-10 14:32 - 00000000 ____D C:\Dokumente und Einstellungen\Besitzer

2013-08-10 21:02 - 2006-10-08 15:03 - 00000000 ____D C:\Programme\Canopus

2013-08-10 21:02 - 2006-08-03 08:39 - 00000000 ____D C:\Programme\Gemeinsame Dateien\ODBC

2013-08-10 21:02 - 2006-07-01 09:43 - 00000000 ____D C:\Programme\AOL

2013-08-10 21:02 - 2006-06-16 11:29 - 00000000 ____D C:\Programme\Digitale Telefonauskunft

2013-08-10 21:02 - 2006-06-07 19:00 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InterVideo

2013-08-10 21:02 - 2006-06-07 19:00 - 00000000 ____D C:\Programme\Creative

2013-08-10 21:02 - 2006-06-07 18:38 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Canopus Shared

2013-08-10 21:02 - 2006-06-07 18:04 - 00000000 ____D C:\MSCAN

2013-08-10 21:02 - 2006-06-06 20:58 - 00000000 ____D C:\Programme\Dornier GmbH

2013-08-10 21:02 - 2006-06-06 20:07 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Ulead Systems

2013-08-10 21:02 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DESIGNER

2013-08-10 21:02 - 2006-02-28 16:57 - 00000000 ____D C:\Programme\Gemeinsame Dateien\aol

2013-08-10 21:02 - 2006-02-28 16:07 - 00000000 ____D C:\Programme\Home Cinema

2013-08-10 21:02 - 2006-02-28 16:07 - 00000000 ____D C:\Programme\CyberLink

2013-08-10 21:02 - 2006-02-28 16:03 - 00000000 ____D C:\Programme\Gemeinsame Dateien\LightScribe

2013-08-10 21:02 - 2006-02-28 16:02 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Ahead

2013-08-10 21:02 - 2006-02-28 16:02 - 00000000 ____D C:\Programme\Ahead

2013-08-10 21:02 - 2006-02-28 16:01 - 00000000 ____D C:\PCM

2013-08-10 21:02 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java

2013-08-10 21:02 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Adobe

2013-08-10 21:02 - 2006-02-28 15:51 - 00000000 ____D C:\Programme\C-Media USB2.0 Card Reader

2013-08-10 21:02 - 2005-10-09 14:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MAGIX Shared

2013-08-10 21:02 - 2005-10-09 14:55 - 00000000 ____D C:\Programme\ALDI Sued Foto Service

2013-08-10 21:02 - 2005-10-09 14:49 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DataDesign

2013-08-10 21:02 - 2005-10-09 14:46 - 00000000 ____D C:\Programme\Gemeinsame Dateien\muvee Technologies

2013-08-10 21:02 - 2005-10-09 14:33 - 00000000 ____D C:\Programme\Encarta

2013-08-10 21:02 - 2005-10-09 12:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Nullsoft

2013-08-10 21:02 - 2005-10-09 12:25 - 00000000 ____D C:\Programme\DivX

2013-08-10 21:02 - 2005-10-09 11:25 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Real

2013-08-10 21:02 - 2005-10-08 23:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SpeechEngines

2013-08-10 21:02 - 2005-10-08 23:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Microsoft Shared

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\System

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MSSoap

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Dienste

2013-08-10 21:02 - 2005-10-08 15:59 - 00000000 ____D C:\Programme\HighMAT CD Writing Wizard

2013-08-10 21:02 - 2005-10-08 15:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InstallShield

2013-08-10 19:03 - 2013-08-06 11:02 - 00000000 ____D C:\Programme\MSECache

2013-08-10 19:03 - 2013-07-07 20:43 - 00000000 ____D C:\Programme\Ontrack

2013-08-10 19:03 - 2013-06-20 18:06 - 00000000 ____D C:\Programme\MediaInfo

2013-08-10 19:03 - 2013-04-13 18:52 - 00000000 ____D C:\Programme\NVIDIA Corporation

2013-08-10 19:03 - 2013-04-05 19:07 - 00000000 ____D C:\Programme\NCH Software

2013-08-10 19:03 - 2013-03-29 17:06 - 00000000 ____D C:\Programme\SIW

2013-08-10 19:03 - 2012-07-05 20:03 - 00000000 ____D C:\Programme\MarkAny

2013-08-10 19:03 - 2012-06-26 20:29 - 00000000 ____D C:\Programme\Office 2007

2013-08-10 19:03 - 2011-09-20 15:00 - 00000000 ____D C:\Programme\Microsoft SDKs

2013-08-10 19:03 - 2011-09-10 22:26 - 00000000 ____D C:\Programme\Microsoft Visual Studio 9.0

2013-08-10 19:03 - 2011-03-10 21:05 - 00000000 ____D C:\Programme\Microsoft Silverlight

2013-08-10 19:03 - 2010-02-13 22:01 - 00000000 ____D C:\Programme\iPod

2013-08-10 19:03 - 2009-11-27 20:23 - 00000000 ____D C:\Programme\SmartSound Software

2013-08-10 19:03 - 2009-08-15 14:40 - 00000000 ____D C:\Programme\Reference Assemblies

2013-08-10 19:03 - 2009-08-15 14:40 - 00000000 ____D C:\Programme\MSBuild

2013-08-10 19:03 - 2009-08-15 14:37 - 00000000 ____D C:\Programme\MSXML 6.0

2013-08-10 19:03 - 2009-07-30 09:56 - 00000000 ____D C:\Programme\Sony

2013-08-10 19:03 - 2008-10-28 21:59 - 00000000 ____D C:\Programme\Trend Micro

2013-08-10 19:03 - 2008-10-09 20:59 - 00000000 ____D C:\Programme\Kaspersky Lab

2013-08-10 19:03 - 2007-12-22 16:53 - 00000000 ____D C:\Programme\Motorola Phone Tools

2013-08-10 19:03 - 2007-02-25 18:27 - 00000000 ____D C:\Programme\Multi_Media_Germany

2013-08-10 19:03 - 2007-02-11 18:49 - 00000000 ____D C:\Programme\Nero

2013-08-10 19:03 - 2006-11-19 21:11 - 00000000 ____D C:\Programme\MSXML 4.0

2013-08-10 19:03 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Microsoft.NET

2013-08-10 19:03 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Microsoft Visual Studio

2013-08-10 19:03 - 2006-02-28 18:22 - 00000000 ____D C:\Programme\MSN Messenger

2013-08-10 19:03 - 2006-02-28 16:57 - 00000000 ____D C:\Programme\Learn2.com

2013-08-10 19:03 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Java

2013-08-10 19:03 - 2006-02-28 15:52 - 00000000 ____D C:\Programme\Medion Info Display

2013-08-10 19:03 - 2006-01-30 12:25 - 00000000 ____D C:\Programme\Realtek

2013-08-10 19:03 - 2005-10-09 19:13 - 00000000 ____D C:\Programme\NVIDIA Demo Kiosk

2013-08-10 19:03 - 2005-10-09 14:46 - 00000000 ____D C:\Programme\muvee Technologies

2013-08-10 19:03 - 2005-10-09 14:36 - 00000000 ____D C:\Programme\Microsoft AutoRoute

2013-08-10 19:03 - 2005-10-09 14:26 - 00000000 ____D C:\Programme\Microsoft Office

2013-08-10 19:03 - 2005-10-09 14:23 - 00000000 ____D C:\Programme\Microsoft Works Suite 2006

2013-08-10 19:03 - 2005-10-09 14:23 - 00000000 ____D C:\Programme\Microsoft Works

2013-08-10 19:03 - 2005-10-09 11:53 - 00000000 ____D C:\Programme\RALINK

2013-08-10 19:03 - 2005-10-09 11:25 - 00000000 ____D C:\Programme\Real

2013-08-10 19:03 - 2005-10-08 22:58 - 00000000 ____D C:\Programme\microsoft frontpage

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Outlook Express

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Online-Dienste

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\NetMeeting

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Movie Maker

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\Online Services

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\MSN Gaming Zone

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\MSN

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\Messenger

2013-08-10 19:03 - 2005-10-08 15:24 - 00000000 ____D C:\Programme\Intel

2013-08-10 19:03 - 2003-01-01 11:14 - 00000000 ____D C:\Programme\StreamTransport

2013-08-09 22:03 - 2005-10-09 11:11 - 00001479 _____ C:\WINDOWS\system32\InstallUtil.InstallLog

2013-08-08 17:20 - 2009-03-21 12:16 - 00002259 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Jaksta Streaming Media Recorder and Converter.lnk

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SAM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG

2013-08-08 16:34 - 2005-10-09 00:51 - 58982400 _____ C:\WINDOWS\system32\config\SOFTWARE_tureg_old

2013-08-08 16:34 - 2005-10-09 00:51 - 10485760 _____ C:\WINDOWS\system32\config\SYSTEM_tureg_old

2013-08-08 16:34 - 2005-10-08 23:51 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY_tureg_old

2013-08-08 16:29 - 2013-08-08 16:29 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG

2013-08-08 16:27 - 2005-10-09 00:51 - 00786432 _____ C:\WINDOWS\system32\config\DEFAULT_tureg_old

2013-08-08 16:27 - 2005-10-08 23:51 - 00024576 _____ C:\WINDOWS\system32\config\SAM_tureg_old

2013-08-03 13:05 - 2009-03-22 22:18 - 00001044 _____ C:\WINDOWS\Tasks\Google Software Updater.job

2013-07-30 05:34 - 2013-07-25 19:03 - 00011489 _____ C:\WINDOWS\KB2834886.log

2013-07-30 05:34 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$

2013-07-30 05:32 - 2013-07-30 05:27 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-07-27 20:29 - 2007-02-06 20:52 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2013-07-27 11:08 - 2006-04-13 15:02 - 00000174 _____ C:\WINDOWS\system32\fsbx.ini

2013-07-25 19:03 - 2013-07-25 19:03 - 00004458 _____ C:\WINDOWS\KB2834904.log

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$

2013-07-25 19:03 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$

2013-07-25 19:03 - 2013-07-11 16:46 - 00025336 _____ C:\WINDOWS\KB2850851.log

2013-07-25 19:02 - 2013-07-25 19:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$

2013-07-25 19:02 - 2013-07-11 16:45 - 00023359 _____ C:\WINDOWS\KB2845187.log

2013-07-25 19:00 - 2013-07-25 18:59 - 00004146 _____ C:\WINDOWS\KB2845142.log

2013-07-25 19:00 - 2013-07-25 18:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845142_WM64$
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe

[2005-10-09 07:46] - [2008-04-14 08:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 
 

C:\Windows\System32\winlogon.exe

[2005-10-09 07:46] - [2008-04-14 08:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 
 

C:\Windows\System32\svchost.exe

[2005-10-09 07:46] - [2008-04-14 08:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 
 

C:\Windows\System32\services.exe

[2008-09-18 20:21] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 
 

C:\Windows\System32\User32.dll

[2005-10-09 07:46] - [2008-04-14 08:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 
 

C:\Windows\System32\userinit.exe

[2008-09-18 20:21] - [2008-04-14 08:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 
 

C:\Windows\System32\Drivers\volsnap.sys

[2008-09-18 20:21] - [2008-04-14 08:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 
 
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Nachtrag:
Hallo Heiko,
habe jetzt in der Systemsteuerung auf das JAVA-Bedienfeld gedrückt, die Registerkarte „erweitert“ angeklickt und unter „Verschiedenes“ das Kontrollkästen für den Java Quick Starter (jqs) deaktiviert.
Die CPU-Auslastung liegt jetzt bei 3-4 % !!!
Mal schauen, ob ich da was von Java vermisse.
Schöne Grüße
Helmut

Hi Helmut

warum machst du die Scannes mit FRST aus dem Safemode (Abgesicherten Modus) ?
bitte erstelle ein neues FRST Logfile aus dem normalen Modus...
dann sehen wir ob die Kiste "sauber" ist.

Hi Heiko,
im Normalmodus bleibt der Vorgang regelmäßig hängen. War für mich immer umständlich, die Scans im abgesicherten Modus zu machen. Warum s nicht ging – keine Ahnung.

ok kein Problem, ich schau mir die Logfiles nochmal an und meld mich morgen mit neuen Erkenntnissen ;) gute Nacht

Hi Helmut

wer suchet der findet....

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

HKLM\...\Run: [mspd] - C:\WINDOWS\system32\mspd.exe [389632 2003-08-27] ()

Lsa: [Notification Packages] :\WINDOWS\system3

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

C:\WINDOWS\system32\mspd.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Bitte nach dem Fix das Fixlogfile und ein neues FRST Logfile aus dem Normalmodus posten...

Hallo Heiko,
da bin ich schon wieder. Nach wie vor läuft FRST nicht im Normalmodus. Bereits nach 1 Sekunde bleibt der Scan stehen. Sorry

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-08-2013

Ran by Administrator at 2013-08-25 18:47:46 Run:2

Running from C:\

Boot Mode: Safe Mode (with Networking)
 

==============================================
 

Content of fixlist:

*****************

HKLM\...\Run: [mspd] - C:\WINDOWS\system32\mspd.exe [389632 2003-08-27] ()

Lsa: [Notification Packages] :\WINDOWS\system3

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

C:\WINDOWS\system32\mspd.exe

*****************
 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mspd => Value deleted successfully.

HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => Value was restored successfully.

Winsock - Google Desktop Search Backup Before First Install => Service deleted successfully.

Winsock - Google Desktop Search Backup Before Last Install => Service deleted successfully.

C:\WINDOWS\system32\mspd.exe => Moved successfully.
 

==== End of Fixlog ====

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-08-2013

Ran by Administrator (administrator) on 25-08-2013 19:01:20

Running from C:\

Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Safe Mode (with Networking)
 

==================== Processes (Whitelisted) ===================
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDCPL] - REM RTHDCPL.EXE [x]

HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)

HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)

HKLM\...\Run: [CHotkey] - REM mHotkey.exe [x]

HKLM\...\Run: [TrueImageMonitor.exe] - C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe [1009835 2006-01-04] (Acronis)

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [118784 2006-01-04] (Acronis)

HKLM\...\Run: [Adobe Reader Speed Launcher] - Z:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)

HKLM\...\Run: [UpdatePDRShortCut] - z:\Programme\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)

HKLM\...\Run: [iTunesHelper] - F:\Programme\iTunes\iTunesHelper.exe [141608 2010-01-22] (Apple Inc.)

HKLM\...\Run: [] -  [x]

HKLM\...\Run: [KiesTrayAgent] - Z:\Kies\KiesTrayAgent.exe [309688 2012-11-12] (Samsung Electronics Co., Ltd.)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM\...\Run: [avgnt] - Z:\Programme\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-06] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [avast] - C:\Programme\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)

Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll [X]

Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)

HKCU\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKCU\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Programme\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB [x]

HKCU\...\RunOnce: [NeroHomeFirstStart] - "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe" [16680 2007-06-27] (Nero AG)

HKCU\...\Runonce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe [x]

HKU\Default User\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)

HKU\UpdatusUser\...\Run: [AOLMIcon] - C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe [x]

HKU\UpdatusUser\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)

Lsa: [Authentication Packages] msv1_0 relog_ap

BootExecute: autocheck autochk * oodbs
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search

SearchScopes: HKLM - {074A4B8E-16EA-418f-82D3-FDF259FCC700} URL = hxxp://go.web.de/suchbox/amazon?field-keywords={searchTerms}

SearchScopes: HKLM - {5A90DDBA-05B8-4689-A5D5-F209DD8B4D62} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}

SearchScopes: HKLM - {96DEA305-33AB-4BFF-A2E3-3D9BD23472E0} URL = hxxp://go.web.de/suchbox/webdesuche?su={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {7980FFE6-9DFE-4d9d-920A-CEB86D279C79} URL = 

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: metaspinner GmbH - {84B94901-3645-4D80-A6B7-4D0050B19455} - F:\Programme\teXXas\IEButtonAmazonInterface.dll ()

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll (AVAST Software)

BHO: ZuneIEPlugin.ZuneBHO - {A8533C62-9399-4640-B36B-D1DDE91EB8B1} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

BHO: metaspinner GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - F:\Programme\teXXas\IEButtonEbayInterface.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File

Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128778405937

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141142460296

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab

DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} hxxp://www.netnews.cc/netfoto/XUpload.ocx

Handler: ipp - No CLSID Value - 

Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msdaipp - No CLSID Value - 

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)

ShellExecuteHooks: CShellExecuteHookImpl Object - {57B86673-276A-48B2-BAE7-C6DBB3020EB8} -  No File [ ]

Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\29.0.1547.57\pdf.dll ()

CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)

CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))

CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)

CHR Plugin: (Adobe Acrobat) - Z:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - Z:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (iTunes Application Detector) - F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (DivX\u00AE Content Upload Plugin) - z:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)

CHR Plugin: (DivX Player Netscape Plugin) - z:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

CHR Plugin: (DivX Web Player) - z:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

CHR Plugin: (Picasa) - z:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - z:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealJukebox NS Plugin) - z:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - z:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

CHR Extension: (Google Docs) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Google Wallet Service) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0

CHR Extension: (Gmail) - C:\DOKUME~1\ADMINI~1\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Dokumente und Einstellungen\Helmut\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
 

========================== Services (Whitelisted) =================
 

S2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)

S2 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [172032 2006-01-04] (Acronis)

S4 AdminSVC; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Web.de\adminsvc.exe [180224 2006-10-12] (hablamax)

S2 AntiVirSchedulerService; Z:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-07-06] (Avira Operations GmbH & Co. KG)

S2 AntiVirService; Z:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-06] (Avira Operations GmbH & Co. KG)

S2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)

S2 avast! Antivirus; C:\Programme\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

S2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)

S4 CLCapSvc; z:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [221257 2005-12-01] ()

S4 CLSched; z:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [110663 2005-12-01] ()

S2 CyberLink Media Library Service; C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [61440 2005-12-01] (Cyberlink)

S2 DBService; C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)

S2 FSService; z:\Programme\Folder Shield\FSService.exe [45056 2006-04-13] ()

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-28] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-28] (Google Inc.)

S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-13] (Google)

S4 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)

S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545576 2010-01-22] (Apple Inc.)

S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [79136 2007-10-18] (Hewlett-Packard Company)

S2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-20] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-08-14] (Mozilla Foundation)

S4 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)

S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)

S2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-09-23] (NVIDIA Corporation)

S2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH)

S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

S2 PSI_SVC_2; C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe [189728 2010-03-10] (Protexis Inc.)

S4 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [247152 2009-04-17] ()

S2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)

S4 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-03-13] (Ulead Systems, Inc.)

S2 vToolbarUpdater15.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-05-21] (AVG Secure Search)

S4 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)

S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]

S4 AVG Anti-Spyware Guard; F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe [x]

S2 FileZilla Server; "z:\Programme\FileZilla Server\FileZilla Server.exe" [x]

S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
 

==================== Drivers (Whitelisted) ====================
 

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [826752 2005-12-06] (Philips Semiconductors GmbH)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)

S2 A4SII300; C:\Windows\System32\drivers\A4SII300.SYS [25632 1998-02-26] (Microsoft Corporation)

S2 acedrv11; C:\WINDOWS\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

S2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [19915 2005-10-09] (Meetinghouse Data Communications)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)

R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)

S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)

R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)

S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()

S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-22] (AVAST Software)

S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-22] (AVAST Software)

S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)

S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-22] ()

S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [13696 2008-04-14] (Microsoft Corporation)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-05-21] (AVG Technologies)

S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)

S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)

R0 bxShield; C:\Windows\System32\Drivers\bxShield.sys [45056 2006-04-13] (Alfa Corporation)

R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)

S1 cdrport; C:\Windows\System32\DRIVERS\cdrport.sys [4608 2005-03-11] (Canopus Co,. Ltd.)

R3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [72320 2005-10-04] (C-Media Corporation)

R3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-09-17] ()

S3 GT680x; C:\Windows\System32\Drivers\Gt680x.sys [17504 2003-02-19] (   )

S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)

S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)

S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [49024 2008-04-14] (Microsoft Corporation)

S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)

S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)

S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)

R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)

S1 PQNTDrv; C:\Windows\System32\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation)

R3 RT2500USB; C:\Windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)

R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [642560 2008-09-16] ()

S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-07-20] (RapidSolution Software AG)

R1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)

S2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [30688 2008-10-09] (Acronis)

S3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-08] (TuneUp Software)

S3 usbsermptxp; C:\Windows\System32\DRIVERS\usbsermptxp.sys [25600 2007-12-22] (Microsoft Corporation)

R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [117248 2008-01-22] (VIA Technologies inc,.ltd)

R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)

R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)

S3 akshhl; system32\DRIVERS\akshhl.sys [x]

S1 AVG Anti-Spyware Driver; \??\F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.sys [x]

S1 AvgAsCln; System32\DRIVERS\AvgAsCln.sys [x]

S4 IntelIde; No ImagePath

S0 rseb; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-24 14:25 - 2013-08-22 18:36 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot.exe

2013-08-24 11:39 - 2013-08-23 18:34 - 01070315 _____ (Farbar) C:\FRST.exe

2013-08-24 11:22 - 2013-08-25 18:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-08-24 11:22 - 2013-08-24 11:22 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2013-08-24 11:22 - 2013-08-24 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2013-08-24 11:03 - 2013-08-24 10:11 - 00448512 _____ (OldTimer Tools) C:\TFC.exe

2013-08-23 17:28 - 2013-08-23 17:28 - 00001891 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000700 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000000 ____D C:\Programme\Mozilla Maintenance Service

2013-08-22 19:51 - 2013-08-25 18:50 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce9f604adfe6ec.job

2013-08-22 19:51 - 2013-08-22 19:51 - 00001781 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk

2013-08-22 19:49 - 2013-08-25 18:56 - 00000370 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-08-22 19:49 - 2013-08-22 19:49 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum

2013-08-22 19:49 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys

2013-08-22 19:49 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys

2013-08-22 19:49 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2013-08-22 19:29 - 2013-08-22 19:29 - 00000000 ____D C:\Programme\AVAST Software

2013-08-22 19:29 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2013-08-22 17:28 - 2013-08-22 17:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$

2013-08-19 18:00 - 2013-08-19 18:00 - 00000000 ____D C:\Programme\ESET

2013-08-19 17:47 - 2013-08-19 17:47 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\PrivacIE

2013-08-15 07:09 - 2013-08-15 07:09 - 00006154 _____ C:\WINDOWS\KB2863058.log

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

2013-08-14 09:01 - 2013-08-14 09:01 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

2013-08-14 07:17 - 2013-08-22 17:29 - 00014930 _____ C:\WINDOWS\KB2850869.log

2013-08-14 07:17 - 2013-08-15 07:09 - 00012682 _____ C:\WINDOWS\KB2859537.log

2013-08-13 20:57 - 2013-08-13 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\mbam-setup-1.75.0.1300.exe

2013-08-13 09:41 - 2013-08-13 09:41 - 00000000 ____D C:\WINDOWS\ERUNT

2013-08-12 11:59 - 2013-08-12 11:59 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\IETldCache

2013-08-12 09:28 - 2013-08-19 17:03 - 00000000 ____D C:\FRST

2013-08-11 08:38 - 2013-08-11 19:55 - 00000000 ____D C:\Programme\WinZipper

2013-08-09 22:01 - 2013-08-10 21:02 - 00000000 ____D C:\Programme\Check Point Software Technologies LTD

2013-08-09 22:00 - 2013-08-10 21:02 - 00000000 ____D C:\Programme\East Imperial Soft

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SAM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG

2013-08-08 16:29 - 2013-08-08 16:29 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG

2013-08-06 11:02 - 2013-08-10 19:03 - 00000000 ____D C:\Programme\MSECache

2013-07-30 05:27 - 2013-07-30 05:32 - 00000000 ____D C:\WINDOWS\system32\MRT
 

==================== One Month Modified Files and Folders =======
 

2013-08-25 19:00 - 2007-01-27 10:54 - 00927126 _____ C:\WINDOWS\system32\OODBS.lor

2013-08-25 19:00 - 2005-10-09 07:46 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl

2013-08-25 18:59 - 2011-02-18 20:03 - 00327680 _____ C:\WINDOWS\system32\config\TuneUp.evt

2013-08-25 18:59 - 2006-06-06 20:48 - 00000275 _____ C:\WINDOWS\wiadebug.log

2013-08-25 18:59 - 2006-06-06 20:48 - 00000052 _____ C:\WINDOWS\wiaservc.log

2013-08-25 18:59 - 2006-06-06 17:54 - 00032128 _____ C:\WINDOWS\SchedLgU.Txt

2013-08-25 18:59 - 2006-06-06 17:53 - 01050209 _____ C:\WINDOWS\WindowsUpdate.log

2013-08-25 18:59 - 2005-10-08 23:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-08-25 18:58 - 2006-06-06 18:02 - 00000000 ____D C:\Dokumente und Einstellungen\Helmut

2013-08-25 18:56 - 2013-08-22 19:49 - 00000370 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-08-25 18:50 - 2013-08-22 19:51 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce9f604adfe6ec.job

2013-08-25 18:48 - 2010-11-05 19:18 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini

2013-08-25 18:06 - 2013-08-24 11:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-08-25 18:05 - 2009-12-28 08:49 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-24 20:29 - 2007-02-06 20:52 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2013-08-24 16:52 - 2007-01-27 10:57 - 00000000 ____D C:\WINDOWS\system32\oodag

2013-08-24 16:12 - 2005-10-08 23:52 - 00000000 ___RD C:\Programme

2013-08-24 11:40 - 2012-04-12 17:37 - 00008071 _____ C:\WINDOWS\setupact.log

2013-08-24 11:22 - 2013-08-24 11:22 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2013-08-24 11:22 - 2013-08-24 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2013-08-24 10:11 - 2013-08-24 11:03 - 00448512 _____ (OldTimer Tools) C:\TFC.exe

2013-08-23 18:34 - 2013-08-24 11:39 - 01070315 _____ (Farbar) C:\FRST.exe

2013-08-23 17:28 - 2013-08-23 17:28 - 00001891 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk

2013-08-23 17:28 - 2005-10-09 12:25 - 00000000 ____D C:\Programme\Google

2013-08-22 20:36 - 2013-08-22 20:36 - 00000700 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2013-08-22 20:36 - 2013-08-22 20:36 - 00000000 ____D C:\Programme\Mozilla Maintenance Service

2013-08-22 20:35 - 2009-03-22 12:16 - 00000000 ____D C:\Programme\Mozilla Firefox

2013-08-22 19:51 - 2013-08-22 19:51 - 00001781 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk

2013-08-22 19:49 - 2013-08-22 19:49 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

2013-08-22 19:49 - 2013-08-22 19:49 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum

2013-08-22 19:49 - 2005-10-08 22:57 - 00003000 _____ C:\WINDOWS\system32\config.nt

2013-08-22 19:29 - 2013-08-22 19:29 - 00000000 ____D C:\Programme\AVAST Software

2013-08-22 18:36 - 2013-08-24 14:25 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot.exe

2013-08-22 17:47 - 2005-10-08 15:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET

2013-08-22 17:35 - 2012-06-07 13:32 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-08-22 17:32 - 2005-10-08 23:52 - 01166212 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-08-22 17:29 - 2013-08-22 17:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$

2013-08-22 17:29 - 2013-08-14 07:17 - 00014930 _____ C:\WINDOWS\KB2850869.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00756252 _____ C:\WINDOWS\setupapi.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00517343 _____ C:\WINDOWS\FaxSetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00248304 _____ C:\WINDOWS\ocgen.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00198156 _____ C:\WINDOWS\tsoc.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00172496 _____ C:\WINDOWS\comsetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00104470 _____ C:\WINDOWS\ntdtcsetup.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00082802 _____ C:\WINDOWS\iis6.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00028728 _____ C:\WINDOWS\ocmsn.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00025956 _____ C:\WINDOWS\msgsocm.log

2013-08-22 17:29 - 2012-04-12 17:37 - 00001374 _____ C:\WINDOWS\imsins.log

2013-08-22 17:29 - 2012-04-12 17:36 - 00084745 _____ C:\WINDOWS\updspapi.log

2013-08-20 20:24 - 2013-06-20 18:30 - 00000000 ____D C:\Magazin-1

2013-08-20 19:54 - 2006-06-07 19:57 - 00000116 _____ C:\WINDOWS\NeroDigital.ini

2013-08-20 18:30 - 2005-10-09 14:27 - 00000400 _____ C:\WINDOWS\ODBC.INI

2013-08-19 18:00 - 2013-08-19 18:00 - 00000000 ____D C:\Programme\ESET

2013-08-19 17:47 - 2013-08-19 17:47 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\PrivacIE

2013-08-19 17:47 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe

2013-08-19 17:47 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator

2013-08-19 17:03 - 2013-08-12 09:28 - 00000000 ____D C:\FRST

2013-08-18 15:30 - 2013-06-22 08:58 - 00007680 ___SH C:\WINDOWS\Thumbs.db

2013-08-18 12:58 - 2012-04-01 10:57 - 00023405 _____ C:\WINDOWS\wmsetup.log

2013-08-18 09:47 - 2006-06-16 12:16 - 00005134 _____ C:\WINDOWS\xnview.ini

2013-08-17 17:41 - 2013-06-20 16:56 - 00000000 ____D C:\Programme\Hybrid

2013-08-17 17:41 - 2012-07-19 19:14 - 00000000 ____D C:\Programme\TuneUp Utilities 2012

2013-08-17 12:24 - 2006-06-11 09:50 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2013-08-17 11:22 - 2005-10-08 22:56 - 00000000 ____D C:\WINDOWS\Registration

2013-08-15 07:09 - 2013-08-15 07:09 - 00006154 _____ C:\WINDOWS\KB2863058.log

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$

2013-08-15 07:09 - 2013-08-15 07:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

2013-08-15 07:09 - 2013-08-14 07:17 - 00012682 _____ C:\WINDOWS\KB2859537.log

2013-08-15 07:09 - 2012-04-12 17:37 - 00001374 _____ C:\WINDOWS\imsins.BAK

2013-08-15 07:09 - 2007-02-18 04:01 - 00883452 _____ C:\WINDOWS\system32\TZLog.log

2013-08-14 09:28 - 2012-12-27 10:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2753842-v2$

2013-08-14 09:28 - 2009-03-11 22:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB959772_WM11$

2013-08-14 09:01 - 2013-08-14 09:01 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

2013-08-13 20:57 - 2013-08-13 20:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\mbam-setup-1.75.0.1300.exe

2013-08-13 20:48 - 2006-06-17 09:33 - 00001966 _____ C:\WINDOWS\Ulead32.ini

2013-08-13 18:48 - 2005-10-08 23:52 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente

2013-08-13 09:41 - 2013-08-13 09:41 - 00000000 ____D C:\WINDOWS\ERUNT

2013-08-13 09:35 - 2012-04-09 10:41 - 00000000 ____D C:\Programme\Gemeinsame Dateien\AVG Secure Search

2013-08-12 11:59 - 2013-08-12 11:59 - 00000000 __SHD C:\Dokumente und Einstellungen\Administrator\IETldCache

2013-08-11 19:55 - 2013-08-11 08:38 - 00000000 ____D C:\Programme\WinZipper

2013-08-11 19:55 - 2005-10-08 23:51 - 00430984 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-08-11 19:54 - 2005-10-08 23:00 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService

2013-08-11 19:54 - 2005-10-08 23:00 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService

2013-08-10 21:03 - 2005-10-08 23:52 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü

2013-08-10 21:02 - 2013-08-09 22:01 - 00000000 ____D C:\Programme\Check Point Software Technologies LTD

2013-08-10 21:02 - 2013-08-09 22:00 - 00000000 ____D C:\Programme\East Imperial Soft

2013-08-10 21:02 - 2013-07-17 21:20 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Uniblue

2013-08-10 21:02 - 2013-07-17 21:00 - 00000000 ____D C:\Programme\DVDVideoSoft

2013-08-10 21:02 - 2013-07-09 17:07 - 00000000 ____D C:\Programme\DsNET Corp

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ___SD C:\Dokumente und Einstellungen\UpdatusUser\UserData

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ___RD C:\Dokumente und Einstellungen\UpdatusUser\Startmenü

2013-08-10 21:02 - 2013-06-27 16:03 - 00000000 ____D C:\Dokumente und Einstellungen\UpdatusUser\WINDOWS

2013-08-10 21:02 - 2013-06-27 14:52 - 00000000 ____D C:\NVIDIA

2013-08-10 21:02 - 2013-06-20 18:15 - 00000000 ____D C:\Programme\Greenshot

2013-08-10 21:02 - 2013-06-19 16:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Skype

2013-08-10 21:02 - 2013-05-23 17:22 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft

2013-08-10 21:02 - 2013-03-09 21:46 - 00000000 ____D C:\Programme\CheckPoint

2013-08-10 21:02 - 2012-12-12 19:21 - 00000000 ____D C:\Programme\Dropbox

2013-08-10 21:02 - 2012-03-04 20:51 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot(3)

2013-08-10 21:02 - 2012-03-04 20:51 - 00000000 ____D C:\Programme\Application Updater(3)

2013-08-10 21:02 - 2011-09-20 14:59 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Protexis

2013-08-10 21:02 - 2011-09-11 14:36 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Corel

2013-08-10 21:02 - 2011-09-10 20:45 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot(2)

2013-08-10 21:02 - 2011-09-10 20:45 - 00000000 ____D C:\Programme\Application Updater(2)

2013-08-10 21:02 - 2011-02-26 17:45 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Aladdin Shared

2013-08-10 21:02 - 2011-02-26 14:19 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Aladdin Shared(2)

2013-08-10 21:02 - 2011-02-19 14:38 - 00000000 ____D C:\Programme\CodecOption

2013-08-10 21:02 - 2010-11-27 16:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Snell & Wilcox Shared

2013-08-10 21:02 - 2010-11-27 16:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Grass Valley

2013-08-10 21:02 - 2010-11-24 21:37 - 00000000 ____D C:\Programme\directx

2013-08-10 21:02 - 2010-11-23 20:14 - 00000000 ____D C:\MappedFiles

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___SD C:\Dokumente und Einstellungen\Administrator\UserData

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Startmenü

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Dokumente

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ___RD C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\WINDOWS

2013-08-10 21:02 - 2010-11-05 19:18 - 00000000 ____D C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Mein Geld

2013-08-10 21:02 - 2009-11-27 20:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\CyberLink

2013-08-10 21:02 - 2009-11-27 20:23 - 00000000 ____D C:\Dokumente und Einstellungen\Besitzer\Startmenü

2013-08-10 21:02 - 2009-11-21 22:16 - 00000000 ____D C:\Programme\Bonjour

2013-08-10 21:02 - 2009-11-11 20:38 - 00000000 ____D C:\Programme\AVS4YOU

2013-08-10 21:02 - 2009-11-01 14:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Apple

2013-08-10 21:02 - 2009-07-05 12:11 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SWF Studio

2013-08-10 21:02 - 2008-12-19 20:32 - 00000000 ____D C:\Programme\DATA BECKER

2013-08-10 21:02 - 2008-12-16 19:43 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DATA BECKER Shared

2013-08-10 21:02 - 2008-10-29 19:59 - 00000000 ____D C:\Intel

2013-08-10 21:02 - 2008-10-27 18:37 - 00000000 ____D C:\Programme\BearPaw 2448TA Plus

2013-08-10 21:02 - 2008-10-21 21:12 - 00000000 ____D C:\Programme\Gemeinsame Dateien\TechSmith Shared

2013-08-10 21:02 - 2008-10-09 19:03 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Acronis

2013-08-10 21:02 - 2008-10-09 19:03 - 00000000 ____D C:\Programme\Acronis

2013-08-10 21:02 - 2008-10-09 17:42 - 00000000 ____D C:\Programme\Canon

2013-08-10 21:02 - 2008-10-09 17:36 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Canon

2013-08-10 21:02 - 2008-09-16 20:58 - 00000000 ____D C:\Programme\Gemeinsame Dateien\xing shared

2013-08-10 21:02 - 2007-12-22 18:20 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Motorola Shared

2013-08-10 21:02 - 2007-06-18 20:16 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SONY Digital Images

2013-08-10 21:02 - 2007-06-10 12:27 - 00000000 ____D C:\Programme\Gemeinsame Dateien\AVSMedia

2013-08-10 21:02 - 2007-02-07 19:28 - 00000000 ____D C:\Programme\Codec Pack - All In 1

2013-08-10 21:02 - 2007-02-06 20:52 - 00000000 ____D C:\Programme\Apple Software Update

2013-08-10 21:02 - 2007-01-21 22:50 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe

2013-08-10 21:02 - 2007-01-10 14:32 - 00000000 ____D C:\Dokumente und Einstellungen\Besitzer

2013-08-10 21:02 - 2006-10-08 15:03 - 00000000 ____D C:\Programme\Canopus

2013-08-10 21:02 - 2006-08-03 08:39 - 00000000 ____D C:\Programme\Gemeinsame Dateien\ODBC

2013-08-10 21:02 - 2006-07-01 09:43 - 00000000 ____D C:\Programme\AOL

2013-08-10 21:02 - 2006-06-16 11:29 - 00000000 ____D C:\Programme\Digitale Telefonauskunft

2013-08-10 21:02 - 2006-06-07 19:00 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InterVideo

2013-08-10 21:02 - 2006-06-07 19:00 - 00000000 ____D C:\Programme\Creative

2013-08-10 21:02 - 2006-06-07 18:38 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Canopus Shared

2013-08-10 21:02 - 2006-06-07 18:04 - 00000000 ____D C:\MSCAN

2013-08-10 21:02 - 2006-06-06 20:58 - 00000000 ____D C:\Programme\Dornier GmbH

2013-08-10 21:02 - 2006-06-06 20:07 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Ulead Systems

2013-08-10 21:02 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DESIGNER

2013-08-10 21:02 - 2006-02-28 16:57 - 00000000 ____D C:\Programme\Gemeinsame Dateien\aol

2013-08-10 21:02 - 2006-02-28 16:07 - 00000000 ____D C:\Programme\Home Cinema

2013-08-10 21:02 - 2006-02-28 16:07 - 00000000 ____D C:\Programme\CyberLink

2013-08-10 21:02 - 2006-02-28 16:03 - 00000000 ____D C:\Programme\Gemeinsame Dateien\LightScribe

2013-08-10 21:02 - 2006-02-28 16:02 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Ahead

2013-08-10 21:02 - 2006-02-28 16:02 - 00000000 ____D C:\Programme\Ahead

2013-08-10 21:02 - 2006-02-28 16:01 - 00000000 ____D C:\PCM

2013-08-10 21:02 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java

2013-08-10 21:02 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Adobe

2013-08-10 21:02 - 2006-02-28 15:51 - 00000000 ____D C:\Programme\C-Media USB2.0 Card Reader

2013-08-10 21:02 - 2005-10-09 14:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MAGIX Shared

2013-08-10 21:02 - 2005-10-09 14:55 - 00000000 ____D C:\Programme\ALDI Sued Foto Service

2013-08-10 21:02 - 2005-10-09 14:49 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DataDesign

2013-08-10 21:02 - 2005-10-09 14:46 - 00000000 ____D C:\Programme\Gemeinsame Dateien\muvee Technologies

2013-08-10 21:02 - 2005-10-09 14:33 - 00000000 ____D C:\Programme\Encarta

2013-08-10 21:02 - 2005-10-09 12:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Nullsoft

2013-08-10 21:02 - 2005-10-09 12:25 - 00000000 ____D C:\Programme\DivX

2013-08-10 21:02 - 2005-10-09 11:25 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Real

2013-08-10 21:02 - 2005-10-08 23:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\SpeechEngines

2013-08-10 21:02 - 2005-10-08 23:52 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Microsoft Shared

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\System

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MSSoap

2013-08-10 21:02 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Dienste

2013-08-10 21:02 - 2005-10-08 15:59 - 00000000 ____D C:\Programme\HighMAT CD Writing Wizard

2013-08-10 21:02 - 2005-10-08 15:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\InstallShield

2013-08-10 19:03 - 2013-08-06 11:02 - 00000000 ____D C:\Programme\MSECache

2013-08-10 19:03 - 2013-07-07 20:43 - 00000000 ____D C:\Programme\Ontrack

2013-08-10 19:03 - 2013-06-20 18:06 - 00000000 ____D C:\Programme\MediaInfo

2013-08-10 19:03 - 2013-04-13 18:52 - 00000000 ____D C:\Programme\NVIDIA Corporation

2013-08-10 19:03 - 2013-04-05 19:07 - 00000000 ____D C:\Programme\NCH Software

2013-08-10 19:03 - 2013-03-29 17:06 - 00000000 ____D C:\Programme\SIW

2013-08-10 19:03 - 2012-07-05 20:03 - 00000000 ____D C:\Programme\MarkAny

2013-08-10 19:03 - 2012-06-26 20:29 - 00000000 ____D C:\Programme\Office 2007

2013-08-10 19:03 - 2011-09-20 15:00 - 00000000 ____D C:\Programme\Microsoft SDKs

2013-08-10 19:03 - 2011-09-10 22:26 - 00000000 ____D C:\Programme\Microsoft Visual Studio 9.0

2013-08-10 19:03 - 2011-03-10 21:05 - 00000000 ____D C:\Programme\Microsoft Silverlight

2013-08-10 19:03 - 2010-02-13 22:01 - 00000000 ____D C:\Programme\iPod

2013-08-10 19:03 - 2009-11-27 20:23 - 00000000 ____D C:\Programme\SmartSound Software

2013-08-10 19:03 - 2009-08-15 14:40 - 00000000 ____D C:\Programme\Reference Assemblies

2013-08-10 19:03 - 2009-08-15 14:40 - 00000000 ____D C:\Programme\MSBuild

2013-08-10 19:03 - 2009-08-15 14:37 - 00000000 ____D C:\Programme\MSXML 6.0

2013-08-10 19:03 - 2009-07-30 09:56 - 00000000 ____D C:\Programme\Sony

2013-08-10 19:03 - 2008-10-28 21:59 - 00000000 ____D C:\Programme\Trend Micro

2013-08-10 19:03 - 2008-10-09 20:59 - 00000000 ____D C:\Programme\Kaspersky Lab

2013-08-10 19:03 - 2007-12-22 16:53 - 00000000 ____D C:\Programme\Motorola Phone Tools

2013-08-10 19:03 - 2007-02-25 18:27 - 00000000 ____D C:\Programme\Multi_Media_Germany

2013-08-10 19:03 - 2007-02-11 18:49 - 00000000 ____D C:\Programme\Nero

2013-08-10 19:03 - 2006-11-19 21:11 - 00000000 ____D C:\Programme\MSXML 4.0

2013-08-10 19:03 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Microsoft.NET

2013-08-10 19:03 - 2006-06-06 19:18 - 00000000 ____D C:\Programme\Microsoft Visual Studio

2013-08-10 19:03 - 2006-02-28 18:22 - 00000000 ____D C:\Programme\MSN Messenger

2013-08-10 19:03 - 2006-02-28 16:57 - 00000000 ____D C:\Programme\Learn2.com

2013-08-10 19:03 - 2006-02-28 15:56 - 00000000 ____D C:\Programme\Java

2013-08-10 19:03 - 2006-02-28 15:52 - 00000000 ____D C:\Programme\Medion Info Display

2013-08-10 19:03 - 2006-01-30 12:25 - 00000000 ____D C:\Programme\Realtek

2013-08-10 19:03 - 2005-10-09 19:13 - 00000000 ____D C:\Programme\NVIDIA Demo Kiosk

2013-08-10 19:03 - 2005-10-09 14:46 - 00000000 ____D C:\Programme\muvee Technologies

2013-08-10 19:03 - 2005-10-09 14:36 - 00000000 ____D C:\Programme\Microsoft AutoRoute

2013-08-10 19:03 - 2005-10-09 14:26 - 00000000 ____D C:\Programme\Microsoft Office

2013-08-10 19:03 - 2005-10-09 14:23 - 00000000 ____D C:\Programme\Microsoft Works Suite 2006

2013-08-10 19:03 - 2005-10-09 14:23 - 00000000 ____D C:\Programme\Microsoft Works

2013-08-10 19:03 - 2005-10-09 11:53 - 00000000 ____D C:\Programme\RALINK

2013-08-10 19:03 - 2005-10-09 11:25 - 00000000 ____D C:\Programme\Real

2013-08-10 19:03 - 2005-10-08 22:58 - 00000000 ____D C:\Programme\microsoft frontpage

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Outlook Express

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Online-Dienste

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\NetMeeting

2013-08-10 19:03 - 2005-10-08 22:56 - 00000000 ____D C:\Programme\Movie Maker

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\Online Services

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\MSN Gaming Zone

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\MSN

2013-08-10 19:03 - 2005-10-08 22:55 - 00000000 ____D C:\Programme\Messenger

2013-08-10 19:03 - 2005-10-08 15:24 - 00000000 ____D C:\Programme\Intel

2013-08-10 19:03 - 2003-01-01 11:14 - 00000000 ____D C:\Programme\StreamTransport

2013-08-09 22:03 - 2005-10-09 11:11 - 00001479 _____ C:\WINDOWS\system32\InstallUtil.InstallLog

2013-08-08 17:20 - 2009-03-21 12:16 - 00002259 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Jaksta Streaming Media Recorder and Converter.lnk

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SYSTEM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SOFTWARE_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\SAM_tureg_new.LOG

2013-08-08 16:34 - 2013-08-08 16:34 - 00000000 ____H C:\WINDOWS\system32\config\DEFAULT_tureg_new.LOG

2013-08-08 16:34 - 2005-10-09 00:51 - 58982400 _____ C:\WINDOWS\system32\config\SOFTWARE_tureg_old

2013-08-08 16:34 - 2005-10-09 00:51 - 10485760 _____ C:\WINDOWS\system32\config\SYSTEM_tureg_old

2013-08-08 16:34 - 2005-10-08 23:51 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY_tureg_old

2013-08-08 16:29 - 2013-08-08 16:29 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY_tureg_new.LOG

2013-08-08 16:27 - 2005-10-09 00:51 - 00786432 _____ C:\WINDOWS\system32\config\DEFAULT_tureg_old

2013-08-08 16:27 - 2005-10-08 23:51 - 00024576 _____ C:\WINDOWS\system32\config\SAM_tureg_old

2013-08-03 13:05 - 2009-03-22 22:18 - 00001044 _____ C:\WINDOWS\Tasks\Google Software Updater.job

2013-07-30 05:34 - 2013-07-25 19:03 - 00011489 _____ C:\WINDOWS\KB2834886.log

2013-07-30 05:34 - 2013-07-25 19:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$

2013-07-30 05:32 - 2013-07-30 05:27 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-07-27 11:08 - 2006-04-13 15:02 - 00000174 _____ C:\WINDOWS\system32\fsbx.ini
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe

[2005-10-09 07:46] - [2008-04-14 08:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 
 

C:\Windows\System32\winlogon.exe

[2005-10-09 07:46] - [2008-04-14 08:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 
 

C:\Windows\System32\svchost.exe

[2005-10-09 07:46] - [2008-04-14 08:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 
 

C:\Windows\System32\services.exe

[2008-09-18 20:21] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 
 

C:\Windows\System32\User32.dll

[2005-10-09 07:46] - [2008-04-14 08:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 
 

C:\Windows\System32\userinit.exe

[2008-09-18 20:21] - [2008-04-14 08:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 
 

C:\Windows\System32\Drivers\volsnap.sys

[2008-09-18 20:21] - [2008-04-14 08:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 
 
 

==================== End Of Log ============================

--- --- ---

--- --- ---

ok dann suchen wir tiefer im System ...

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Ich weiß nicht, Heiko, ob der Scan komplett ist. Ich hatte zum Schluß zwar keine Anzeige "Scan finished successfully" im DOS-Fenster, glaube aber der Scan war durch.

Code:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software

Run date: 2013-08-26 16:41:17

-----------------------------

16:41:17.687    OS Version: Windows 5.1.2600 Service Pack 3

16:41:17.687    Number of processors: 2 586 0x407

16:41:17.687    ComputerName: FUCHS  UserName: 

16:41:18.093    Initialize success

16:41:18.437    AVAST engine defs: 13082600

16:41:41.968    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-c

16:41:41.968    Disk 0 Vendor: Maxtor_6B200P0 BAH41B10 Size: 194481MB BusType: 3

16:41:41.984    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-17

16:41:41.984    Disk 1 Vendor: ST3250824AS 3.AAE Size: 238475MB BusType: 3

16:41:42.000    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T0L0-22

16:41:42.015    Disk 2 Vendor: SAMSUNG_HD753LJ 1AA01118 Size: 715404MB BusType: 3

16:41:42.109    Disk 1 MBR read successfully

16:41:42.109    Disk 1 MBR scan

16:41:42.125    Disk 1 Windows XP default MBR code

16:41:42.140    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS        78999 MB offset 63

16:41:42.156    Disk 1 Partition - 00     0F Extended LBA            148475 MB offset 161790615

16:41:42.187    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS         4000 MB offset 465868935

16:41:42.218    Disk 1 Partition 3 00     07    HPFS/NTFS NTFS         6997 MB offset 474062085

16:41:42.250    Disk 1 Partition 4 00     07    HPFS/NTFS NTFS        36005 MB offset 161790678

16:41:42.265    Disk 1 Partition - 00     05     Extended              6502 MB offset 235528965

16:41:42.296    Disk 1 Partition 5 00     07    HPFS/NTFS NTFS         6502 MB offset 235529028

16:41:42.328    Disk 1 Partition - 00     05     Extended            105967 MB offset 322585200

16:41:42.343    Disk 1 Partition 6 00     07    HPFS/NTFS NTFS       105967 MB offset 248846913

16:41:42.375    Disk 1 scanning sectors +488392065

16:41:42.500    Disk 1 scanning C:\WINDOWS\system32\drivers

16:41:52.671    File: C:\WINDOWS\system32\drivers\bxShield.sys **HIDDEN**

16:41:52.703    Service scanning

16:41:55.250    Service bxShield C:\WINDOWS\System32\Drivers\bxShield.sys **LOCKED** 5

16:41:56.578    Service dtscsi C:\WINDOWS\System32\Drivers\dtscsi.sys **LOCKED** 32

16:42:03.250    Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32

16:42:06.468    Modules scanning

16:42:13.546    Disk 1 trace - called modules:

16:42:13.593    ntkrnlpa.exe >>UNKNOWN [0x8b0c5708]<<

16:42:13.609    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8b078ab8]

16:42:13.625    \Driver\Disk[0x8b07a940] -> IRP_MJ_CREATE -> 0x8b0c5708

16:42:14.031    AVAST engine scan C:\WINDOWS

16:42:23.312    AVAST engine scan C:\WINDOWS\system32

16:50:48.937    Disk 1 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Helmut\Desktop\MBR.dat"

16:50:48.968    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Helmut\Desktop\aswMBR.txt"

Hallo Helmut,

macht das System noch Probleme? Wenn ja sag mir bitte wo diese liegen...
an Malware finde ich nichts mehr.

Nee, Heiko. Scheint alles in Ordnung zu sein. Nochmals allerbesten Dank für deine liebe Hilfe. Gibt es hier im Forum einen Tipp, wie ich mich jetzt in Zukunft verhalte. Den avast! zum Beispiel einmal die Woche – oder einmal im Monat eine schnelle Überprüfung vornehmen zu lassen oder dergleichen?
Beste Grüße
Helmut

ich brauch noch ein letztes FRST Logfile von dir, dann kommen die Tips ;)