Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   BitGuard auf rechner (https://www.trojaner-board.de/145598-bitguard-rechner.html)

Apotam 04.12.2013 10:15
BitGuard auf rechner
 
Hallo Leute ,

ich bitte euch um Hilfe da mein Rechner seit gestern mit dem BitGuard sich infiziert hat .
Was ich bis jetzt getan habe ist ,dass Antivir programm (AVIRA) 2mal zu starten(systemscanner) und hab auch die BitGuard.exe gelöscht, aber das Antivir programm erkennt es immer noch .
Könntet Ihr mir bitte helfen ?

Danle im voraus
Apo

schrauber 04.12.2013 10:42
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Apotam 04.12.2013 12:09
Logfile von FRST.txt
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013 02
Ran by Apostolos (administrator) on APO-PC on 04-12-2013 12:02:21
Running from C:\Users\Apostolos\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Ilja Herlein) C:\Program Files (x86)\NetSetMan\netsetman.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NetSetMan] - C:\Program Files (x86)\NetSetMan\netsetman.exe [5174952 2013-11-26] (Ilja Herlein)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1707472 2013-10-29] (APN)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2011-09-20] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
AppInit_DLLs: C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
Startup: C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8876ACB63ACBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{1D1A958D-67D2-4AB5-90D7-A0D47FFA2EC8}: [NameServer]192.168.8.100
Tcpip\..\Interfaces\{52F506F6-924B-4B28-AAD4-5EF39766E244}: [NameServer]192.168.8.100

FireFox:
========
FF ProfilePath: C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default
FF NewTab: hxxp://www1.delta-search.com/?affID=119357&tt=gc_&babsrc=NT_ss&mntrId=FF47001F16BC11FC
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~3\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Virtual DJ Toolbar - C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\Extensions\toolbar_VDJ-V7@apn.ask.com
FF Extension: toolbar_VDJ-V7 - C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\Extensions\toolbar_VDJ-V7@apn.ask.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-29] (APN LLC.)
S2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [664472 2013-02-12] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-04 12:02 - 2013-12-04 12:02 - 00012180 _____ C:\Users\Apostolos\Downloads\FRST.txt
2013-12-04 12:01 - 2013-12-04 12:01 - 01959614 _____ (Farbar) C:\Users\Apostolos\Downloads\FRST64.exe
2013-12-04 12:01 - 2013-12-04 12:01 - 00000000 ____D C:\FRST
2013-12-03 10:19 - 2013-12-03 10:20 - 00000000 ____D C:\Users\Apostolos\Desktop\Neuer Ordner
2013-12-03 10:06 - 2013-12-03 10:06 - 00275392 _____ C:\Windows\Minidump\120313-35178-01.dmp
2013-12-03 09:50 - 2013-12-03 09:51 - 00275392 _____ C:\Windows\Minidump\120313-39047-01.dmp
2013-12-03 09:42 - 2013-12-03 10:06 - 00000000 ____D C:\Windows\Minidump
2013-12-03 09:42 - 2013-12-03 09:42 - 00275448 _____ C:\Windows\Minidump\120313-38547-01.dmp
2013-12-03 09:41 - 2013-12-03 10:06 - 486399336 _____ C:\Windows\MEMORY.DMP
2013-11-28 13:41 - 2013-11-28 13:41 - 00692428 _____ C:\Users\Apostolos\Downloads\IM3413134.zip
2013-11-28 12:28 - 2013-12-04 09:55 - 00000000 ___RD C:\Users\Apostolos\Dropbox
2013-11-28 12:28 - 2013-11-28 12:29 - 00001031 _____ C:\Users\Apostolos\Desktop\Dropbox.lnk
2013-11-28 12:26 - 2013-11-28 12:29 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-28 12:25 - 2013-12-04 12:01 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Dropbox
2013-11-28 12:25 - 2013-11-28 12:25 - 35334016 _____ (Dropbox, Inc.) C:\Users\Apostolos\Downloads\Dropbox 2.4.7.exe
2013-11-27 18:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 18:10 - 2013-11-27 18:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-27 18:08 - 2013-11-27 18:08 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-27 18:08 - 2013-11-27 18:08 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-27 18:07 - 2013-11-27 18:14 - 00012105 _____ C:\Windows\IE11_main.log
2013-11-26 09:55 - 2013-11-26 09:55 - 03416856 _____ (Ilja Herlein                                                ) C:\Users\Apostolos\Downloads\netsetman_setup_361.exe
2013-11-25 11:04 - 2013-12-03 09:46 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-11-16 15:32 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-16 15:32 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-16 15:32 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-16 15:32 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-16 15:32 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-16 15:32 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-16 15:32 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-16 15:32 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-16 15:32 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-16 15:32 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-16 15:32 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-16 15:32 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-16 15:32 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-16 15:32 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-16 15:32 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-16 15:32 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-16 15:32 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-16 15:32 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-16 15:32 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-16 15:32 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-16 15:32 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-16 15:32 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-16 15:32 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-16 15:32 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-04 12:02 - 2013-12-04 12:02 - 00012180 _____ C:\Users\Apostolos\Downloads\FRST.txt
2013-12-04 12:02 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-04 12:02 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-04 12:01 - 2013-12-04 12:01 - 01959614 _____ (Farbar) C:\Users\Apostolos\Downloads\FRST64.exe
2013-12-04 12:01 - 2013-12-04 12:01 - 00000000 ____D C:\FRST
2013-12-04 12:01 - 2013-11-28 12:25 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Dropbox
2013-12-04 11:43 - 2013-07-08 17:03 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2013-12-04 11:35 - 2013-07-05 17:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-04 11:35 - 2013-01-31 11:53 - 01338346 _____ C:\Windows\WindowsUpdate.log
2013-12-04 11:25 - 2013-10-02 16:08 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-12-04 11:14 - 2013-05-21 10:14 - 00000278 _____ C:\Windows\Tasks\DSite.job
2013-12-04 10:51 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-04 09:55 - 2013-11-28 12:28 - 00000000 ___RD C:\Users\Apostolos\Dropbox
2013-12-04 09:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-04 09:53 - 2009-07-14 05:51 - 00037996 _____ C:\Windows\setupact.log
2013-12-03 10:20 - 2013-12-03 10:19 - 00000000 ____D C:\Users\Apostolos\Desktop\Neuer Ordner
2013-12-03 10:06 - 2013-12-03 10:06 - 00275392 _____ C:\Windows\Minidump\120313-35178-01.dmp
2013-12-03 10:06 - 2013-12-03 09:42 - 00000000 ____D C:\Windows\Minidump
2013-12-03 10:06 - 2013-12-03 09:41 - 486399336 _____ C:\Windows\MEMORY.DMP
2013-12-03 10:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-03 09:51 - 2013-12-03 09:50 - 00275392 _____ C:\Windows\Minidump\120313-39047-01.dmp
2013-12-03 09:46 - 2013-11-25 11:04 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-12-03 09:42 - 2013-12-03 09:42 - 00275448 _____ C:\Windows\Minidump\120313-38547-01.dmp
2013-12-03 09:31 - 2013-03-29 13:41 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 15:35 - 2013-10-31 09:35 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-12-02 10:13 - 2013-09-05 12:42 - 00000000 ____D C:\Windows\rescache
2013-12-02 09:01 - 2010-11-21 07:50 - 00657910 _____ C:\Windows\system32\perfh007.dat
2013-12-02 09:01 - 2010-11-21 07:50 - 00131250 _____ C:\Windows\system32\perfc007.dat
2013-12-02 09:01 - 2009-07-14 06:13 - 01507342 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-28 13:41 - 2013-11-28 13:41 - 00692428 _____ C:\Users\Apostolos\Downloads\IM3413134.zip
2013-11-28 12:29 - 2013-11-28 12:28 - 00001031 _____ C:\Users\Apostolos\Desktop\Dropbox.lnk
2013-11-28 12:29 - 2013-11-28 12:26 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-28 12:29 - 2013-07-08 17:05 - 00000000 ___RD C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 12:28 - 2013-07-08 17:05 - 00000000 ____D C:\Users\Apostolos
2013-11-28 12:25 - 2013-11-28 12:25 - 35334016 _____ (Dropbox, Inc.) C:\Users\Apostolos\Downloads\Dropbox 2.4.7.exe
2013-11-28 08:54 - 2013-07-08 17:05 - 00001425 _____ C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 08:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 18:14 - 2013-11-27 18:07 - 00012105 _____ C:\Windows\IE11_main.log
2013-11-27 18:10 - 2013-11-27 18:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-27 18:08 - 2013-11-27 18:08 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-27 18:08 - 2013-11-27 18:08 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-27 09:23 - 2013-05-09 13:31 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-27 09:23 - 2013-03-29 13:41 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-27 09:23 - 2013-03-29 13:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 09:55 - 2013-11-26 09:55 - 03416856 _____ (Ilja Herlein                                                ) C:\Users\Apostolos\Downloads\netsetman_setup_361.exe
2013-11-26 09:55 - 2013-07-23 12:58 - 00000000 ____D C:\Program Files (x86)\NetSetMan
2013-11-26 09:48 - 2010-11-21 04:47 - 00063804 _____ C:\Windows\PFRO.log
2013-11-25 16:44 - 2013-08-01 14:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-25 16:35 - 2013-07-05 17:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-25 16:35 - 2013-01-31 17:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-25 16:35 - 2013-01-31 17:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-25 15:57 - 2013-09-16 08:41 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-17 00:12 - 2013-07-23 08:24 - 00000000 ____D C:\Windows\system32\MRT
2013-11-17 00:10 - 2013-02-02 13:41 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-16 16:17 - 2013-04-21 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 15:27 - 2013-07-08 17:06 - 00000000 ____D C:\Users\Apostolos\AppData\Local\Adobe
2013-11-16 15:25 - 2013-01-31 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-10 01:07 - 2013-11-02 01:56 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Apostolos\AppData\Local\Temp\avgnt.exe
C:\Users\Apostolos\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Apostolos\AppData\Local\Temp\Setup.X86.de-de_O365SmallBusPremRetail_6947d560-76cd-4602-8810-1d0dbc41803b_TX_PR_ (1).exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-02 09:19

==================== End Of Log ============================
--- --- ---




Logfile addition.txtFRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2013 02
Ran by Apostolos at 2013-12-04 12:03:32
Running from C:\Users\Apostolos\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Crystal Eye webcam Ver:1.1.74.216 (x32 Version: 1.1.74.216)
Acer Updater (x32 Version: 1.02.3502)
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Photoshop CS5.1 (x32 Version: 12.1)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
ATI AVIVO64 Codecs (Version: 10.11.0.41111)
ATI Catalyst Install Manager (Version: 3.0.750.0)
Avira Free Antivirus (x32 Version: 14.0.1.759)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.1543.28169)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.1543.28169)
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.1543.28169)
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.1543.28169)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.1543.28169)
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.1543.28169)
Catalyst Control Center Localization All (x32 Version: 2009.1111.1543.28169)
CCC Help Chinese Standard (x32 Version: 2009.1111.1542.28169)
CCC Help Chinese Traditional (x32 Version: 2009.1111.1542.28169)
CCC Help Czech (x32 Version: 2009.1111.1542.28169)
CCC Help Danish (x32 Version: 2009.1111.1542.28169)
CCC Help Dutch (x32 Version: 2009.1111.1542.28169)
CCC Help English (x32 Version: 2009.1111.1542.28169)
CCC Help Finnish (x32 Version: 2009.1111.1542.28169)
CCC Help French (x32 Version: 2009.1111.1542.28169)
CCC Help German (x32 Version: 2009.1111.1542.28169)
CCC Help Greek (x32 Version: 2009.1111.1542.28169)
CCC Help Hungarian (x32 Version: 2009.1111.1542.28169)
CCC Help Italian (x32 Version: 2009.1111.1542.28169)
CCC Help Japanese (x32 Version: 2009.1111.1542.28169)
CCC Help Korean (x32 Version: 2009.1111.1542.28169)
CCC Help Norwegian (x32 Version: 2009.1111.1542.28169)
CCC Help Polish (x32 Version: 2009.1111.1542.28169)
CCC Help Portuguese (x32 Version: 2009.1111.1542.28169)
CCC Help Russian (x32 Version: 2009.1111.1542.28169)
CCC Help Spanish (x32 Version: 2009.1111.1542.28169)
CCC Help Swedish (x32 Version: 2009.1111.1542.28169)
CCC Help Thai (x32 Version: 2009.1111.1542.28169)
CCC Help Turkish (x32 Version: 2009.1111.1542.28169)
ccc-core-static (x32 Version: 2009.1111.1543.28169)
ccc-utility64 (Version: 2009.1111.1543.28169)
Common Desktop Agent (Version: 1.53.0)
Delta Chrome Toolbar (x32)
Delta toolbar  (x32 Version: 1.8.21.5) <==== ATTENTION
Dropbox (HKCU Version: 2.4.9)
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55)
High-Definition Video Playback (x32 Version: 11.1.10400.2.65)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 365 Small Business Premium - de-de (Version: 15.0.4551.1005)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Nero 11 (x32 Version: 11.0.10700)
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0)
Nero 11 Effects Basic (x32 Version: 11.0.11200.12.0)
Nero 11 Image Samples (x32 Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (x32 Version: 11.0.11300.12.0)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp 11 (x32 Version: 6.0.16000.13.100)
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.10000.1.0)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100)
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300)
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components 11 (x32 Version: 11.0.15000.1.12)
Nero CoverDesigner 11 (x32 Version: 6.0.10800.11.100)
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Express 11 (x32 Version: 11.0.11700.23.100)
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Kwik Media (x32 Version: 1.10.19300.93.100)
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200)
Nero Recode 11 (x32 Version: 5.0.13300.32.100)
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10300)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero SoundTrax 11 (x32 Version: 5.0.10400.4.100)
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.10623.22.0)
Nero Video 11 (x32 Version: 8.0.14000.21.100)
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300)
Nero WaveEditor 11 (x32 Version: 6.0.10800.5.100)
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400)
nero.prerequisites.msi (x32 Version: 11.0.20007)
NetSetMan 3.6.1 (x32 Version: 3.6.1)
Nuvoton EC Generic HID Driver (x32 Version: 8.80.1001)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005)
PDF Architect (x32 Version: 1.1.83.9982)
PDF Settings CS5 (x32 Version: 10.0)
PDFCreator (x32 Version: 1.7.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30093)
Samsung Easy Printer Manager (x32 Version: 1.01.16.02)
Samsung ML-2950 Series (x32)
Samsung Printer Live Update (x32)
StarMoney (x32 Version: 3.0.0.124)
StarMoney 8.0  (x32 Version: 8.0)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Tube Karaoke (x32)
Updater Service (x32 Version: 15,9,28,27)
Virtual DJ Toolbar (x32 Version: 12.7.0.2067)
VirtualDJ Home FREE (x32 Version: 7.4)
VirtualDJ LE (x32 Version: 7.0.4)
VirtualDJ PRO Full (x32 Version: 7.2)
VirtualDJ PRO Full (x32 Version: 7.3)
VLC media player 2.1.0 (x32 Version: 2.1.0)
welcome (x32 Version: 11.0.21500.0.4)
WIDCOMM Bluetooth Software (Version: 6.2.0.9700)

==================== Restore Points  =========================

27-11-2013 17:07:15 Windows Update

==================== Hosts content: ==========================

2013-09-11 12:09 - 2013-09-11 12:09 - 00002974 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net


==================== Scheduled Tasks (whitelisted) =============

Task: {0612C819-E7AA-4140-B670-0A67C4F3E5E7} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {0A2E5730-63D6-4AFD-A645-EA1C74BEF158} - System32\Tasks\EPUpdater => C:\Users\APO\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] ()
Task: {381B2C23-07E3-4D37-8681-4A062E45D77B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {244ffe88-541a-4f53-981e-5678bcb2b527} APO-PC.Imagini.local => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-25] (Microsoft Corporation)
Task: {4319D012-76C5-44CA-B043-A6A0313DB1DB} - System32\Tasks\DSite => C:\Users\APO\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-05-21] ()
Task: {447A07C1-3C0C-4B6D-ADA4-277875686D29} - System32\Tasks\Microsoft Office 15 Sync Maintenance for IMAGINI-Apostolos APO-PC.Imagini.local => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-25] (Microsoft Corporation)
Task: {5D523C20-412A-4077-93ED-CAD8817C1781} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-25] (Adobe Systems Incorporated)
Task: {91C5DE4F-7894-4F1E-86C4-840C20F76495} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {EF1FF8D1-9A2D-4CB8-A56F-6FCFBA9D4D74} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-IMAGINI-Apostolos.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\APO\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2009-07-17 17:20 - 2009-07-17 17:20 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-12-17 17:13 - 2010-12-17 17:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2009-07-29 13:10 - 2009-07-29 13:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-01-31 18:48 - 2013-01-31 18:48 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-25 11:04 - 2013-11-18 15:32 - 01958880 ____N () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll
2013-10-02 16:06 - 2011-09-02 09:40 - 01058816 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssk3mdu.dll
2013-01-31 15:14 - 2013-01-31 15:12 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-31 09:56 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\libcef.dll
2013-04-21 13:55 - 2013-11-16 16:17 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-25 16:08 - 2013-11-25 16:08 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-11-25 16:08 - 2013-11-25 16:08 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-11-25 16:09 - 2013-11-25 16:11 - 01027240 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/04/2013 09:55:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2013 09:54:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Name des fehlerhaften Moduls: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Ausnahmecode: 0x40000015
Fehleroffset: 0x00119b90
ID des fehlerhaften Prozesses: 0x6cc
Startzeit der fehlerhaften Anwendung: 0xBitGuard.exe0
Pfad der fehlerhaften Anwendung: BitGuard.exe1
Pfad des fehlerhaften Moduls: BitGuard.exe2
Berichtskennung: BitGuard.exe3

Error: (12/03/2013 10:09:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2013 10:08:29 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Name des fehlerhaften Moduls: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Ausnahmecode: 0x40000015
Fehleroffset: 0x00119b90
ID des fehlerhaften Prozesses: 0x68c
Startzeit der fehlerhaften Anwendung: 0xBitGuard.exe0
Pfad der fehlerhaften Anwendung: BitGuard.exe1
Pfad des fehlerhaften Moduls: BitGuard.exe2
Berichtskennung: BitGuard.exe3

Error: (12/03/2013 09:52:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2013 09:51:23 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Name des fehlerhaften Moduls: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Ausnahmecode: 0x40000015
Fehleroffset: 0x00119b90
ID des fehlerhaften Prozesses: 0x6c0
Startzeit der fehlerhaften Anwendung: 0xBitGuard.exe0
Pfad der fehlerhaften Anwendung: BitGuard.exe1
Pfad des fehlerhaften Moduls: BitGuard.exe2
Berichtskennung: BitGuard.exe3

Error: (12/03/2013 09:43:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2013 09:27:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2013 08:56:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2013 08:53:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/04/2013 00:03:37 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (12/04/2013 00:03:37 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (12/04/2013 09:54:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitGuard" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/04/2013 09:54:25 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BitGuard erreicht.

Error: (12/04/2013 09:54:18 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/04/2013 09:54:05 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/04/2013 09:54:06 AM) (Source: NETLOGON) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne IMAGINI aufgrund der folgenden
Ursache nicht einrichten:
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (12/03/2013 10:19:27 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/03/2013 10:19:16 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (12/03/2013 10:11:04 AM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================
Error: (12/04/2013 09:55:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2013 09:54:24 AM) (Source: Application Error)(User: )
Description: BitGuard.exe2.7.1832.68528a2500BitGuard.exe2.7.1832.68528a25004000001500119b906cc01cef0ce64fa39edC:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeC:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeabcf703b-5cc1-11e3-9831-001f16bc11fc

Error: (12/03/2013 10:09:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2013 10:08:29 AM) (Source: Application Error)(User: )
Description: BitGuard.exe2.7.1832.68528a2500BitGuard.exe2.7.1832.68528a25004000001500119b9068c01cef0073212d2a3C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeC:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe79217813-5bfa-11e3-ad19-001f16bc11fc

Error: (12/03/2013 09:52:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2013 09:51:23 AM) (Source: Application Error)(User: )
Description: BitGuard.exe2.7.1832.68528a2500BitGuard.exe2.7.1832.68528a25004000001500119b906c001cef004cebbbe63C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeC:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe15f338fd-5bf8-11e3-9a8f-001f16bc11fc

Error: (12/03/2013 09:43:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2013 09:27:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2013 08:56:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2013 08:53:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 4090.88 MB
Available physical RAM: 2493.41 MB
Total Pagefile: 8179.93 MB
Available Pagefile: 6145.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive a: (Server Partition 3) (Network) (Total:270.44 GB) (Free:35.85 GB) NTFS
Drive b: (Server Partition 3) (Network) (Total:270.44 GB) (Free:35.85 GB) NTFS
Drive c: (Boot) (Fixed) (Total:100.29 GB) (Free:39.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Rest) (Fixed) (Total:197.8 GB) (Free:190.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F99F0522)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 05.12.2013 08:38
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Apotam 05.12.2013 10:57
Hi,

ich musste Avira deinstallieren damit ich mit combofix arbeiten zu können .
Der hat rumgemekert !




Code:
ComboFix 13-12-04.04 - Apostolos 05.12.2013  10:38:32.1.2 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.4091.2930 [GMT 1:00]
ausgeführt von:: c:\users\Apostolos\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsFinder
c:\program files (x86)\YTKaraoke
c:\program files (x86)\YTKaraoke\chrome.crx
c:\program files (x86)\YTKaraoke\chrome.manifest
c:\program files (x86)\YTKaraoke\FF\chrome.manifest
c:\program files (x86)\YTKaraoke\FF\chrome\content\icon.png
c:\program files (x86)\YTKaraoke\FF\chrome\content\main.js
c:\program files (x86)\YTKaraoke\FF\chrome\content\overlay.xul
c:\program files (x86)\YTKaraoke\FF\install.rdf
c:\program files (x86)\YTKaraoke\Uninstall.exe
c:\program files (x86)\YTKaraoke\updkar.exe
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-11-05 bis 2013-12-05  ))))))))))))))))))))))))))))))
.
.
2013-12-05 09:44 . 2013-12-05 09:44        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-12-05 09:44 . 2013-12-05 09:44        --------        d-----w-        c:\users\APO\AppData\Local\temp
2013-12-05 09:44 . 2013-12-05 09:44        --------        d-----w-        c:\users\Administrator\AppData\Local\temp
2013-12-04 11:01 . 2013-12-04 11:01        --------        d-----w-        C:\FRST
2013-11-28 11:28 . 2013-12-05 09:30        --------        d-----r-        c:\users\Apostolos\Dropbox
2013-11-28 11:25 . 2013-12-05 09:33        --------        d-----w-        c:\users\Apostolos\AppData\Roaming\Dropbox
2013-11-27 17:14 . 2013-10-14 17:00        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE
2013-11-27 17:09 . 2013-11-27 17:09        878080        ----a-w-        c:\windows\system32\advapi32.dll
2013-11-27 17:08 . 2013-11-27 17:08        327168        ----a-w-        c:\windows\system32\mswsock.dll
2013-11-27 17:08 . 2013-11-27 17:08        231424        ----a-w-        c:\windows\SysWow64\mswsock.dll
2013-11-27 17:08 . 2013-11-27 17:08        1903552        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-11-27 17:08 . 2013-11-27 17:08        1887232        ----a-w-        c:\windows\system32\d3d11.dll
2013-11-27 17:08 . 2013-11-27 17:08        1505280        ----a-w-        c:\windows\SysWow64\d3d11.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-27 17:09 . 2013-11-27 17:09        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2013-11-25 15:35 . 2013-01-31 16:48        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-25 15:35 . 2013-01-31 16:48        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-25 15:10 . 2013-08-01 13:28        566480        ----a-w-        c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-11-16 23:10 . 2013-02-02 12:41        82896128        ----a-w-        c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-05-20 10:02        295832        ----a-w-        c:\program files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:49        281760        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll" [2013-05-20 284056]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-25 15:11        1725640        ----a-w-        c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-25 15:11        1725640        ----a-w-        c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-25 15:11        1725640        ----a-w-        c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"NetSetMan"="c:\program files (x86)\NetSetMan\netsetman.exe" [2013-11-25 5174952]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-29 1707472]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
c:\users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-28 29776184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 BitGuard;BitGuard;c:\programdata\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe;c:\programdata\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe;c:\programdata\IBUpdaterService\ibsvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe;c:\program files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys;c:\windows\SYSNATIVE\DRIVERS\hidshim.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 nuvotonhidgeneric;Nuvoton EC Generic HID;c:\windows\system32\DRIVERS\nuvotonhidgeneric.sys;c:\windows\SYSNATIVE\DRIVERS\nuvotonhidgeneric.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-31 15:35]
.
2013-10-18 c:\windows\Tasks\AdobeAAMUpdater-1.0-IMAGINI-Apostolos.job
- c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-04-23 15:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:49        342176        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-25 15:11        2328776        ----a-w-        c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-25 15:11        2328776        ----a-w-        c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-25 15:11        2328776        ----a-w-        c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Apostolos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-05 8060960]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~4\BitGuard\271832~1.68\{C16C1~1\loader.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~3\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
Trusted Zone: samsungsetup.com\www
Trusted Zone: sharepoint.com\imagini
Trusted Zone: sharepoint.com\imagini-my
TCP: Interfaces\{1D1A958D-67D2-4AB5-90D7-A0D47FFA2EC8}: NameServer = 192.168.8.100
TCP: Interfaces\{52F506F6-924B-4B28-AAD4-5EF39766E244}: NameServer = 192.168.8.100
FF - ProfilePath - c:\users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-YTKaraoke@DacSoft.org - c:\program files (x86)\YTKaraoke\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-05  10:50:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-12-05 09:50
.
Vor Suchlauf: 11 Verzeichnis(se), 42.966.929.408 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 44.956.438.528 Bytes frei
.
- - End Of File - - D56E82D2B187D13D4A57139F6115D37B
A36C5E4F47E84449FF07ED3517B43A31

schrauber 06.12.2013 09:24
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Apotam 10.12.2013 17:06
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Apostolos :: APO-PC [Administrator]

10.12.2013 15:23:47
mbam-log-2013-12-10 (15-23-47).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 392197
Laufzeit: 1 Stunde(n), 2 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\ProgramData\IBUpdaterService\ibsvc.exe (Adware.InstallBrain) -> 1824 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 26
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\delta.deltaappCore.1 (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\delta.deltaappCore (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: Delta Toolbar -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 11
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Löschen bei Neustart.
C:\Users\APO\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\bh (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\OpenCandy\843F40B7A81C4A99AADF9F023D45163A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Apostolos\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 33
C:\ProgramData\IBUpdaterService\ibsvc.exe (Adware.InstallBrain) -> Löschen bei Neustart.
C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaApp.dll (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\deltasrv.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll (Rogue.InternetSecurityEssentials) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Temp\Keygen\CORE10k.EXE (PUP.Keygen.Intro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe (PUP.Optional.DigitalSites.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\Downloads\DownloadAcceleratorSetup.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\Downloads\rcpsetup_marim_marm.exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\Downloads\SoftonicDownloader_fuer_sopcast.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\Downloads\VideoPerformerSetup.exe (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\Downloads\VLCMediaPlayer_downloader_by_VLCMediaPlayer.exe (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Apostolos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3JWH2OE\pack[1].7z (PUP.Optional.Mediasoft) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Apostolos\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\GUninstaller.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\OpenCandy\843F40B7A81C4A99AADF9F023D45163A\TuneUpUtilities2013-2200218_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\APO\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Apostolos\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Apostolos on 10.12.2013 at 16:48:10,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] ibupdaterservice
Successfully deleted: [Service] ibupdaterservice



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-774888059-2101660280-1297981364-1209\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_sopcast_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_sopcast_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_sopcast_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_sopcast_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Apostolos\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\file scout"



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Users\Apostolos\AppData\Roaming\mozilla\firefox\profiles\7nq7t0ij.default\prefs.js

user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=119357&tt=gc_&babsrc=NT_ss&mntrId=FF47001F16BC11FC");
user_pref("browser.search.order.1", "Delta Search");
Emptied folder: C:\Users\Apostolos\AppData\Roaming\mozilla\firefox\profiles\7nq7t0ij.default\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.12.2013 at 16:54:22,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by Apostolos (administrator) on APO-PC on 10-12-2013 17:03:41
Running from C:\Users\Apostolos\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ilja Herlein) C:\Program Files (x86)\NetSetMan\netsetman.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NetSetMan] - C:\Program Files (x86)\NetSetMan\netsetman.exe [5174952 2013-11-26] (Ilja Herlein)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2011-09-20] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-12-05] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: c:\PROGRA~4\BitGuard\271832~1.68\{C16C1~1\loader.dll [ ] ()
Startup: C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8876ACB63ACBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{1D1A958D-67D2-4AB5-90D7-A0D47FFA2EC8}: [NameServer]192.168.8.100
Tcpip\..\Interfaces\{52F506F6-924B-4B28-AAD4-5EF39766E244}: [NameServer]192.168.8.100

FireFox:
========
FF ProfilePath: C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~3\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Virtual DJ Toolbar - C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\Extensions\toolbar_VDJ-V7@apn.ask.com
FF Extension: toolbar_VDJ-V7 - C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\Extensions\toolbar_VDJ-V7@apn.ask.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-29] (APN LLC.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
S2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-12-05] (Avira Operations GmbH & Co. KG)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 17:03 - 2013-12-10 17:03 - 00011515 _____ C:\Users\Apostolos\Downloads\FRST.txt
2013-12-10 17:02 - 2013-12-10 17:02 - 01927982 _____ (Farbar) C:\Users\Apostolos\Downloads\FRST64.exe
2013-12-10 16:54 - 2013-12-10 16:54 - 00006975 _____ C:\Users\Apostolos\Desktop\JRT.txt
2013-12-10 16:48 - 2013-12-10 16:48 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 16:47 - 2013-12-10 16:47 - 01034531 _____ (Thisisu) C:\Users\Apostolos\Downloads\JRT.exe
2013-12-10 15:22 - 2013-12-10 15:22 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 15:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-10 15:21 - 2013-12-10 15:21 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Apostolos\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-05 12:05 - 2013-12-05 12:05 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\ProgramData\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-05 12:00 - 2013-12-05 12:00 - 02294160 _____ C:\Users\Apostolos\Downloads\avira_free_antivirus.exe
2013-12-05 10:50 - 2013-12-05 10:50 - 00023850 _____ C:\ComboFix.txt
2013-12-05 10:22 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-05 10:22 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-05 10:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-05 10:15 - 2013-12-05 10:50 - 00000000 ____D C:\Qoobox
2013-12-05 10:15 - 2013-12-05 10:48 - 00000000 ____D C:\Windows\erdnt
2013-12-05 10:12 - 2013-12-05 10:12 - 05152313 ____R (Swearware) C:\Users\Apostolos\Desktop\ComboFix.exe
2013-12-04 12:03 - 2013-12-04 12:04 - 00023306 _____ C:\Users\Apostolos\Desktop\Addition.txt
2013-12-04 12:02 - 2013-12-04 12:04 - 00051887 _____ C:\Users\Apostolos\Desktop\FRST.txt
2013-12-04 12:01 - 2013-12-04 12:01 - 00000000 ____D C:\FRST
2013-12-03 10:19 - 2013-12-10 11:04 - 00000000 ____D C:\Users\Apostolos\Desktop\Neuer Ordner
2013-12-03 10:06 - 2013-12-03 10:06 - 00275392 _____ C:\Windows\Minidump\120313-35178-01.dmp
2013-12-03 09:50 - 2013-12-03 09:51 - 00275392 _____ C:\Windows\Minidump\120313-39047-01.dmp
2013-12-03 09:42 - 2013-12-03 10:06 - 00000000 ____D C:\Windows\Minidump
2013-12-03 09:42 - 2013-12-03 09:42 - 00275448 _____ C:\Windows\Minidump\120313-38547-01.dmp
2013-12-03 09:41 - 2013-12-03 10:06 - 486399336 _____ C:\Windows\MEMORY.DMP
2013-11-28 13:41 - 2013-11-28 13:41 - 00692428 _____ C:\Users\Apostolos\Downloads\IM3413134.zip
2013-11-28 12:28 - 2013-12-10 16:59 - 00000000 ___RD C:\Users\Apostolos\Dropbox
2013-11-28 12:28 - 2013-11-28 12:29 - 00001031 _____ C:\Users\Apostolos\Desktop\Dropbox.lnk
2013-11-28 12:26 - 2013-11-28 12:29 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-28 12:25 - 2013-12-10 17:00 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Dropbox
2013-11-28 12:25 - 2013-11-28 12:25 - 35334016 _____ (Dropbox, Inc.) C:\Users\Apostolos\Downloads\Dropbox 2.4.7.exe
2013-11-27 18:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 18:10 - 2013-11-27 18:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-27 18:08 - 2013-11-27 18:08 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-27 18:08 - 2013-11-27 18:08 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-27 18:07 - 2013-11-27 18:14 - 00012105 _____ C:\Windows\IE11_main.log
2013-11-26 09:55 - 2013-11-26 09:55 - 03416856 _____ (Ilja Herlein                                                ) C:\Users\Apostolos\Downloads\netsetman_setup_361.exe
2013-11-25 11:04 - 2013-12-03 09:46 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-11-16 15:32 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-16 15:32 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-16 15:32 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-16 15:32 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-16 15:32 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-16 15:32 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-16 15:32 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-16 15:32 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-16 15:32 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-16 15:32 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-16 15:32 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-16 15:32 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-16 15:32 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-16 15:32 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-16 15:32 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-16 15:32 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-16 15:32 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-16 15:32 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-16 15:32 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-16 15:32 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-16 15:32 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-16 15:32 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-16 15:32 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-16 15:32 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-10 17:04 - 2013-12-10 17:03 - 00011515 _____ C:\Users\Apostolos\Downloads\FRST.txt
2013-12-10 17:02 - 2013-12-10 17:02 - 01927982 _____ (Farbar) C:\Users\Apostolos\Downloads\FRST64.exe
2013-12-10 17:00 - 2013-11-28 12:25 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Dropbox
2013-12-10 16:59 - 2013-11-28 12:28 - 00000000 ___RD C:\Users\Apostolos\Dropbox
2013-12-10 16:59 - 2013-07-08 17:03 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2013-12-10 16:58 - 2010-11-21 04:47 - 00181578 _____ C:\Windows\PFRO.log
2013-12-10 16:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-10 16:58 - 2009-07-14 05:51 - 00039365 _____ C:\Windows\setupact.log
2013-12-10 16:57 - 2013-01-31 11:53 - 01543655 _____ C:\Windows\WindowsUpdate.log
2013-12-10 16:54 - 2013-12-10 16:54 - 00006975 _____ C:\Users\Apostolos\Desktop\JRT.txt
2013-12-10 16:48 - 2013-12-10 16:48 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 16:47 - 2013-12-10 16:47 - 01034531 _____ (Thisisu) C:\Users\Apostolos\Downloads\JRT.exe
2013-12-10 16:42 - 2013-07-05 17:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 15:22 - 2013-12-10 15:22 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 15:21 - 2013-12-10 15:21 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Apostolos\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 14:40 - 2013-10-31 09:35 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-12-10 11:27 - 2013-10-02 16:08 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-12-10 11:04 - 2013-12-03 10:19 - 00000000 ____D C:\Users\Apostolos\Desktop\Neuer Ordner
2013-12-10 09:07 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 09:07 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 15:16 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-05 12:05 - 2013-12-05 12:05 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\ProgramData\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-05 12:00 - 2013-12-05 12:00 - 02294160 _____ C:\Users\Apostolos\Downloads\avira_free_antivirus.exe
2013-12-05 10:50 - 2013-12-05 10:50 - 00023850 _____ C:\ComboFix.txt
2013-12-05 10:50 - 2013-12-05 10:15 - 00000000 ____D C:\Qoobox
2013-12-05 10:50 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-05 10:48 - 2013-12-05 10:15 - 00000000 ____D C:\Windows\erdnt
2013-12-05 10:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-05 10:12 - 2013-12-05 10:12 - 05152313 ____R (Swearware) C:\Users\Apostolos\Desktop\ComboFix.exe
2013-12-04 15:50 - 2010-11-21 07:50 - 00657910 _____ C:\Windows\system32\perfh007.dat
2013-12-04 15:50 - 2010-11-21 07:50 - 00131250 _____ C:\Windows\system32\perfc007.dat
2013-12-04 15:50 - 2009-07-14 06:13 - 01507342 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-04 12:04 - 2013-12-04 12:03 - 00023306 _____ C:\Users\Apostolos\Desktop\Addition.txt
2013-12-04 12:04 - 2013-12-04 12:02 - 00051887 _____ C:\Users\Apostolos\Desktop\FRST.txt
2013-12-04 12:01 - 2013-12-04 12:01 - 00000000 ____D C:\FRST
2013-12-03 10:06 - 2013-12-03 10:06 - 00275392 _____ C:\Windows\Minidump\120313-35178-01.dmp
2013-12-03 10:06 - 2013-12-03 09:42 - 00000000 ____D C:\Windows\Minidump
2013-12-03 10:06 - 2013-12-03 09:41 - 486399336 _____ C:\Windows\MEMORY.DMP
2013-12-03 10:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-03 09:51 - 2013-12-03 09:50 - 00275392 _____ C:\Windows\Minidump\120313-39047-01.dmp
2013-12-03 09:46 - 2013-11-25 11:04 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-12-03 09:42 - 2013-12-03 09:42 - 00275448 _____ C:\Windows\Minidump\120313-38547-01.dmp
2013-12-02 10:13 - 2013-09-05 12:42 - 00000000 ____D C:\Windows\rescache
2013-11-28 13:41 - 2013-11-28 13:41 - 00692428 _____ C:\Users\Apostolos\Downloads\IM3413134.zip
2013-11-28 12:29 - 2013-11-28 12:28 - 00001031 _____ C:\Users\Apostolos\Desktop\Dropbox.lnk
2013-11-28 12:29 - 2013-11-28 12:26 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-28 12:29 - 2013-07-08 17:05 - 00000000 ___RD C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 12:28 - 2013-07-08 17:05 - 00000000 ____D C:\Users\Apostolos
2013-11-28 12:25 - 2013-11-28 12:25 - 35334016 _____ (Dropbox, Inc.) C:\Users\Apostolos\Downloads\Dropbox 2.4.7.exe
2013-11-28 08:54 - 2013-07-08 17:05 - 00001425 _____ C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 08:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 18:14 - 2013-11-27 18:07 - 00012105 _____ C:\Windows\IE11_main.log
2013-11-27 18:10 - 2013-11-27 18:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-27 18:08 - 2013-11-27 18:08 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-27 18:08 - 2013-11-27 18:08 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-26 09:55 - 2013-11-26 09:55 - 03416856 _____ (Ilja Herlein                                                ) C:\Users\Apostolos\Downloads\netsetman_setup_361.exe
2013-11-26 09:55 - 2013-07-23 12:58 - 00000000 ____D C:\Program Files (x86)\NetSetMan
2013-11-25 16:44 - 2013-08-01 14:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-25 16:35 - 2013-07-05 17:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-25 16:35 - 2013-01-31 17:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-25 16:35 - 2013-01-31 17:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-17 00:12 - 2013-07-23 08:24 - 00000000 ____D C:\Windows\system32\MRT
2013-11-17 00:10 - 2013-02-02 13:41 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-16 16:17 - 2013-04-21 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 15:27 - 2013-07-08 17:06 - 00000000 ____D C:\Users\Apostolos\AppData\Local\Adobe
2013-11-16 15:25 - 2013-01-31 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-10 01:07 - 2013-11-02 01:56 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Apostolos\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 11:59

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 11.12.2013 09:31

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Apotam 11.12.2013 13:11
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8c043ba7fd532a4ea108f69ad0715178
# engine=16226
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-11 11:48:01
# local_time=2013-12-11 12:48:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 17377 524852 10147 0
# compatibility_mode=5893 16776574 100 94 13112870 138392331 0 0
# scanned=143931
# found=3
# cleaned=0
# scan_time=7635
sh=50864334B5D01135C95E14DCB23A0C421DCB4CC8 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\YTKaraoke\chrome.crx.vir"
sh=AA3ADCAECB9147D32A864600E088557B0F1AC178 ft=1 fh=790be06f500136eb vn="a variant of Win32/Adware.AddLyrics.I application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\YTKaraoke\updkar.exe.vir"
sh=DEADADD0239B0920AC3733849F85B122486A097F ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\YTKaraoke\FF\chrome\content\main.js.vir"

Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (25.0.1)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
StarMoney 8.0 ouservice StarMoneyOnlineUpdate.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01
Ran by Apostolos (administrator) on APO-PC on 11-12-2013 13:05:00
Running from C:\Users\Apostolos\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ilja Herlein) C:\Program Files (x86)\NetSetMan\netsetman.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NetSetMan] - C:\Program Files (x86)\NetSetMan\netsetman.exe [5174952 2013-11-26] (Ilja Herlein)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2011-09-20] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-12-05] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: c:\PROGRA~4\BitGuard\271832~1.68\{C16C1~1\loader.dll [ ] ()
Startup: C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Apostolos\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8876ACB63ACBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{1D1A958D-67D2-4AB5-90D7-A0D47FFA2EC8}: [NameServer]192.168.8.100
Tcpip\..\Interfaces\{52F506F6-924B-4B28-AAD4-5EF39766E244}: [NameServer]192.168.8.100

FireFox:
========
FF ProfilePath: C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~3\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Virtual DJ Toolbar - C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\Extensions\toolbar_VDJ-V7@apn.ask.com
FF Extension: toolbar_VDJ-V7 - C:\Users\Apostolos\AppData\Roaming\Mozilla\Firefox\Profiles\7nq7t0ij.default\Extensions\toolbar_VDJ-V7@apn.ask.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-29] (APN LLC.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
S2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-12-05] (Avira Operations GmbH & Co. KG)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-11 13:04 - 2013-12-11 13:04 - 00000000 ____D C:\Users\Apostolos\Downloads\FRST-OlderVersion
2013-12-11 13:01 - 2013-12-11 13:01 - 00891200 _____ C:\Users\Apostolos\Downloads\SecurityCheck.exe
2013-12-11 10:37 - 2013-12-11 10:37 - 02347384 _____ (ESET) C:\Users\Apostolos\Downloads\esetsmartinstaller_enu.exe
2013-12-10 17:03 - 2013-12-11 13:05 - 00011878 _____ C:\Users\Apostolos\Downloads\FRST.txt
2013-12-10 17:02 - 2013-12-11 13:04 - 01928212 _____ (Farbar) C:\Users\Apostolos\Downloads\FRST64.exe
2013-12-10 16:54 - 2013-12-10 16:54 - 00006975 _____ C:\Users\Apostolos\Desktop\JRT.txt
2013-12-10 16:48 - 2013-12-10 16:48 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 16:47 - 2013-12-10 16:47 - 01034531 _____ (Thisisu) C:\Users\Apostolos\Downloads\JRT.exe
2013-12-10 15:22 - 2013-12-10 15:22 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 15:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-10 15:21 - 2013-12-10 15:21 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Apostolos\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-05 12:05 - 2013-12-05 12:05 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\ProgramData\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-05 12:00 - 2013-12-05 12:00 - 02294160 _____ C:\Users\Apostolos\Downloads\avira_free_antivirus.exe
2013-12-05 10:50 - 2013-12-05 10:50 - 00023850 _____ C:\ComboFix.txt
2013-12-05 10:22 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-05 10:22 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-05 10:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-05 10:22 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-05 10:15 - 2013-12-05 10:50 - 00000000 ____D C:\Qoobox
2013-12-05 10:15 - 2013-12-05 10:48 - 00000000 ____D C:\Windows\erdnt
2013-12-05 10:12 - 2013-12-05 10:12 - 05152313 ____R (Swearware) C:\Users\Apostolos\Desktop\ComboFix.exe
2013-12-04 12:03 - 2013-12-04 12:04 - 00023306 _____ C:\Users\Apostolos\Desktop\Addition.txt
2013-12-04 12:02 - 2013-12-04 12:04 - 00051887 _____ C:\Users\Apostolos\Desktop\FRST.txt
2013-12-04 12:01 - 2013-12-11 13:04 - 00000000 ____D C:\FRST
2013-12-03 10:19 - 2013-12-10 11:04 - 00000000 ____D C:\Users\Apostolos\Desktop\Neuer Ordner
2013-12-03 10:06 - 2013-12-03 10:06 - 00275392 _____ C:\Windows\Minidump\120313-35178-01.dmp
2013-12-03 09:50 - 2013-12-03 09:51 - 00275392 _____ C:\Windows\Minidump\120313-39047-01.dmp
2013-12-03 09:42 - 2013-12-03 10:06 - 00000000 ____D C:\Windows\Minidump
2013-12-03 09:42 - 2013-12-03 09:42 - 00275448 _____ C:\Windows\Minidump\120313-38547-01.dmp
2013-12-03 09:41 - 2013-12-03 10:06 - 486399336 _____ C:\Windows\MEMORY.DMP
2013-11-28 13:41 - 2013-11-28 13:41 - 00692428 _____ C:\Users\Apostolos\Downloads\IM3413134.zip
2013-11-28 12:28 - 2013-12-11 09:03 - 00000000 ___RD C:\Users\Apostolos\Dropbox
2013-11-28 12:28 - 2013-11-28 12:29 - 00001031 _____ C:\Users\Apostolos\Desktop\Dropbox.lnk
2013-11-28 12:26 - 2013-11-28 12:29 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-28 12:25 - 2013-12-11 09:03 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Dropbox
2013-11-28 12:25 - 2013-11-28 12:25 - 35334016 _____ (Dropbox, Inc.) C:\Users\Apostolos\Downloads\Dropbox 2.4.7.exe
2013-11-27 18:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 18:10 - 2013-11-27 18:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-27 18:08 - 2013-11-27 18:08 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-27 18:08 - 2013-11-27 18:08 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-27 18:07 - 2013-11-27 18:14 - 00012105 _____ C:\Windows\IE11_main.log
2013-11-26 09:55 - 2013-11-26 09:55 - 03416856 _____ (Ilja Herlein                                                ) C:\Users\Apostolos\Downloads\netsetman_setup_361.exe
2013-11-25 11:04 - 2013-12-03 09:46 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-11-16 15:32 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-16 15:32 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-16 15:32 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-16 15:32 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-16 15:32 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-16 15:32 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-16 15:32 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-16 15:32 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-16 15:32 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-16 15:32 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-16 15:32 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-16 15:32 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-16 15:32 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-16 15:32 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-16 15:32 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-16 15:32 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-16 15:32 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-16 15:32 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-16 15:32 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-16 15:32 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-16 15:32 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-16 15:32 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-16 15:32 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-16 15:32 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-11 13:05 - 2013-12-10 17:03 - 00011878 _____ C:\Users\Apostolos\Downloads\FRST.txt
2013-12-11 13:04 - 2013-12-11 13:04 - 00000000 ____D C:\Users\Apostolos\Downloads\FRST-OlderVersion
2013-12-11 13:04 - 2013-12-10 17:02 - 01928212 _____ (Farbar) C:\Users\Apostolos\Downloads\FRST64.exe
2013-12-11 13:04 - 2013-12-04 12:01 - 00000000 ____D C:\FRST
2013-12-11 13:01 - 2013-12-11 13:01 - 00891200 _____ C:\Users\Apostolos\Downloads\SecurityCheck.exe
2013-12-11 12:44 - 2013-07-05 17:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 12:44 - 2013-07-05 17:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-11 12:44 - 2013-01-31 17:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 12:44 - 2013-01-31 17:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 12:44 - 2013-01-31 11:53 - 01666733 _____ C:\Windows\WindowsUpdate.log
2013-12-11 10:40 - 2010-11-21 07:50 - 00657910 _____ C:\Windows\system32\perfh007.dat
2013-12-11 10:40 - 2010-11-21 07:50 - 00131250 _____ C:\Windows\system32\perfc007.dat
2013-12-11 10:40 - 2009-07-14 06:13 - 01507342 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 10:38 - 2013-07-08 17:03 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2013-12-11 10:37 - 2013-12-11 10:37 - 02347384 _____ (ESET) C:\Users\Apostolos\Downloads\esetsmartinstaller_enu.exe
2013-12-11 10:26 - 2013-10-02 16:08 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-12-11 09:20 - 2013-08-01 14:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-11 09:03 - 2013-11-28 12:28 - 00000000 ___RD C:\Users\Apostolos\Dropbox
2013-12-11 09:03 - 2013-11-28 12:25 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Dropbox
2013-12-11 09:02 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 09:02 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 08:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 08:53 - 2009-07-14 05:51 - 00039421 _____ C:\Windows\setupact.log
2013-12-10 16:58 - 2010-11-21 04:47 - 00181578 _____ C:\Windows\PFRO.log
2013-12-10 16:54 - 2013-12-10 16:54 - 00006975 _____ C:\Users\Apostolos\Desktop\JRT.txt
2013-12-10 16:48 - 2013-12-10 16:48 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 16:47 - 2013-12-10 16:47 - 01034531 _____ (Thisisu) C:\Users\Apostolos\Downloads\JRT.exe
2013-12-10 15:22 - 2013-12-10 15:22 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 15:22 - 2013-12-10 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 15:21 - 2013-12-10 15:21 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Apostolos\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 14:40 - 2013-10-31 09:35 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-12-10 11:04 - 2013-12-03 10:19 - 00000000 ____D C:\Users\Apostolos\Desktop\Neuer Ordner
2013-12-06 15:16 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-05 12:05 - 2013-12-05 12:05 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-05 12:02 - 2013-12-05 12:02 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\ProgramData\Avira
2013-12-05 12:02 - 2013-12-05 12:02 - 00000000 ____D C:\Program Files (x86)\Avira
2013-12-05 12:00 - 2013-12-05 12:00 - 02294160 _____ C:\Users\Apostolos\Downloads\avira_free_antivirus.exe
2013-12-05 10:50 - 2013-12-05 10:50 - 00023850 _____ C:\ComboFix.txt
2013-12-05 10:50 - 2013-12-05 10:15 - 00000000 ____D C:\Qoobox
2013-12-05 10:50 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-05 10:48 - 2013-12-05 10:15 - 00000000 ____D C:\Windows\erdnt
2013-12-05 10:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-05 10:12 - 2013-12-05 10:12 - 05152313 ____R (Swearware) C:\Users\Apostolos\Desktop\ComboFix.exe
2013-12-04 12:04 - 2013-12-04 12:03 - 00023306 _____ C:\Users\Apostolos\Desktop\Addition.txt
2013-12-04 12:04 - 2013-12-04 12:02 - 00051887 _____ C:\Users\Apostolos\Desktop\FRST.txt
2013-12-03 10:06 - 2013-12-03 10:06 - 00275392 _____ C:\Windows\Minidump\120313-35178-01.dmp
2013-12-03 10:06 - 2013-12-03 09:42 - 00000000 ____D C:\Windows\Minidump
2013-12-03 10:06 - 2013-12-03 09:41 - 486399336 _____ C:\Windows\MEMORY.DMP
2013-12-03 10:05 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-03 09:51 - 2013-12-03 09:50 - 00275392 _____ C:\Windows\Minidump\120313-39047-01.dmp
2013-12-03 09:46 - 2013-11-25 11:04 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-12-03 09:42 - 2013-12-03 09:42 - 00275448 _____ C:\Windows\Minidump\120313-38547-01.dmp
2013-12-02 10:13 - 2013-09-05 12:42 - 00000000 ____D C:\Windows\rescache
2013-11-28 13:41 - 2013-11-28 13:41 - 00692428 _____ C:\Users\Apostolos\Downloads\IM3413134.zip
2013-11-28 12:29 - 2013-11-28 12:28 - 00001031 _____ C:\Users\Apostolos\Desktop\Dropbox.lnk
2013-11-28 12:29 - 2013-11-28 12:26 - 00000000 ____D C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-28 12:29 - 2013-07-08 17:05 - 00000000 ___RD C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 12:28 - 2013-07-08 17:05 - 00000000 ____D C:\Users\Apostolos
2013-11-28 12:25 - 2013-11-28 12:25 - 35334016 _____ (Dropbox, Inc.) C:\Users\Apostolos\Downloads\Dropbox 2.4.7.exe
2013-11-28 08:54 - 2013-07-08 17:05 - 00001425 _____ C:\Users\Apostolos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 08:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 18:14 - 2013-11-27 18:07 - 00012105 _____ C:\Windows\IE11_main.log
2013-11-27 18:10 - 2013-11-27 18:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 18:10 - 2013-11-27 18:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 18:10 - 2013-11-27 18:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 18:10 - 2013-11-27 18:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 18:10 - 2013-11-27 18:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 18:10 - 2013-11-27 18:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 18:10 - 2013-11-27 18:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 18:10 - 2013-11-27 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-27 18:09 - 2013-11-27 18:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-27 18:09 - 2013-11-27 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-27 18:08 - 2013-11-27 18:08 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-27 18:08 - 2013-11-27 18:08 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-27 18:08 - 2013-11-27 18:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-26 09:55 - 2013-11-26 09:55 - 03416856 _____ (Ilja Herlein                                                ) C:\Users\Apostolos\Downloads\netsetman_setup_361.exe
2013-11-26 09:55 - 2013-07-23 12:58 - 00000000 ____D C:\Program Files (x86)\NetSetMan
2013-11-17 00:12 - 2013-07-23 08:24 - 00000000 ____D C:\Windows\system32\MRT
2013-11-17 00:10 - 2013-02-02 13:41 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-16 16:17 - 2013-04-21 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 15:27 - 2013-07-08 17:06 - 00000000 ____D C:\Users\Apostolos\AppData\Local\Adobe
2013-11-16 15:25 - 2013-01-31 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Apostolos\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 11:59

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Hi Schrauber ,


vielen lieben Dank für deine bisherige Hilfe !
Ich habe keine weitere Probleme mehr bekommen hoffe, dass der scheiß weg ist !

gerne nehme ich jede weitere Hilfe bis zur endgültige Abschliessung der Malware.

Schönen Tag noch.!

LG
APOTAM

schrauber 12.12.2013 09:22
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
AppInit_DLLs: c:\PROGRA~4\BitGuard\271832~1.68\{C16C1~1\loader.dll [ ] ()

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Apotam 18.12.2013 14:12
HTML-Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-12-2013 03
Ran by Apostolos at 2013-12-18 14:10:13 Run:1
Running from C:\Users\Apostolos\Downloads\FRST-OlderVersion
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AppInit_DLLs: c:\PROGRA~4\BitGuard\271832~1.68\{C16C1~1\loader.dll [ ] ()
*****************

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.

==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-12-2013 03
Ran by Apostolos at 2013-12-18 14:10:13 Run:1
Running from C:\Users\Apostolos\Downloads\FRST-OlderVersion
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AppInit_DLLs: c:\PROGRA~4\BitGuard\271832~1.68\{C16C1~1\loader.dll [ ] ()
*****************

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.

==== End of Fixlog ====

schrauber 19.12.2013 10:10
fertig :)

Apotam 19.12.2013 11:34
Hallo Schrauber ,

es bestehen keine weitere fragen wenn du willst kannst du diesen Thread löschen.

Vielen vielen dank nochmal .


Schöne Grüße aus Düsseldorf

ApoTam

schrauber 20.12.2013 09:13
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:36 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131