Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   AVAST wurde deaktiviert und lässt sich nicht mehr aktivieren (https://www.trojaner-board.de/143496-avast-wurde-deaktiviert-laesst-mehr-aktivieren.html)

Khael 23.10.2013 23:38
AVAST wurde deaktiviert und lässt sich nicht mehr aktivieren
 
Hallo zusammen,

ich habe im Moment das Problem, dass mein AVAST Free Antivirus sich deaktiviert hat und nicht mehr aktivieren lässt.
Ich bin mir nicht sicher ob es sich um einen Virus handelt, daher wende ich mich an die Profis ;)


Ich habe seit heute auch ein Problem mit meinem DVD Laufwerk, welches keine DVDs mehr lesen kann ohne erfindlichen Grund. Vielleicht hängt das ja irgendwie zusammen und ihr könnt mir helfen.
Würde mich sehr freuen! :)

schrauber 24.10.2013 06:32
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Khael 24.10.2013 08:27
Das Programm hat sich beim Scan aufgehängt und ich musste es schließen, allerdings wurde trotzdem eine txt Datei erstellt. Vielleicht ist sie ja vollständig:

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013
Ran by pc (administrator) on PC-PC on 24-10-2013 09:12:07
Running from C:\Users\pc\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181744 2010-10-22] (Gainward Co.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3046808 2011-02-08] ()
HKCU\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] - 0
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01C046B78B25CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HTTPS Everywhere) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.8.17_0
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Ghostery) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-07-08] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2011-07-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 TBPanel; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [x]
S3 rtlss; System32\Drivers\rtlss.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2051-01-27 19:38 - 2012-06-10 15:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\QuickScan
2051-01-27 19:33 - 2051-01-27 19:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 19:32 - 2051-01-27 19:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 19:24 - 2051-01-27 19:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-24 09:11 - 2013-10-24 09:11 - 01955412 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-24 09:11 - 2013-10-24 09:11 - 00000000 ____D C:\FRST
2013-10-24 00:28 - 2013-10-24 00:30 - 110641816 _____ C:\Users\pc\Downloads\vpsupd.exe
2013-10-24 00:16 - 2013-10-24 00:16 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-21 16:23 - 2013-10-21 16:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 15:46 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-21 15:46 - 2013-10-21 15:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 14:14 - 2013-10-21 14:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 14:13 - 2013-10-24 01:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-21 14:13 - 2013-10-23 23:10 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 14:10 - 2013-10-21 14:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-18 11:48 - 2013-10-18 11:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 11:48 - 2013-10-18 11:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 11:48 - 2013-10-18 11:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 11:48 - 2013-10-18 11:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 11:47 - 2013-10-18 11:47 - 00000000 ____D C:\Program Files\Java
2013-10-10 15:48 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 15:48 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 15:48 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 15:48 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 15:48 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 15:48 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 15:48 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 15:47 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 15:47 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 10:56 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 10:56 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 10:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 10:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 10:56 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 10:56 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 10:56 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 10:56 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 10:56 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 10:56 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 10:56 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 10:56 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 10:56 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 10:56 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 10:56 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 10:56 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 10:56 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 10:56 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 10:56 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 10:56 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 10:56 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 10:56 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 10:56 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 10:56 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 10:56 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 10:56 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 10:56 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 10:56 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 10:56 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 10:56 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 10:56 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 10:56 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 10:56 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 10:56 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 10:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 10:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 10:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 10:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 10:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 10:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 10:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 10:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 10:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 10:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 10:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files\iTunes
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files\iPod
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-09 16:30 - 2013-10-09 16:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

==================== One Month Modified Files and Folders =======

2051-01-27 19:33 - 2051-01-27 19:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 19:32 - 2051-01-27 19:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 19:24 - 2051-01-27 19:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-24 09:13 - 2011-02-08 00:44 - 00000000 ____D C:\Users\pc\AppData\Local\PMB Files
2013-10-24 09:11 - 2013-10-24 09:11 - 01955412 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-24 09:11 - 2013-10-24 09:11 - 00000000 ____D C:\FRST
2013-10-24 09:10 - 2010-12-20 17:37 - 02037612 _____ C:\Windows\WindowsUpdate.log
2013-10-24 09:09 - 2013-08-20 21:04 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-24 09:07 - 2013-01-20 19:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-24 09:07 - 2012-11-07 19:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2013-10-24 09:07 - 2010-12-20 19:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-24 09:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-24 09:07 - 2009-07-14 06:51 - 01760991 _____ C:\Windows\setupact.log
2013-10-24 01:11 - 2013-10-21 15:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-24 01:11 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files\iPod
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-24 01:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-10-24 00:38 - 2013-01-20 19:04 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-24 00:31 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-24 00:31 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-24 00:30 - 2013-10-24 00:28 - 110641816 _____ C:\Users\pc\Downloads\vpsupd.exe
2013-10-24 00:27 - 2012-11-07 19:28 - 00000000 ___RD C:\Users\pc\Dropbox
2013-10-24 00:16 - 2013-10-24 00:16 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-24 00:16 - 2013-01-20 19:36 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-24 00:16 - 2013-01-20 19:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-24 00:13 - 2010-12-20 17:41 - 00000000 ____D C:\Users\pc
2013-10-23 23:10 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-21 22:41 - 2013-01-17 21:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-21 16:23 - 2013-10-21 16:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 15:46 - 2013-10-21 15:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 14:14 - 2013-10-21 14:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 14:11 - 2011-01-07 18:42 - 00000000 ____D C:\Program Files (x86)\Games
2013-10-21 14:10 - 2013-10-21 14:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-19 17:33 - 2013-01-20 19:15 - 00003300 _____ C:\Windows\Sandboxie.ini
2013-10-18 23:01 - 2010-12-30 15:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2013-10-18 11:48 - 2013-10-18 11:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 11:47 - 2013-10-18 11:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 11:47 - 2013-10-18 11:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 11:47 - 2013-10-18 11:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 11:47 - 2013-10-18 11:47 - 00000000 ____D C:\Program Files\Java
2013-10-14 17:22 - 2011-07-07 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-11 15:30 - 2011-07-03 00:06 - 00000000 ____D C:\Users\pc\AppData\Roaming\KeePass
2013-10-11 00:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 15:55 - 2009-07-14 06:45 - 00311104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 15:51 - 2013-03-13 01:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 15:51 - 2013-03-13 01:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 15:49 - 2010-12-31 16:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 15:43 - 2013-08-16 00:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 15:42 - 2012-08-11 13:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 20:41 - 2013-01-17 21:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 20:41 - 2013-01-17 21:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:41 - 2013-01-17 21:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 16:35 - 2012-06-10 13:31 - 00008366 _____ C:\Users\pc\Documents\NewDatabase.kdbx
2013-10-09 16:33 - 2013-01-20 19:04 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 16:33 - 2013-01-20 19:04 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 16:30 - 2013-10-09 16:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-09 16:24 - 2010-12-30 16:11 - 00000000 ____D C:\Users\pc\AppData\Local\Apple Computer

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\AskSLib.dll
C:\Users\pc\AppData\Local\Temp\drm_dialogs.dll
C:\Users\pc\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\pc\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\pc\AppData\Local\Temp\FreemakeVideoConverter_4.0.2.5.exe
C:\Users\pc\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\pc\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Die Addition.txt die du benötigst finde ich leider nicht. Vielleicht weil das Programm sich aufgehängt hat?

schrauber 24.10.2013 11:42
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Khael 24.10.2013 21:57
Hey, hier ist das log:

Code:
ComboFix 13-10-23.02 - pc 24.10.2013  13:15:28.2.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4055.2113 [GMT 2:00]
ausgeführt von:: c:\users\pc\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-09-24 bis 2013-10-24  ))))))))))))))))))))))))))))))
.
.
2051-01-27 17:38 . 2012-06-10 13:25        --------        d-----w-        c:\users\pc\AppData\Roaming\QuickScan
2013-10-24 11:25 . 2013-10-24 11:25        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-10-24 11:25 . 2013-10-24 11:25        --------        d-----w-        c:\users\Public\AppData\Local\temp
2013-10-24 11:25 . 2013-10-24 11:25        --------        d-----w-        c:\users\hedev\AppData\Local\temp
2013-10-24 11:25 . 2013-10-24 11:25        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-10-24 11:05 . 2013-10-24 11:05        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE4841B2-1D09-497B-8947-C3C5503597F9}\offreg.dll
2013-10-24 07:11 . 2013-10-24 07:11        --------        d-----w-        C:\FRST
2013-10-23 22:36 . 2013-10-15 23:20        10280728        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE4841B2-1D09-497B-8947-C3C5503597F9}\mpengine.dll
2013-10-23 21:38 . 2013-10-23 21:38        --------        d-----w-        c:\users\pc\AppData\Local\ElevatedDiagnostics
2013-10-21 14:23 . 2013-10-21 14:23        --------        d-----w-        c:\users\pc\AppData\Local\Blizzard
2013-10-21 13:46 . 2013-10-23 23:11        --------        d-----w-        c:\program files (x86)\Hearthstone
2013-10-21 12:13 . 2013-10-21 12:13        --------        d-----w-        c:\users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 12:13 . 2013-10-23 23:11        --------        d-----w-        c:\users\pc\AppData\Roaming\Battle.net
2013-10-21 12:13 . 2013-10-23 21:10        --------        d-----w-        c:\users\pc\AppData\Local\Battle.net
2013-10-21 12:13 . 2013-10-21 12:13        --------        d-----w-        c:\program files (x86)\Battle.net
2013-10-18 09:48 . 2013-10-18 09:47        312744        ----a-w-        c:\windows\system32\javaws.exe
2013-10-18 09:48 . 2013-10-18 09:48        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-18 09:48 . 2013-10-18 09:47        189352        ----a-w-        c:\windows\system32\javaw.exe
2013-10-18 09:48 . 2013-10-18 09:47        189352        ----a-w-        c:\windows\system32\java.exe
2013-10-18 09:47 . 2013-10-18 09:47        --------        d-----w-        c:\program files\Java
2013-10-10 13:47 . 2013-09-22 22:54        19252224        ----a-w-        c:\windows\system32\mshtml.dll
2013-10-09 14:30 . 2013-10-23 23:11        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-09 14:30 . 2013-10-23 23:11        --------        d-----w-        c:\program files\iTunes
2013-10-09 14:30 . 2013-10-23 23:11        --------        d-----w-        c:\program files\iPod
2013-10-09 14:30 . 2013-10-23 23:11        --------        d-----w-        c:\program files (x86)\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 13:42 . 2012-08-11 11:41        80541720        ----a-w-        c:\windows\system32\MRT.exe
2013-10-09 18:41 . 2013-01-17 19:32        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 18:41 . 2013-01-17 19:32        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-03 12:35 . 2010-12-30 13:39        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-10 08:56        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-12 09:19        155584        ----a-w-        c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-12 09:19        215040        ----a-w-        c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-12 09:19        424448        ----a-w-        c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-12 09:19        1161216        ----a-w-        c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-12 09:19        43520        ----a-w-        c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-12 09:19        6144        ---ha-w-        c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        6656        ----a-w-        c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        5120        ---ha-w-        c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-12 09:19        274944        ----a-w-        c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 09:19        5120        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        4608        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-12 09:19        338432        ----a-w-        c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-12 09:19        112640        ----a-w-        c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-12 09:19        4608        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 09:19        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 09:19        6144        ---ha-w-        c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 09:19        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft AutoScreenRecorder 3.1 Pro"="0" [X]
"GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2010-10-22 2181744]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-02-07 3046808]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-10-16 759496]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-10-09 844752]
"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-09-04 1315144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-02-10 2770432]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-01 152392]
.
c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);c:\windows\system32\DRIVERS\OXSDIDRV_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OXSDIDRV_x64.sys [x]
R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X64.sys;c:\windows\SYSNATIVE\Drivers\OXUDIDRV_X64.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;PEARL PX-8266 300Mbps 11n Wireless USB Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 rtlss;Service for enabling selective suspend to RTL device;c:\windows\system32\Drivers\rtlss.sys;c:\windows\SYSNATIVE\Drivers\rtlss.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 15:39        1185744        ----a-w-        c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-17 18:41]
.
2013-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 17:04]
.
2013-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 17:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58        133840        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-648632289-941596113-564908001-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,69,8e,83,ea,98,b2,3e,af,7c,ca,5a,ec,2d,01,b9,d5,86,72,69,77,32,bd,
  a1,d5,e8,da,25,66,c9,19,f3,e4,b9,d8,15,e2,94,55,53,84,88,35,90,49,5d,e1,08,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-648632289-941596113-564908001-1000\Software\SecuROM\License information*]
"datasecu"=hex:4f,e1,a6,82,4f,f6,ca,fb,7d,45,19,17,79,30,e5,48,6d,7f,8c,43,ff,
  55,af,19,ed,56,8f,8b,ee,88,ef,6d,73,27,06,69,b2,72,b2,05,6d,e1,73,cf,60,3e,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-10-24  13:36:13
ComboFix-quarantined-files.txt  2013-10-24 11:36
.
Vor Suchlauf: 17 Verzeichnis(se), 525.947.236.352 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 527.691.923.456 Bytes frei
.
- - End Of File - - 240B8DBA71DA4833E59234C159EB619A
A36C5E4F47E84449FF07ED3517B43A31

Erstaunlicherweise hat sich heute Avast automatisch wieder aktiviert, ich musste es eben für Combofix wieder deaktivieren.

Das Problem mit dem DVD Laufwerk, welches keine DVDs mehr erkennt, ist allerdings nach wie vor vorhanden.

Vielleicht findest du ja Schadsoftware oder Einstellungsfehler :)

EDIT:

Neues Problem ist aufgetreten: Ich kann iTunes mittlerweile nicht mehr öffnen. Erscheint zwar als Prozess im Taskmanager, hat aber eine CPU Auslastung von 0.
Gleiches gilt für den Windows Media Player, der hängt sich zusätzlich nur auf.

schrauber 25.10.2013 10:59
Zitat:
Das Problem mit dem DVD Laufwerk, welches keine DVDs mehr erkennt, ist allerdings nach wie vor vorhanden.
Da denk ich ja eher an Hardware.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Khael 25.10.2013 11:12
Malwarebytes Anti-Malware:

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.25.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
pc :: PC-PC [Administrator]

25.10.2013 12:03:30
mbam-log-2013-10-25 (12-03-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 238396
Laufzeit: 3 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\pc\Downloads\FreemakeVideoConverter4024Setup.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\pc\Downloads\FreeVideoFlipAndRotate.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\pc\Downloads\FreeVideoToiPhoneConverter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\pc\Downloads\FreeYouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


AdwCleaner:

Code:
# AdwCleaner v3.010 - Bericht erstellt am 25/10/2013 um 12:23:03
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : pc - PC-PC
# Gestartet von : C:\Users\pc\Downloads\adwcleaner (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\pc\AppData\Roaming\dvdvideosoftiehelpers

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_malwarebytes-anti-malware_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_malwarebytes-anti-malware_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v22.0 (de)

[ Datei : C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ Datei : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1724 octets] - [25/10/2013 12:12:38]
AdwCleaner[R1].txt - [1784 octets] - [25/10/2013 12:22:18]
AdwCleaner[S0].txt - [1645 octets] - [25/10/2013 12:23:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1705 octets] ##########

Junkware Removal Tool:


Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by pc on 25.10.2013 at 12:26:55,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{022EB9D6-5BB0-4E3C-922A-71F62A539002}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{0628CAB3-B1F1-48A4-8D8B-ECB6637C4B90}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{0CB33940-48DA-4083-ADC0-46CD8E0AC10D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{0E325096-56E5-475C-BBBA-7FF13BC73DA0}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{0FC1BAC7-AE72-4651-9120-1536AC564527}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{100E9C4B-9D0B-446A-9792-AD310F91EA8E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{104A71D9-3BFB-413E-8E7F-8EC3B0527138}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{11C6EF4A-F158-455E-941E-4CEA8E25A613}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{13B30974-E7D2-449E-88BB-EC28E13ED9DD}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{144FF79F-7823-4B8F-9779-5D20890E04EC}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{16C4B824-DA84-4D3B-8B0A-7F339F163996}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{17167147-2F16-4AF4-AFA9-5B22C19EFB5D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{184800D5-5288-4CA1-A5AF-61C5B0A105D5}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{1E3EA7A3-9BF8-498C-A224-38A776876A22}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{1E705706-7F72-46DF-A4A4-5EEC8ACC8CBB}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{250BFD8B-5D2B-4075-A242-2B8B84CD5EF8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{264E63B5-44FE-4CA4-9017-4BA7B1E88920}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{26706DA9-E949-4BC5-9F24-0C08075BDE12}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{26965935-76DD-4C54-8854-2EFBC3D0066E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{27B4BF5C-0D8D-4FE0-9CB2-83424073A899}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{2850E2BD-BEAC-4A12-AC89-07F63153AAF2}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{2A97ACBD-44FD-4AA9-B8B1-5EE8CAD6E180}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{2AC128F9-2412-4A69-9EF9-05C3804F225A}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{340280A2-0750-4BCC-B98D-E78846DC7C31}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{34F39CE1-DB52-49A9-9841-E35271FAEA79}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{35775EA6-0DAC-444A-8087-EA533B907A31}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{35B3E2BF-BC8F-4440-97FA-5001DD793D02}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{3814590B-7B42-468B-89BE-52A29740D569}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{395B7D3C-B0E1-4809-B2A5-57BCBFAAC2BB}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{39BC9CC7-5AED-44A2-B341-397EB17BC62E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4078E467-9C15-4157-8027-0F1FCC1120CC}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4226C28A-5901-498F-9C09-2AD557A2A9DE}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{424F9ADB-B8CB-41D7-B924-2FED76AB6B97}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{439F5ACB-E915-4B46-B056-C8A85F9623FC}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{458D0079-4355-4C55-BD83-ADEA365DA2D4}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{469C37C3-0E1C-44DB-98C1-621854240AF6}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4ADC79B5-AA8D-4B36-8191-18A61E5D1705}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4AE9C876-2F98-49A6-90E7-A040F11DC4D6}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4CC1D818-ED76-4907-9A49-E39978EB4119}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4CE27F54-E208-4B91-A2FB-95D6A273D8E3}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4D56D45B-FCCB-47F3-B3D7-A974AEA75F0E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4E853DAA-E460-491A-8225-F9D575460DF7}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{4F5CE1F5-A1F7-47A3-8A6A-69EA756727F3}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{50A855B5-A313-444D-AE3C-00EBFF014CCF}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{516135B4-432F-425A-A859-3F8D340C84C4}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{535D50D7-BB89-4CFF-8501-983333660707}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{53CA51E1-450C-4FDA-9844-841263C69D5A}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{57FFD24D-5EAE-46A9-B2ED-6751A3CB6383}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{59D3F281-1DC0-4AB5-9616-F0E4C0E72495}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{5B11873E-41DD-4377-8E92-AD7310C73156}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{5B375726-3B43-4E33-8359-748D099E4233}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{5B83D8EB-4631-40DB-BF23-EAD4B000925A}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{63856C38-4AF5-42BA-BDB3-A14CE5DAD6BC}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{650A48B4-4AD8-461C-A3F7-EED44A1A6B5D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{65410893-9635-49B1-A537-D1B52A9DBB0B}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{6858E0B7-EA77-42DC-8351-9C5B418F5B08}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{68591287-A7EB-430E-B159-6FEAE66AECD8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{6951813C-CCAF-4EE7-99BD-BD422523A644}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{6974452A-4ACF-4321-8004-7DD854F5FFF8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{6FC7448D-F422-45F8-9B61-5BA123946874}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{7416203A-9EAA-40E5-8E03-CB4E19416C07}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{7CBD45FF-D801-4EE9-8B99-C419A8619CEC}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8015FA47-7F52-42C5-B121-3BE62B6B53F8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8177AD48-75DB-47C0-9527-D4D423B4331E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{819E3374-90A5-4295-94BB-82D0D2DCBABD}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{829035C6-EE1B-429F-B12A-8AF5A3657688}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8542DEC9-C236-4E05-BFCD-A915428EE8F5}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{85E41BCC-0BB5-4821-B546-ECD62F365B1A}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8617340D-69F9-42FB-914A-D3F840B3D5AC}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8657D77F-A6BB-4A71-A0D1-F322FACB88ED}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8763AAFB-2F8C-40E7-803A-A695F2E26C07}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8810EE14-36E9-4414-A717-B98A405138CD}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{88A919F7-0EA3-4728-8417-38E194206233}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8948FAF7-7A52-42ED-A7AE-2217D2C7D771}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8B0FA989-771E-4262-AE26-4FAB9D8BCB31}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8EF7F2AF-BABF-400D-9AF1-F822C2312FB5}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{8F5F62DA-452F-4C97-828C-61D4BB434FD0}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{912487F5-60C1-43B5-8D9D-0DC55FE0421C}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{91539E3E-D642-42AE-A79A-6D8921242EC9}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{9220A694-9BA5-42BC-BC18-A03DB17D382F}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{93386B9F-B90B-4A0E-B4B7-D18B53037BFE}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{943A085A-E0DC-4E43-9802-29B4A48BE26A}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{9670F0DF-AB05-41E9-99A8-8E7A39B8F94B}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{97433333-BBF0-4A6E-BF9C-16947811ADFD}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{982AD503-9485-49F1-AFC2-C6B137972252}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{A2856820-D814-4FBA-89E4-1E3B9F998F21}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{A353847D-2F08-4A55-A614-51DCB3263BB8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{A3D6FA12-5FAB-45B3-BD2B-3C14772BBE0F}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{A9F7C082-D22A-4953-8C94-C9ABA0050442}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{AC66C684-84D0-4C24-92FD-EE2E87567808}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{ACE3BC00-538A-4DBD-8EA5-4BA42C336696}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{AE3AE6D9-4CFA-4DE5-92F6-0E2424C39A2A}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{B0783364-D20E-40E3-BC56-A04821B118C8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{B51D3092-CF4B-4794-BEBF-D49ADAA8514D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{B60C916F-AAF8-41D5-B01B-B2F53D947E59}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{BE6E448B-60B7-46F7-AA2B-4CC7EEA3F3E0}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{BF06CCD7-DF2B-4004-B207-5C18264E05A8}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{C043B4EE-BAC4-4D0D-BC40-39C5C5C67E0C}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{C5B56FF0-F919-4DEA-A897-2E01C6B5C681}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{C6650974-F764-432E-9AC9-EF0BC1F4C12E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{CAB5EC35-705A-4D0C-8221-4496C102CFBA}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{CB389318-8AF6-4699-9E18-FE1BD1C9E330}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{CC074A99-2EC9-4073-9408-5BC5E3A38CB6}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{CF1F23C1-4B9A-43AC-9A51-24BC3216DEFA}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D0619FD1-3001-481E-A30D-A1B7E1834A77}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D1E50415-CAFC-4953-9B38-D92D8818021F}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D3250BB5-2FE6-4788-9853-EF32EC161A26}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D459AD04-5FF3-465B-A6ED-E249734BEB81}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D7A6C302-861A-4367-B765-6C6157725183}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D87A4C8F-77CC-406C-A958-C9763B436DD4}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{D994031E-BFC7-4A1A-87FC-E960E4678884}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DA28A684-C0D1-4458-83B0-711966F97490}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DB440740-AC6E-4A2A-83B4-2D6B2A940A55}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DB5B04D6-4EA3-4B5A-B19E-06B00387F634}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DBB3A5B5-A176-4209-844F-C9A844CB30F0}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DD0620BB-E130-4B25-BAE8-276D6E9D0FAB}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DE6BE1A4-E8B1-4429-828F-32451E25F695}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{DF507FBB-BD3D-4FBB-B122-4FCA70A25F27}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E1552A31-3E1E-4816-84A9-3E787814FFA9}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E1A4077D-0628-4026-B77B-73A5EC2E3E62}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E63DDDF3-1817-4257-8490-4F0895857AB5}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E6FE9287-A00F-43A9-9D5E-C9E80B23D2A9}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E72218D6-ED6B-443B-B1D3-8CEF4FF3E06D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E83ECA49-B2CE-4CFA-B90D-580C4D5FE040}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{E9F96AE9-BD26-421D-A316-0B199682E760}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{EA310366-386A-447B-B7EB-E3423B35F31B}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{EDE55F83-44D3-4B12-83AC-E6DC64108ED2}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{EEF94F76-07FD-49FE-A156-694ABD6B6A6E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{EFA5AB3A-DBDC-4E72-8FF6-2FDF058D0865}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F04C8675-DFBC-4CFA-9C34-20DBA6F39198}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F0A72EC7-3D2E-4D21-B0C2-E2B5ACE3C222}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F215E5E1-C270-4F58-9BD5-D103DE3DF953}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F3CDD684-1238-4291-B8F7-42D899F4029D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F4725598-484D-407F-AD78-5C320619846E}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F724885E-64AB-4C8E-9D58-D500A8399109}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F754B8D6-DC4D-49E0-89AA-E158E987B726}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{F9213D20-CDA1-43AA-9AC3-1EEF685018B5}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{FBDF2F81-CD15-4068-B77C-8FC5127A6738}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{FC973670-3BE8-4462-BD0B-2AC3FEDF5A6C}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{FEDBF59C-EDF4-45D8-8257-9EEE92DF7398}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{FF8A11B5-79DE-4159-9DC3-7A7C00AC8B3D}
Successfully deleted: [Empty Folder] C:\Users\pc\appdata\local\{FFE0E44D-9D51-4A55-A739-A76877B70A44}



~~~ FireFox

Emptied folder: C:\Users\pc\AppData\Roaming\mozilla\firefox\profiles\ahit0ekq.default\minidumps [6 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\pc\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.10.2013 at 12:32:49,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST log:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013
Ran by pc (administrator) on PC-PC on 25-10-2013 12:36:34
Running from C:\Users\pc\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181744 2010-10-22] (Gainward Co.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3046808 2011-02-08] ()
HKCU\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] - 0
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01C046B78B25CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HTTPS Everywhere) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.10.16_0
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Ghostery) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-07-08] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2011-07-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 TBPanel; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [x]
S3 rtlss; System32\Drivers\rtlss.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2051-01-27 19:38 - 2012-06-10 15:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\QuickScan
2051-01-27 19:33 - 2051-01-27 19:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 19:32 - 2051-01-27 19:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 19:24 - 2051-01-27 19:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-25 12:32 - 2013-10-25 12:34 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 12:26 - 2013-10-25 12:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 12:26 - 2013-10-25 12:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 12:11 - 2013-10-25 12:23 - 00000000 ____D C:\AdwCleaner
2013-10-25 12:11 - 2013-10-25 12:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 12:10 - 2013-10-25 12:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-24 13:36 - 2013-10-24 13:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 13:02 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-24 13:02 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-24 13:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-24 12:55 - 2013-10-24 13:36 - 00000000 ____D C:\Qoobox
2013-10-24 12:54 - 2013-10-24 12:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 09:24 - 2013-10-24 09:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 09:13 - 2013-10-24 09:14 - 00029053 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-24 09:11 - 2013-10-24 09:11 - 01955412 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-24 09:11 - 2013-10-24 09:11 - 00000000 ____D C:\FRST
2013-10-24 00:28 - 2013-10-24 00:30 - 110641816 _____ C:\Users\pc\Downloads\vpsupd.exe
2013-10-24 00:16 - 2013-10-24 00:16 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-21 16:23 - 2013-10-21 16:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 15:46 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-21 15:46 - 2013-10-21 15:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 14:14 - 2013-10-21 14:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 14:13 - 2013-10-24 15:59 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-21 14:13 - 2013-10-24 01:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 14:10 - 2013-10-21 14:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-18 11:48 - 2013-10-18 11:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 11:48 - 2013-10-18 11:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 11:48 - 2013-10-18 11:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 11:48 - 2013-10-18 11:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 11:47 - 2013-10-18 11:47 - 00000000 ____D C:\Program Files\Java
2013-10-10 15:48 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 15:48 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 15:48 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 15:48 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 15:48 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 15:48 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 15:48 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 15:47 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 15:47 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 10:56 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 10:56 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 10:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 10:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 10:56 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 10:56 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 10:56 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 10:56 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 10:56 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 10:56 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 10:56 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 10:56 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 10:56 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 10:56 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 10:56 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 10:56 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 10:56 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 10:56 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 10:56 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 10:56 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 10:56 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 10:56 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 10:56 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 10:56 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 10:56 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 10:56 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 10:56 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 10:56 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 10:56 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 10:56 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 10:56 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 10:56 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 10:56 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 10:56 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 10:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 10:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 10:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 10:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 10:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 10:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 10:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 10:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 10:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 10:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 10:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files\iTunes
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files\iPod
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-09 16:30 - 2013-10-09 16:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

==================== One Month Modified Files and Folders =======

2051-01-27 19:33 - 2051-01-27 19:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 19:32 - 2051-01-27 19:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 19:24 - 2051-01-27 19:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-25 12:37 - 2011-02-08 00:44 - 00000000 ____D C:\Users\pc\AppData\Local\PMB Files
2013-10-25 12:34 - 2013-10-25 12:32 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 12:34 - 2012-11-07 19:28 - 00000000 ___RD C:\Users\pc\Dropbox
2013-10-25 12:34 - 2012-11-07 19:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2013-10-25 12:31 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-25 12:31 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-25 12:26 - 2013-10-25 12:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 12:26 - 2013-10-25 12:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 12:24 - 2013-01-20 19:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-25 12:24 - 2011-01-01 15:29 - 00221990 _____ C:\Windows\PFRO.log
2013-10-25 12:24 - 2010-12-20 19:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-25 12:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 12:24 - 2009-07-14 06:51 - 01766199 _____ C:\Windows\setupact.log
2013-10-25 12:23 - 2013-10-25 12:11 - 00000000 ____D C:\AdwCleaner
2013-10-25 12:23 - 2010-12-20 17:37 - 02092812 _____ C:\Windows\WindowsUpdate.log
2013-10-25 12:11 - 2013-10-25 12:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 12:10 - 2013-10-25 12:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-25 12:01 - 2013-01-14 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 11:41 - 2013-01-17 21:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 11:38 - 2013-01-20 19:04 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-24 23:12 - 2013-08-20 21:04 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-24 22:59 - 2010-12-20 17:41 - 00000000 ____D C:\Users\pc
2013-10-24 15:59 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-24 13:36 - 2013-10-24 13:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 13:36 - 2013-10-24 12:55 - 00000000 ____D C:\Qoobox
2013-10-24 13:25 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-10-24 12:54 - 2013-10-24 12:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 09:24 - 2013-10-24 09:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 09:24 - 2010-12-30 15:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2013-10-24 09:14 - 2013-10-24 09:13 - 00029053 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-24 09:11 - 2013-10-24 09:11 - 01955412 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-24 09:11 - 2013-10-24 09:11 - 00000000 ____D C:\FRST
2013-10-24 01:11 - 2013-10-21 15:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-24 01:11 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files\iPod
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-24 01:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-10-24 00:30 - 2013-10-24 00:28 - 110641816 _____ C:\Users\pc\Downloads\vpsupd.exe
2013-10-24 00:16 - 2013-10-24 00:16 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-24 00:16 - 2013-01-20 19:36 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-24 00:16 - 2013-01-20 19:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-21 16:23 - 2013-10-21 16:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 15:46 - 2013-10-21 15:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 14:14 - 2013-10-21 14:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 14:11 - 2011-01-07 18:42 - 00000000 ____D C:\Program Files (x86)\Games
2013-10-21 14:10 - 2013-10-21 14:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-19 17:33 - 2013-01-20 19:15 - 00003300 _____ C:\Windows\Sandboxie.ini
2013-10-18 11:48 - 2013-10-18 11:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 11:47 - 2013-10-18 11:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 11:47 - 2013-10-18 11:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 11:47 - 2013-10-18 11:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 11:47 - 2013-10-18 11:47 - 00000000 ____D C:\Program Files\Java
2013-10-14 17:22 - 2011-07-07 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-11 15:30 - 2011-07-03 00:06 - 00000000 ____D C:\Users\pc\AppData\Roaming\KeePass
2013-10-11 00:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 15:55 - 2009-07-14 06:45 - 00311104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 15:51 - 2013-03-13 01:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 15:51 - 2013-03-13 01:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 15:49 - 2010-12-31 16:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 15:43 - 2013-08-16 00:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 15:42 - 2012-08-11 13:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 20:41 - 2013-01-17 21:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 20:41 - 2013-01-17 21:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:41 - 2013-01-17 21:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 16:35 - 2012-06-10 13:31 - 00008366 _____ C:\Users\pc\Documents\NewDatabase.kdbx
2013-10-09 16:33 - 2013-01-20 19:04 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 16:33 - 2013-01-20 19:04 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 16:30 - 2013-10-09 16:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-09 16:24 - 2010-12-30 16:11 - 00000000 ____D C:\Users\pc\AppData\Local\Apple Computer

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 13:27

==================== End Of Log ============================
--- --- ---



Übrigens funktioniert Avast wieder nicht.

schrauber 25.10.2013 11:38

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Khael 25.10.2013 20:14
Eset:


Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0d3582f03a8aac42a77c5559c2306053
# engine=15634
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-25 07:01:48
# local_time=2013-10-25 09:01:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 160232 159437580 0 0
# compatibility_mode=5893 16776573 100 94 104347 134357558 0 0
# scanned=300165
# found=0
# cleaned=0
# scan_time=4331


Security Check:


Code:
Results of screen317's Security Check version 0.99.74 
 Windows 7 Service Pack 1 x64 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.4001) 
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Adobe Flash Player 11.9.900.117 
 Adobe Reader XI 
 Mozilla Firefox 22.0 Firefox out of Date! 
 Google Chrome 30.0.1599.101 
 Google Chrome 30.0.1599.69 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2013
Ran by pc (administrator) on PC-PC on 25-10-2013 21:18:46
Running from C:\Users\pc\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181744 2010-10-22] (Gainward Co.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3046808 2011-02-08] ()
HKCU\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] - 0
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01C046B78B25CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HTTPS Everywhere) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.10.16_0
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Ghostery) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-07-08] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2011-07-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 TBPanel; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [x]
S3 rtlss; System32\Drivers\rtlss.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2051-01-27 19:38 - 2012-06-10 15:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\QuickScan
2051-01-27 19:33 - 2051-01-27 19:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 19:32 - 2051-01-27 19:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 19:24 - 2051-01-27 19:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-25 21:18 - 2013-10-25 21:18 - 01955944 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-25 21:04 - 2013-10-25 21:04 - 00891167 _____ C:\Users\pc\Downloads\SecurityCheck.exe
2013-10-25 19:47 - 2013-10-25 19:47 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_enu.exe
2013-10-25 12:32 - 2013-10-25 12:34 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 12:26 - 2013-10-25 12:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 12:26 - 2013-10-25 12:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 12:11 - 2013-10-25 12:23 - 00000000 ____D C:\AdwCleaner
2013-10-25 12:11 - 2013-10-25 12:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 12:10 - 2013-10-25 12:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-24 13:36 - 2013-10-24 13:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 13:02 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-24 13:02 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-24 13:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-24 13:02 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-24 12:55 - 2013-10-24 13:36 - 00000000 ____D C:\Qoobox
2013-10-24 12:54 - 2013-10-24 12:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 09:24 - 2013-10-24 09:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 09:13 - 2013-10-24 09:14 - 00029053 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-24 09:11 - 2013-10-24 09:11 - 00000000 ____D C:\FRST
2013-10-24 00:28 - 2013-10-24 00:30 - 110641816 _____ C:\Users\pc\Downloads\vpsupd.exe
2013-10-24 00:16 - 2013-10-24 00:16 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-21 16:23 - 2013-10-21 16:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 15:46 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-21 15:46 - 2013-10-21 15:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 14:14 - 2013-10-21 14:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 14:13 - 2013-10-24 15:59 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-21 14:13 - 2013-10-24 01:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 14:10 - 2013-10-21 14:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-18 11:48 - 2013-10-18 11:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 11:48 - 2013-10-18 11:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 11:48 - 2013-10-18 11:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 11:48 - 2013-10-18 11:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 11:47 - 2013-10-18 11:47 - 00000000 ____D C:\Program Files\Java
2013-10-10 15:48 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 15:48 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 15:48 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 15:48 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 15:48 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 15:48 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 15:48 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 15:48 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 15:48 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 15:48 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 15:47 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 15:47 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 10:56 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 10:56 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 10:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 10:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 10:56 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 10:56 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 10:56 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 10:56 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 10:56 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 10:56 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 10:56 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 10:56 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 10:56 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 10:56 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 10:56 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 10:56 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 10:56 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 10:56 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 10:56 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 10:56 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 10:56 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 10:56 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 10:56 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 10:56 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 10:56 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 10:56 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 10:56 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 10:56 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 10:56 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 10:56 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 10:56 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 10:56 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 10:56 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 10:56 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 10:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 10:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 10:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 10:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 10:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 10:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 10:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 10:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 10:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 10:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 10:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files\iTunes
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files\iPod
2013-10-09 16:30 - 2013-10-24 01:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-09 16:30 - 2013-10-09 16:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

==================== One Month Modified Files and Folders =======

2051-01-27 19:33 - 2051-01-27 19:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 19:32 - 2051-01-27 19:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 19:24 - 2051-01-27 19:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-25 21:18 - 2013-10-25 21:18 - 01955944 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-25 21:04 - 2013-10-25 21:04 - 00891167 _____ C:\Users\pc\Downloads\SecurityCheck.exe
2013-10-25 20:59 - 2010-12-20 17:37 - 01088275 _____ C:\Windows\WindowsUpdate.log
2013-10-25 20:41 - 2013-01-17 21:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 20:38 - 2013-01-20 19:04 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-25 20:12 - 2011-02-08 00:44 - 00000000 ____D C:\Users\pc\AppData\Local\PMB Files
2013-10-25 19:49 - 2012-11-07 19:28 - 00000000 ___RD C:\Users\pc\Dropbox
2013-10-25 19:49 - 2012-11-07 19:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2013-10-25 19:48 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-25 19:48 - 2009-07-14 06:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-25 19:47 - 2013-10-25 19:47 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_enu.exe
2013-10-25 19:41 - 2013-01-20 19:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-25 19:41 - 2010-12-20 19:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-25 19:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 19:41 - 2009-07-14 06:51 - 01766647 _____ C:\Windows\setupact.log
2013-10-25 12:34 - 2013-10-25 12:32 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 12:26 - 2013-10-25 12:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 12:26 - 2013-10-25 12:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 12:24 - 2011-01-01 15:29 - 00221990 _____ C:\Windows\PFRO.log
2013-10-25 12:23 - 2013-10-25 12:11 - 00000000 ____D C:\AdwCleaner
2013-10-25 12:11 - 2013-10-25 12:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 12:10 - 2013-10-25 12:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-25 12:01 - 2013-01-14 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-24 23:12 - 2013-08-20 21:04 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-24 22:59 - 2010-12-20 17:41 - 00000000 ____D C:\Users\pc
2013-10-24 15:59 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-24 13:36 - 2013-10-24 13:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 13:36 - 2013-10-24 12:55 - 00000000 ____D C:\Qoobox
2013-10-24 13:25 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-10-24 12:54 - 2013-10-24 12:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 09:24 - 2013-10-24 09:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 09:24 - 2010-12-30 15:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2013-10-24 09:14 - 2013-10-24 09:13 - 00029053 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-24 09:11 - 2013-10-24 09:11 - 00000000 ____D C:\FRST
2013-10-24 01:11 - 2013-10-21 15:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-24 01:11 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files\iPod
2013-10-24 01:11 - 2013-10-09 16:30 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-24 01:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-10-24 00:30 - 2013-10-24 00:28 - 110641816 _____ C:\Users\pc\Downloads\vpsupd.exe
2013-10-24 00:16 - 2013-10-24 00:16 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-24 00:16 - 2013-01-20 19:36 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-24 00:16 - 2013-01-20 19:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-21 16:23 - 2013-10-21 16:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 15:46 - 2013-10-21 15:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 14:14 - 2013-10-21 14:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 14:13 - 2013-10-21 14:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 14:11 - 2011-01-07 18:42 - 00000000 ____D C:\Program Files (x86)\Games
2013-10-21 14:10 - 2013-10-21 14:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-19 17:33 - 2013-01-20 19:15 - 00003300 _____ C:\Windows\Sandboxie.ini
2013-10-18 11:48 - 2013-10-18 11:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 11:47 - 2013-10-18 11:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 11:47 - 2013-10-18 11:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 11:47 - 2013-10-18 11:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 11:47 - 2013-10-18 11:47 - 00000000 ____D C:\Program Files\Java
2013-10-14 17:22 - 2011-07-07 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-11 15:30 - 2011-07-03 00:06 - 00000000 ____D C:\Users\pc\AppData\Roaming\KeePass
2013-10-11 00:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 15:55 - 2009-07-14 06:45 - 00311104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 15:51 - 2013-03-13 01:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 15:51 - 2013-03-13 01:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 15:49 - 2010-12-31 16:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 15:43 - 2013-08-16 00:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 15:42 - 2012-08-11 13:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 20:41 - 2013-01-17 21:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 20:41 - 2013-01-17 21:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:41 - 2013-01-17 21:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 16:35 - 2012-06-10 13:31 - 00008366 _____ C:\Users\pc\Documents\NewDatabase.kdbx
2013-10-09 16:33 - 2013-01-20 19:04 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 16:33 - 2013-01-20 19:04 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 16:30 - 2013-10-09 16:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-09 16:24 - 2010-12-30 16:11 - 00000000 ____D C:\Users\pc\AppData\Local\Apple Computer

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 13:27

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Hmm, die Probleme sind immer noch vorhanden. Sprich iTunes lässt sich nicht mehr öffnen und Windows Media Player hängt sich immer auf (war vor ein paar Tagen nicht so). Und das DVD Laufwerk erkennt keine DVDs wobei das ist ja evtl ein hardwarefehler wie du sagtest. Aber iTunes und Media Player?
Auch Avast ist nach wie vor inaktiv und lässt sich auch nicht aktivieren. Ich habe das Programm gelöscht und bei Chip nochmal runtergeladen und neu installiert. Ist aber immer noch das gleiche Problem: Das Programm läuft im Hintergrund, lässt sich aber nicht aktivieren...so ohne Virenschutz kann ich das ja nicht einfach stehen lassen.

schrauber 26.10.2013 12:53
Downloade dir bitte Windows Repair (All In One) von hier.

Khael 26.10.2013 20:29
Ich habe alles soweit erledigt, leider sind sämtliche Probleme nach wie vor vorhanden.

schrauber 27.10.2013 07:54
Öffne mal FRST, setz nen Haken bei Additional und scanne, poste beide Logfiles.

Win DVD zur Hand?

Khael 27.10.2013 12:11
Ich habs jetzt mehrmals probiert (immer mit der aktuellsten Version), sobald er beim Schritt "listing partitions, please wait" ist, hängt sich das Programm auf.

Und eine Win DVD hab ich leider derzeit nicht.

schrauber 27.10.2013 17:59
Nice. Haken raus bei Partitions oder ähnlichem, dann nochmal versuchen mit FRST zu scannen.

Khael 27.10.2013 18:30
Haken sind gesetzt bei:
Whitelist: Registry, Processes, Services, KnownDLLs, Drivers, Internet.
Möglich bei:
Optinal Scan:
List BCD, Drivers MD5, Addition.txt

Partitions gibt es nicht :)

schrauber 27.10.2013 19:21
BCD haken raus :)

Khael 27.10.2013 19:31
Also, Haken sind überall gesetzt außer bei "list BCD" und "Drivers MD5". Trotzdem hängt er sich immer wieder an der gleichen Stelle auf.


EDIT: Endlich, bitte sehr :)


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by pc (administrator) on PC-PC on 27-10-2013 19:29:05
Running from C:\Users\pc\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.beta.2293\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.3823\Battle.net.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\pc\Downloads\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181744 2010-10-22] (Gainward Co.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3046808 2011-02-07] ()
HKCU\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] - 0
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-25] (AVAST Software)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avast! Free Antivirus (2).lnk
ShortcutTarget: avast! Free Antivirus (2).lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01C046B78B25CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HTTPS Everywhere) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.10.16_0
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Ghostery) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-25] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-07-08] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2011-07-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-25] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 TBPanel; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [x]
S3 rtlss; System32\Drivers\rtlss.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2051-01-27 18:38 - 2012-06-10 14:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\QuickScan
2051-01-27 18:33 - 2051-01-27 18:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 18:32 - 2051-01-27 18:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 18:24 - 2051-01-27 18:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-27 14:40 - 2013-10-27 14:40 - 00100984 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-10-27 12:06 - 2013-10-27 12:06 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64 (1).exe
2013-10-26 19:35 - 2013-10-26 20:21 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-26 19:33 - 2013-10-26 19:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-10-26 19:32 - 2013-10-26 19:32 - 00000000 ____D C:\RegBackup
2013-10-26 19:20 - 2011-10-24 12:35 - 00000000 ____D C:\Users\pc\Desktop\Tweaking.com - Windows Repair
2013-10-26 19:07 - 2013-10-26 19:09 - 02800307 _____ C:\Users\pc\Downloads\tweaking.com_windows_repair_aio.zip
2013-10-25 21:49 - 2013-10-25 21:51 - 40145456 _____ (AVAST Software) C:\Users\pc\Downloads\vpsupd (1).exe
2013-10-25 21:42 - 2013-10-25 21:42 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-25 21:41 - 2013-10-25 21:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-25 21:41 - 2013-10-25 21:41 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-25 21:35 - 2013-10-25 21:36 - 85269544 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup_9.0.2006.159.exe
2013-10-25 21:16 - 2013-10-25 21:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 21:04 - 2013-10-25 21:04 - 00000000 ____D C:\Users\pc\AppData\Roaming\AVAST Software
2013-10-25 20:30 - 2013-10-25 21:16 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iPod
2013-10-25 20:18 - 2013-10-27 12:05 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-25 20:04 - 2013-10-25 20:04 - 00891167 _____ C:\Users\pc\Downloads\SecurityCheck.exe
2013-10-25 18:47 - 2013-10-25 18:47 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_enu.exe
2013-10-25 11:32 - 2013-10-25 11:34 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 11:26 - 2013-10-25 11:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 11:26 - 2013-10-25 11:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 11:11 - 2013-10-25 11:23 - 00000000 ____D C:\AdwCleaner
2013-10-25 11:11 - 2013-10-25 11:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 11:10 - 2013-10-25 11:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-24 12:36 - 2013-10-24 12:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 12:02 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-24 12:02 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-24 12:02 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-24 11:55 - 2013-10-24 12:36 - 00000000 ____D C:\Qoobox
2013-10-24 11:54 - 2013-10-24 11:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 08:24 - 2013-10-24 08:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 08:13 - 2013-10-27 12:08 - 00029767 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-24 08:11 - 2013-10-24 08:11 - 00000000 ____D C:\FRST
2013-10-21 15:23 - 2013-10-21 15:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 14:46 - 2013-10-24 00:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-21 14:46 - 2013-10-21 14:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 13:14 - 2013-10-21 13:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 13:13 - 2013-10-27 19:28 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-21 13:13 - 2013-10-24 00:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 13:10 - 2013-10-21 13:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-18 10:48 - 2013-10-18 10:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 10:48 - 2013-10-18 10:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 10:48 - 2013-10-18 10:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 10:48 - 2013-10-18 10:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 10:47 - 2013-10-18 10:47 - 00000000 ____D C:\Program Files\Java
2013-10-10 14:48 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 14:48 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 14:48 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 14:48 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 14:48 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 14:48 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 14:48 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 14:48 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 14:48 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 14:48 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 14:47 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 14:47 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 09:56 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 09:56 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 09:56 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 09:56 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 09:56 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 09:56 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 09:56 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 09:56 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 09:56 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 09:56 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 09:56 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 09:56 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 09:56 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 09:56 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 09:56 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 09:56 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 09:56 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 09:56 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 09:56 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 09:56 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 09:56 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 09:56 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 09:56 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 09:56 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 09:56 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 09:56 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 09:56 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 09:56 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 09:56 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 09:56 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 09:56 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 09:56 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 09:56 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 09:56 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 09:56 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 09:56 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 09:56 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 09:56 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 09:56 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 09:56 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 09:56 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 09:56 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 09:56 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 09:56 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 09:56 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 15:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified Files and Folders =======

2051-01-27 18:33 - 2051-01-27 18:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 18:32 - 2051-01-27 18:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 18:24 - 2051-01-27 18:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-27 19:28 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-27 19:18 - 2010-12-20 16:37 - 01310468 _____ C:\Windows\WindowsUpdate.log
2013-10-27 18:56 - 2010-12-30 14:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2013-10-27 18:41 - 2013-01-17 20:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-27 18:38 - 2013-01-20 18:04 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 18:02 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-27 18:02 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-27 17:47 - 2009-07-14 05:51 - 01773367 _____ C:\Windows\setupact.log
2013-10-27 16:38 - 2013-01-20 18:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-27 14:52 - 2011-07-02 22:59 - 00000000 ____D C:\Program Files\KeePass
2013-10-27 14:40 - 2013-10-27 14:40 - 00100984 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-10-27 12:18 - 2011-02-07 23:44 - 00000000 ____D C:\Users\pc\AppData\Local\PMB Files
2013-10-27 12:08 - 2013-10-24 08:13 - 00029767 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-27 12:06 - 2013-10-27 12:06 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64 (1).exe
2013-10-27 12:05 - 2013-10-25 20:18 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-27 11:54 - 2012-11-07 18:28 - 00000000 ___RD C:\Users\pc\Dropbox
2013-10-27 11:54 - 2012-11-07 18:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2013-10-27 11:47 - 2010-12-20 18:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-27 11:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 20:24 - 2010-12-21 00:20 - 00068328 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-26 20:24 - 2009-07-14 05:45 - 00311104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-26 20:23 - 2011-01-01 14:29 - 00530904 _____ C:\Windows\PFRO.log
2013-10-26 20:21 - 2013-10-26 19:35 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-26 20:20 - 2009-07-14 03:34 - 00000482 _____ C:\Windows\win.ini
2013-10-26 19:33 - 2013-10-26 19:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-10-26 19:32 - 2013-10-26 19:32 - 00000000 ____D C:\RegBackup
2013-10-26 19:09 - 2013-10-26 19:07 - 02800307 _____ C:\Users\pc\Downloads\tweaking.com_windows_repair_aio.zip
2013-10-25 22:46 - 2013-05-18 10:47 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-10-25 22:46 - 2013-05-18 10:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-10-25 21:51 - 2013-10-25 21:49 - 40145456 _____ (AVAST Software) C:\Users\pc\Downloads\vpsupd (1).exe
2013-10-25 21:42 - 2013-10-25 21:42 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-25 21:42 - 2013-10-25 21:42 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-25 21:42 - 2013-01-20 18:36 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-25 21:41 - 2013-10-25 21:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-25 21:41 - 2013-10-25 21:41 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-25 21:39 - 2013-01-20 18:36 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-25 21:36 - 2013-10-25 21:35 - 85269544 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup_9.0.2006.159.exe
2013-10-25 21:27 - 2010-12-20 16:42 - 00000000 ___RD C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 21:16 - 2013-10-25 21:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 21:16 - 2013-10-25 20:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-25 21:04 - 2013-10-25 21:04 - 00000000 ____D C:\Users\pc\AppData\Roaming\AVAST Software
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iPod
2013-10-25 20:30 - 2013-10-09 15:30 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-25 20:04 - 2013-10-25 20:04 - 00891167 _____ C:\Users\pc\Downloads\SecurityCheck.exe
2013-10-25 18:47 - 2013-10-25 18:47 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_enu.exe
2013-10-25 11:34 - 2013-10-25 11:32 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 11:26 - 2013-10-25 11:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 11:26 - 2013-10-25 11:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 11:23 - 2013-10-25 11:11 - 00000000 ____D C:\AdwCleaner
2013-10-25 11:11 - 2013-10-25 11:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 11:10 - 2013-10-25 11:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-25 11:01 - 2013-01-14 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-24 22:12 - 2013-08-20 20:04 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-24 21:59 - 2010-12-20 16:41 - 00000000 ____D C:\Users\pc
2013-10-24 12:36 - 2013-10-24 12:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 12:36 - 2013-10-24 11:55 - 00000000 ____D C:\Qoobox
2013-10-24 12:25 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-10-24 11:54 - 2013-10-24 11:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 08:24 - 2013-10-24 08:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 08:11 - 2013-10-24 08:11 - 00000000 ____D C:\FRST
2013-10-24 00:11 - 2013-10-21 14:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-24 00:11 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-24 00:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-23 23:16 - 2013-01-20 18:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-21 15:23 - 2013-10-21 15:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 14:46 - 2013-10-21 14:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 13:14 - 2013-10-21 13:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 13:11 - 2011-01-07 17:42 - 00000000 ____D C:\Program Files (x86)\Games
2013-10-21 13:10 - 2013-10-21 13:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-19 16:33 - 2013-01-20 18:15 - 00003300 _____ C:\Windows\Sandboxie.ini
2013-10-18 10:48 - 2013-10-18 10:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 10:47 - 2013-10-18 10:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 10:47 - 2013-10-18 10:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 10:47 - 2013-10-18 10:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 10:47 - 2013-10-18 10:47 - 00000000 ____D C:\Program Files\Java
2013-10-14 16:22 - 2011-07-07 16:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-11 14:30 - 2011-07-02 23:06 - 00000000 ____D C:\Users\pc\AppData\Roaming\KeePass
2013-10-10 23:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 14:51 - 2013-03-13 00:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 14:51 - 2013-03-13 00:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 14:49 - 2010-12-31 15:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 14:43 - 2013-08-15 23:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 14:42 - 2012-08-11 12:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 19:41 - 2013-01-17 20:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 19:41 - 2013-01-17 20:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 19:41 - 2013-01-17 20:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 15:35 - 2012-06-10 12:31 - 00008366 _____ C:\Users\pc\Documents\NewDatabase.kdbx
2013-10-09 15:33 - 2013-01-20 18:04 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 15:33 - 2013-01-20 18:04 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 15:24 - 2010-12-30 15:11 - 00000000 ____D C:\Users\pc\AppData\Local\Apple Computer

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 12:27

==================== End Of Log ============================
--- --- ---




Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2013 01
Ran by pc at 2013-10-27 19:30:10
Running from C:\Users\pc\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
7-Zip 9.20 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
avast! Free Antivirus (x32 Version: 9.0.2006)
AVM FRITZ!WLAN (x32)
Battle.net (x32)
Bonjour (Version: 3.0.0.10)
Borderlands 2 (x32)
Call of Duty: Black Ops - Multiplayer (x32)
Call of Duty: Black Ops (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Camtasia Studio 7 (x32 Version: 7.0.1)
CCleaner (Version: 3.27)
D3DX10 (x32 Version: 15.4.2368.0902)
Diablo III (x32)
Dishonored (x32 Version: 1.0)
Dropbox (HKCU Version: 2.0.22)
EAX4 Unified Redist (x32 Version: 4.001)
EXPERTool 7.14 (x32)
FileHippo.com Update Checker (x32)
Fraps (remove only) (x32)
Free Video Flip and Rotate version 2.1.9.725 (x32 Version: 2.1.9.725)
Free Video to iPhone Converter version 5.0.28.827 (x32 Version: 5.0.28.827)
Freemake Video Converter Version 4.0.2 (x32 Version: 4.0.2)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
Grand Theft Auto IV (x32 Version: 1.0.0011.131)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135)
Grand Theft Auto: Episodes From Liberty City (x32 Version: 1.1.0.0)
Hearthstone (x32)
iCloud (Version: 3.0.2.163)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
iTunes (Version: 11.1.2.32)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
L.A. Noire: The Complete Edition (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Max Payne 3 (x32)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mp3tag v2.49 (x32 Version: v2.49)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (x32 Version: 9.11.1111)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL (x32)
Paint.NET v3.5.10 (Version: 3.60.0)
Panda USB Vaccine 1.0.1.4 (x32)
Pando Media Booster (x32 Version: 2.3.5.2)
PDF Split And Merge Basic (Version: 2.2.2)
Platform (x32 Version: 1.34)
Prezi Desktop (x32 Version: 4.5.1)
PunkBuster Services (x32 Version: 0.986)
Quantum GIS Lisboa 1.8.0 Lisboa (x32 Version: 1.8.0-r${SVN_REVISION}-2)
QuickTime (x32 Version: 7.74.80.86)
R for Windows 2.15.2 (Version: 2.15.2)
Realtek Ethernet Controller Driver For Windows Vista and Later (x32 Version: 1.00.0009)
RemoteComms External Disk Access (x32 Version: 1.25.0003)
Rockstar Games Social Club (x32 Version: 1.1.0.6)
Sandboxie 4.06 (64-bit) (Version: 4.06)
Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001)
Skype™ 6.7 (x32 Version: 6.7.102)
Star Wars: The Old Republic (x32 Version: 1.00)
StarCraft II (x32)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab (x32 Version: 4.1.72.0)
The Elder Scrolls V: Skyrim (x32)
Torchlight (x32)
Torchlight II (x32)
Uninstall 1.0.0.1 (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
VLC media player 2.1.0 (x32 Version: 2.1.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World of Warcraft (x32)

==================== Restore Points  =========================

25-10-2013 19:40:12 avast! Free Antivirus Setup
25-10-2013 20:02:02 avast! antivirus system restore point
25-10-2013 20:36:46 avast! antivirus system restore point
25-10-2013 20:41:26 avast! antivirus system restore point
26-10-2013 18:31:51 Tweaking.com - Windows Repair

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-10-24 12:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {011436A8-8FF0-4ACB-9FB7-E481C450FF19} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {089F7558-76BA-417C-BF3E-6D49D624CA4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0CF012FF-7E49-4E57-85A7-FA5FA807A34D} - System32\Tasks\{0791B258-94E1-4387-8AE6-CFD9DE0B379B} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {138BBC82-8FA6-412F-B7E2-1F42157A44B7} - System32\Tasks\{4322F264-6326-48F0-9E35-439E30A91324} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {1CA98BA9-7F17-46DD-827A-3BA15558DC43} - System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {4855E15C-5BEC-406E-A5CA-59AD9857F27D} - System32\Tasks\{5EB82005-0DA8-4CFA-84D9-918A8811184D} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {5A49C344-1339-4237-815B-A474FEE06ED6} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {5BA49E31-FAD5-453E-9A7D-56C71F31799C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {60DCD8A7-4A19-460D-B344-F73AC1487583} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {726E4403-3EF5-4A53-A57E-472AF4F57065} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20] (Google Inc.)
Task: {7808C3E0-CEBC-4D40-A7DB-74EBC9665971} - System32\Tasks\{FEF7769C-0D4E-4A2D-89F6-C22129A04338} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {93804795-B8BB-490F-8705-66A7EB8C6AAF} - System32\Tasks\{A9DD6843-FDDB-4773-96F4-B1EA314F950C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-07-25] (Skype Technologies S.A.)
Task: {A48B4EE6-5A94-4989-9763-5DAF3FF59278} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {A990D147-2699-42C9-9102-5014ABBB33B5} - System32\Tasks\{20C01417-9AAB-4FA3-B722-F0CC174AA673} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {B1411A5D-1E7B-484B-A557-95759E78A107} - System32\Tasks\{C75F808C-C8C5-4E08-8CB2-B5C93CCDA135} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {B44074BA-5EAC-4298-BF21-E3C242EF25EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20] (Google Inc.)
Task: {C4E95228-45CE-41D0-8A1C-ACE4E6E3FBF4} - System32\Tasks\{2F30BD95-1E18-4B2D-A21B-C642AB34DA81} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {E8891B14-3275-41C8-9B68-0897A7BB0064} - System32\Tasks\{5C37157B-69CF-4AAC-8735-E5649D39E62D} => C:\Program Files\Games\GTA 4 Neu\Grand Theft Auto IV\LaunchGTAIV.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-20 17:10 - 2009-05-07 09:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2010-12-20 17:10 - 2009-05-07 09:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-12-20 17:10 - 2008-01-18 07:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2010-12-20 17:10 - 2009-11-03 04:12 - 47601664 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-10-27 16:08 - 2013-10-27 13:52 - 02136576 _____ () C:\Program Files\AVAST Software\Avast\defs\13102700\algo.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-20 18:17 - 1998-10-31 10:55 - 00005120 _____ () C:\Program Files (x86)\EXPERTool\TBManage.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-25 21:41 - 2013-10-25 21:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\pc\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-17 16:40 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-17 16:40 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-17 16:40 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-17 16:40 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-17 16:40 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-21 13:13 - 2013-10-21 13:13 - 26118656 _____ () C:\Program Files (x86)\Battle.net\Battle.net.3823\libcef.dll
2013-10-21 13:13 - 2013-10-21 13:13 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.3823\libglesv2.dll
2013-10-21 13:13 - 2013-10-21 13:13 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.3823\libegl.dll
2013-10-17 16:40 - 2013-10-09 01:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2013 05:47:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2615919

Error: (10/27/2013 05:47:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2615919

Error: (10/27/2013 05:47:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 05:47:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2614920

Error: (10/27/2013 05:47:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2614920

Error: (10/27/2013 05:47:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 05:47:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2613922

Error: (10/27/2013 05:47:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2613922

Error: (10/27/2013 05:47:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 05:47:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2612923


System errors:
=============
Error: (10/27/2013 04:29:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:28:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:27:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:26:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:25:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:24:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:23:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:22:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:21:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (10/27/2013 04:20:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.


Microsoft Office Sessions:
=========================
Error: (06/05/2012 09:32:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 191818 seconds with 14520 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-10-24 13:22:44.786
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-24 13:22:44.644
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:58:22.277
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:58:22.093
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:57:40.192
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:57:39.930
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:57:20.531
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:57:20.281
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:57:07.666
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-28 00:57:07.376
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 4055.05 MB
Available physical RAM: 1679.14 MB
Total Pagefile: 8108.29 MB
Available Pagefile: 4132.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:490.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C49F2E73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 28.10.2013 10:29
mit aktivieren bei Avast, meinst Du da online aktivieren oder ist der Echtzeitschutz beendet?

Khael 28.10.2013 12:01
Der Echtzeitschutz ist ausgeschaltet und lässt sich nicht aktivieren :)
Und jedes Mal, wenn ich jetzt den PC hochfahre, startet sich der Browser mit einer Willkommensseite von Avast. Das war vorher nicht so, aber ich habe wie gesagt auch das Programm einmal neu installiert weil ich dachte, das Problem so lösen zu können.

schrauber 28.10.2013 18:47
Revo Uninstaller - Download - Filepony
Deinstallier Avast mal damit, alle Reste entfernen lassen, dann neu installieren.

Khael 28.10.2013 19:10
Leider immer noch das gleiche Problem :(

schrauber 29.10.2013 09:46
Jetzt nervts :D

frisches FRST log bitte.

Khael 29.10.2013 16:08
Ja, echt ätzend...


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by pc (administrator) on PC-PC on 29-10-2013 15:56:32
Running from C:\Users\pc\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Farbar) C:\Users\pc\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181744 2010-10-22] (Gainward Co.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3046808 2011-02-07] ()
HKCU\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] - 0
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-28] (AVAST Software)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avast! Free Antivirus (2).lnk
ShortcutTarget: avast! Free Antivirus (2).lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01C046B78B25CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ahit0ekq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HTTPS Everywhere) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.10.16_0
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Ghostery) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-28] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-07-08] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2011-07-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-28] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 TBPanel; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [x]
S3 rtlss; System32\Drivers\rtlss.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2051-01-27 18:38 - 2012-06-10 14:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\QuickScan
2051-01-27 18:33 - 2051-01-27 18:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 18:32 - 2051-01-27 18:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 18:24 - 2051-01-27 18:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-28 19:07 - 2013-10-28 19:07 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-28 19:07 - 2013-10-28 19:07 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-28 19:06 - 2013-10-28 19:06 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-28 19:01 - 2013-10-28 19:05 - 85269544 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup.exe
2013-10-28 18:50 - 2013-10-28 18:50 - 00001094 _____ C:\Users\pc\Desktop\Revo Uninstaller.lnk
2013-10-28 18:49 - 2013-10-28 18:49 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\pc\Downloads\revosetup95.exe
2013-10-27 14:40 - 2013-10-27 14:40 - 00100984 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-10-27 12:06 - 2013-10-27 12:06 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64 (1).exe
2013-10-26 19:35 - 2013-10-26 20:21 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-26 19:33 - 2013-10-26 19:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-10-26 19:32 - 2013-10-26 19:32 - 00000000 ____D C:\RegBackup
2013-10-26 19:20 - 2011-10-24 12:35 - 00000000 ____D C:\Users\pc\Desktop\Tweaking.com - Windows Repair
2013-10-26 19:07 - 2013-10-26 19:09 - 02800307 _____ C:\Users\pc\Downloads\tweaking.com_windows_repair_aio.zip
2013-10-25 21:49 - 2013-10-25 21:51 - 40145456 _____ (AVAST Software) C:\Users\pc\Downloads\vpsupd (1).exe
2013-10-25 21:35 - 2013-10-25 21:36 - 85269544 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup_9.0.2006.159.exe
2013-10-25 21:16 - 2013-10-25 21:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 21:04 - 2013-10-25 21:04 - 00000000 ____D C:\Users\pc\AppData\Roaming\AVAST Software
2013-10-25 20:30 - 2013-10-25 21:16 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iPod
2013-10-25 20:18 - 2013-10-27 12:05 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-25 20:04 - 2013-10-25 20:04 - 00891167 _____ C:\Users\pc\Downloads\SecurityCheck.exe
2013-10-25 18:47 - 2013-10-25 18:47 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_enu.exe
2013-10-25 11:32 - 2013-10-25 11:34 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 11:26 - 2013-10-25 11:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 11:26 - 2013-10-25 11:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 11:11 - 2013-10-25 11:23 - 00000000 ____D C:\AdwCleaner
2013-10-25 11:11 - 2013-10-25 11:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 11:10 - 2013-10-25 11:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-24 12:36 - 2013-10-24 12:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 12:02 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-24 12:02 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-24 12:02 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-24 12:02 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-24 11:55 - 2013-10-24 12:36 - 00000000 ____D C:\Qoobox
2013-10-24 11:54 - 2013-10-24 11:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 08:24 - 2013-10-24 08:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 08:13 - 2013-10-27 19:41 - 00027033 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-24 08:11 - 2013-10-24 08:11 - 00000000 ____D C:\FRST
2013-10-21 15:23 - 2013-10-21 15:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 14:46 - 2013-10-28 19:45 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-21 14:46 - 2013-10-21 14:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 13:14 - 2013-10-21 13:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 13:13 - 2013-10-28 23:08 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-21 13:13 - 2013-10-24 00:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 13:10 - 2013-10-21 13:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-18 10:48 - 2013-10-18 10:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 10:48 - 2013-10-18 10:47 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 10:48 - 2013-10-18 10:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 10:48 - 2013-10-18 10:47 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 10:47 - 2013-10-18 10:47 - 00000000 ____D C:\Program Files\Java
2013-10-10 14:48 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 14:48 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 14:48 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 14:48 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 14:48 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 14:48 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 14:48 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 14:48 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 14:48 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 14:48 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 14:48 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 14:48 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 14:47 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 14:47 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 09:56 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 09:56 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 09:56 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 09:56 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 09:56 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 09:56 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 09:56 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 09:56 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 09:56 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 09:56 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 09:56 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 09:56 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 09:56 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 09:56 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 09:56 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 09:56 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 09:56 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 09:56 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 09:56 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 09:56 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 09:56 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 09:56 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 09:56 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 09:56 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 09:56 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 09:56 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 09:56 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 09:56 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 09:56 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 09:56 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 09:56 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 09:56 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 09:56 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 09:56 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 09:56 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 09:56 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 09:56 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 09:56 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 09:56 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 09:56 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 09:56 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 09:56 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 09:56 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 09:56 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 09:56 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 15:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified Files and Folders =======

2051-01-27 18:33 - 2051-01-27 18:33 - 00809541 _____ C:\Users\pc\AppData\Local\census.cache
2051-01-27 18:32 - 2051-01-27 18:32 - 00097995 _____ C:\Users\pc\AppData\Local\ars.cache
2051-01-27 18:24 - 2051-01-27 18:24 - 00000036 _____ C:\Users\pc\AppData\Local\housecall.guid.cache
2013-10-29 15:57 - 2011-02-07 23:44 - 00000000 ____D C:\Users\pc\AppData\Local\PMB Files
2013-10-29 15:54 - 2010-12-20 16:37 - 01395708 _____ C:\Windows\WindowsUpdate.log
2013-10-29 15:53 - 2012-11-07 18:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2013-10-29 15:51 - 2012-11-07 18:28 - 00000000 ___RD C:\Users\pc\Dropbox
2013-10-29 15:47 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 15:47 - 2009-07-14 05:45 - 00015120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 15:41 - 2013-01-20 18:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 15:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 15:41 - 2009-07-14 05:51 - 01776223 _____ C:\Windows\setupact.log
2013-10-29 15:40 - 2010-12-20 18:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-28 23:08 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2013-10-28 22:41 - 2013-01-17 20:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 22:38 - 2013-01-20 18:04 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-28 19:45 - 2013-10-21 14:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-10-28 19:43 - 2011-01-01 14:29 - 00817108 _____ C:\Windows\PFRO.log
2013-10-28 19:07 - 2013-10-28 19:07 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-28 19:07 - 2013-10-28 19:07 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-28 19:07 - 2013-10-28 19:07 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-28 19:07 - 2013-01-20 18:36 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-28 19:06 - 2013-10-28 19:06 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-28 19:06 - 2013-01-20 18:36 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-28 19:06 - 2010-12-30 14:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2013-10-28 19:05 - 2013-10-28 19:01 - 85269544 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup.exe
2013-10-28 18:50 - 2013-10-28 18:50 - 00001094 _____ C:\Users\pc\Desktop\Revo Uninstaller.lnk
2013-10-28 18:49 - 2013-10-28 18:49 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\pc\Downloads\revosetup95.exe
2013-10-27 19:41 - 2013-10-24 08:13 - 00027033 _____ C:\Users\pc\Downloads\Addition.txt
2013-10-27 14:52 - 2011-07-02 22:59 - 00000000 ____D C:\Program Files\KeePass
2013-10-27 14:40 - 2013-10-27 14:40 - 00100984 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-10-27 12:06 - 2013-10-27 12:06 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64 (1).exe
2013-10-27 12:05 - 2013-10-25 20:18 - 01956160 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2013-10-26 20:24 - 2010-12-21 00:20 - 00068328 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-26 20:24 - 2009-07-14 05:45 - 00311104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-26 20:21 - 2013-10-26 19:35 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-26 20:20 - 2009-07-14 03:34 - 00000482 _____ C:\Windows\win.ini
2013-10-26 19:33 - 2013-10-26 19:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-10-26 19:32 - 2013-10-26 19:32 - 00000000 ____D C:\RegBackup
2013-10-26 19:09 - 2013-10-26 19:07 - 02800307 _____ C:\Users\pc\Downloads\tweaking.com_windows_repair_aio.zip
2013-10-25 22:46 - 2013-05-18 10:47 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-10-25 22:46 - 2013-05-18 10:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-10-25 21:51 - 2013-10-25 21:49 - 40145456 _____ (AVAST Software) C:\Users\pc\Downloads\vpsupd (1).exe
2013-10-25 21:36 - 2013-10-25 21:35 - 85269544 _____ (AVAST Software) C:\Users\pc\Downloads\avast_free_antivirus_setup_9.0.2006.159.exe
2013-10-25 21:27 - 2010-12-20 16:42 - 00000000 ___RD C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 21:16 - 2013-10-25 21:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-25 21:16 - 2013-10-25 20:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-25 21:04 - 2013-10-25 21:04 - 00000000 ____D C:\Users\pc\AppData\Roaming\AVAST Software
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iTunes
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\Program Files\iPod
2013-10-25 20:30 - 2013-10-09 15:30 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-25 20:04 - 2013-10-25 20:04 - 00891167 _____ C:\Users\pc\Downloads\SecurityCheck.exe
2013-10-25 18:47 - 2013-10-25 18:47 - 02347384 _____ (ESET) C:\Users\pc\Downloads\esetsmartinstaller_enu.exe
2013-10-25 11:34 - 2013-10-25 11:32 - 00015532 _____ C:\Users\pc\Desktop\JRT.txt
2013-10-25 11:26 - 2013-10-25 11:26 - 01033335 _____ (Thisisu) C:\Users\pc\Downloads\JRT.exe
2013-10-25 11:26 - 2013-10-25 11:26 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 11:23 - 2013-10-25 11:11 - 00000000 ____D C:\AdwCleaner
2013-10-25 11:11 - 2013-10-25 11:11 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner (1).exe
2013-10-25 11:10 - 2013-10-25 11:10 - 01060070 _____ C:\Users\pc\Downloads\adwcleaner.exe
2013-10-25 11:01 - 2013-01-14 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-24 22:12 - 2013-08-20 20:04 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-24 21:59 - 2010-12-20 16:41 - 00000000 ____D C:\Users\pc
2013-10-24 12:36 - 2013-10-24 12:36 - 00025465 _____ C:\ComboFix.txt
2013-10-24 12:36 - 2013-10-24 11:55 - 00000000 ____D C:\Qoobox
2013-10-24 12:25 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-10-24 11:54 - 2013-10-24 11:54 - 05137218 ____R (Swearware) C:\Users\pc\Desktop\ComboFix.exe
2013-10-24 08:24 - 2013-10-24 08:24 - 00003104 _____ C:\Windows\System32\Tasks\{F735B022-7B0C-4AC9-B996-F195FD0694B5}
2013-10-24 08:11 - 2013-10-24 08:11 - 00000000 ____D C:\FRST
2013-10-24 00:11 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Battle.net
2013-10-24 00:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-10-23 23:16 - 2013-01-20 18:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-21 15:23 - 2013-10-21 15:23 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard
2013-10-21 14:46 - 2013-10-21 14:46 - 00000892 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-10-21 13:14 - 2013-10-21 13:14 - 00001255 _____ C:\Users\pc\Desktop\Battle.net.lnk
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Blizzard Entertainment
2013-10-21 13:13 - 2013-10-21 13:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-10-21 13:11 - 2011-01-07 17:42 - 00000000 ____D C:\Program Files (x86)\Games
2013-10-21 13:10 - 2013-10-21 13:10 - 05906904 _____ (Blizzard Entertainment) C:\Users\pc\Downloads\Hearthstone-Beta-Setup-deDE.exe
2013-10-19 16:33 - 2013-01-20 18:15 - 00003300 _____ C:\Windows\Sandboxie.ini
2013-10-18 10:48 - 2013-10-18 10:48 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-18 10:47 - 2013-10-18 10:48 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-18 10:47 - 2013-10-18 10:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-18 10:47 - 2013-10-18 10:48 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-18 10:47 - 2013-10-18 10:47 - 00000000 ____D C:\Program Files\Java
2013-10-14 16:22 - 2011-07-07 16:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-11 14:30 - 2011-07-02 23:06 - 00000000 ____D C:\Users\pc\AppData\Roaming\KeePass
2013-10-10 23:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 14:51 - 2013-03-13 00:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 14:51 - 2013-03-13 00:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 14:49 - 2010-12-31 15:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 14:43 - 2013-08-15 23:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 14:42 - 2012-08-11 12:41 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 19:41 - 2013-01-17 20:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 19:41 - 2013-01-17 20:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 19:41 - 2013-01-17 20:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 15:35 - 2012-06-10 12:31 - 00008366 _____ C:\Users\pc\Documents\NewDatabase.kdbx
2013-10-09 15:33 - 2013-01-20 18:04 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 15:33 - 2013-01-20 18:04 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 15:24 - 2010-12-30 15:11 - 00000000 ____D C:\Users\pc\AppData\Local\Apple Computer

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 12:27

==================== End Of Log ============================
--- --- ---



Ich habe heute gemerkt, dass wenn ich den PC starte und dann warte, dann fährt der Echtzeitschutz von Avira nach circa 15 bis 20 Minuten auf einmal von allein hoch. Habe dann mal iTunes gestartet und auch gewartet. Siehe da, nach 20 Minuten öffnet sich das Programm auf einmal... was könnte das sein? Irgendein hardware Fehler? Mein PC ist mir nicht umgefallen oder so, ich kann mir nicht erklären wie das passiert sein könnte.

schrauber 30.10.2013 10:13
Avira, oder Avast?

Ausführen eines sauberen Neustarts zur Behandlung eines Problems in Windows 8, Windows 7 oder Windows Vista
mach bitte mal nen Clean Boot.

Khael 10.11.2013 18:28
Hey, sorry, dass ich mich nicht mehr gemeldet habe, ich war auf einer Dienstreise unterwegs.

Ich habe rausgefunden, dass das gesamte Problem wohl an meinem defekten Laufwerk liegt.
Ich habe ja beschrieben, dass sich Avast und iTunes beide erst ca. 20 Minuten nach dem Anklicken geöffnet bzw. aktiviert haben.
Die ganze Zeit war eine DVD in meinem Laufwerk, welches die Disk aber nicht mehr erkennt. Irgendwann habe ich mal die DVD rausgenommen und seitdem - alles läuft wieder wie es soll. Avast fährt sofort den Schutz hoch und iTunes öffnet sich sobald ich es anklicke. Anscheinend hat also der Versuch, die DVD zu lesen, irgendwas anderes geblockt.
Wahrscheinlich sollte ich einfach nur das Laufwerk austauschen oder? :)

schrauber 11.11.2013 10:09
genau :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131