Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Nation Zoom Virus (https://www.trojaner-board.de/145810-nation-zoom-virus.html)

Stefan_P 09.12.2013 18:07
Nation Zoom Virus
 
Hallo,

wie viele andere, ist auch mein Notebook mit dem Nation Zoom Virus infiziert.

Ich benutze den Internet Explorer und habe es bereits geschafft, das Nation Zoom nicht mehr als Startseite angezeigt wird, indem ich auf mit Rechtsklick auf den IE Symbol --> Eigentschaften, den Zielpfad geändert habe. Dort habe ich hinter dem normalen Zielpfad ( "C:\Program Files\Internet Explorer\iexplore.exe" ) einen Zusatz von Nation Zoom entfernt.

Soweit so gut, allerdings versteckt sich der Virus ja dennoch irgendwo.

Danach bin ich auf dieses Forum gestoßen und bin die Schritte von "schrauber" aus folgendem Thread durchgegangen:

Nation Zoom Entfernen

Sprich:
- Zuerst ein FRST Log erstellt
- Malwarebytes Anti-Malware durchlaufen lassen
- Adw Cleaner durchlaufen lassen
- Junkware Removal Tool durchlaufen lassen
- Danach wieder ein FRST Log erstellt

Da auf meinem Notebook viele Vertrauliche und vorallem auch Berufliche Daten gespeichert sind und auch aufgrund aktueller Ereignisse (NSA Skandal ect.) bin ich etwas Vorsichtiger im Umgang mit meinen Daten geworden.
Bitte nehmt mir daher die Frage nicht übel ob Ihr mir auch ohne das Hochladen der Dateien helfen könnt?


Schonmal im Vorraus vielen Dank:daumenhoc


Mit freundlichen Grüßen

Stefan Pittruff

schrauber 09.12.2013 19:06
Hi,

nehm ich dir nicht übel, können wir aber nicht. Mene Glaskugel is grad zur Reparatur ;)

Stefan_P 10.12.2013 19:00
Hi,

Habe ich mir im Grunde auch schon gedacht ;)

So dann hier mal die Log-files:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-12-2013 03
Ran by Ingo (administrator) on PITTRUFF on 09-12-2013 15:40:47
Running from C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KOENQMB
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
() C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PDF Complete Inc) C:\Programme\PDF Complete\pdfsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\SAgent4.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ip-spanntechnik.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065&q={searchTerms}
URLSearchHook: HKLM - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
URLSearchHook: HKLM - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
URLSearchHook: HKLM - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=&type=hp1000
BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
BHO: No Name - {66b103a7-d772-4fcd-ace4-16f79a9056e0} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
BHO: No Name - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Ingo\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} -  No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default
FF NetworkProxy: "type", 0
FF Homepage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=hp&fr=linkury-tb&installDate=&type=hp1000
FF SelectedSearchEngine: Web Search
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\searchplugins\Web Search.xml
FF Extension: Plus-HD-4.9 - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com
FF Extension: Speed Test Analysis - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\speedtestanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\staged
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Shiny Profile - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF Extension:                                                                          em:name="Free YouTube Download (Free Studio) Menu" - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF Extension: Babylon - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c998d1a847b082; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-27] (Google Inc.)
R3 hpqcxs08; C:\Program Files\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [299008 2002-02-14] (Lexmark International, Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 pdfcDispatcher; C:\Programme\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 StatusAgent4; C:\Windows\system32\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AfwCore; C:\Windows\system32\Drivers\AfwCore.sys [263192 2008-11-11] (Agnitum Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2010-12-09] (Broadcom Corporation.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 OlyUsbCam; system32\DRIVERS\OlyUsbCam.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 16:41 - 2013-12-03 15:25 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-08 16:41 - 2013-12-03 15:25 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:44 - 2013-12-08 22:09 - 00000000 ____D C:\ProgramData\Conduit
2013-12-04 09:44 - 2013-12-04 09:45 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:44 - 2013-12-04 09:44 - 00000000 ___DC C:\SearchProtect
2013-12-04 09:43 - 2013-12-08 19:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-04 09:42 - 2013-12-04 09:44 - 00000009 ____C C:\END
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-03 18:55 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-03 18:20 - 2013-12-04 07:21 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 17:27 - 2013-12-03 18:14 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:17 - 2013-12-03 17:26 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 17:07 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 16:29 - 2013-12-03 16:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\IAC
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-02 12:20 - 2013-12-02 12:23 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:16 - 2013-12-02 12:19 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:11 - 2013-12-02 12:13 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:05 - 2013-12-02 12:11 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:49 - 2013-12-02 11:56 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:46 - 2013-12-02 11:57 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:44 - 2013-12-02 11:54 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:34 - 2013-12-02 11:38 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:32 - 2013-12-02 11:37 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:22 - 2013-12-02 11:26 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:15 - 2013-12-02 11:17 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra  .mp4
2013-12-02 11:07 - 2013-12-02 11:12 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 10:58 - 2013-12-02 11:06 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 10:53 - 2013-12-02 11:02 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:46 - 2013-12-02 10:50 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:37 - 2013-12-02 10:44 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:29 - 2013-12-02 10:41 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra  .mp4
2013-12-02 10:25 - 2013-12-02 10:34 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:23 - 2013-12-02 10:32 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:06 - 2013-12-02 10:09 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:00 - 2013-12-02 10:04 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 09:57 - 2013-12-02 10:02 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:50 - 2013-12-02 09:55 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-03 19:19 - 00000000 ____D C:\Users\Ingo\AppData\Local\SwvUpdater
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-12-02 09:29 - 2013-12-02 09:29 - 00000878 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2013-12-02 09:29 - 2013-12-02 09:29 - 00000870 _____ C:\Users\Ingo\Desktop\iLivid.lnk
2013-12-02 09:26 - 2013-12-02 09:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\iLivid
2013-11-30 16:25 - 2013-12-02 08:06 - 00000000 ____D C:\ProgramData\eSafe
2013-11-30 16:25 - 2013-12-02 07:49 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-30 16:23 - 2013-12-03 08:38 - 00000000 ____D C:\Program Files\Re-markit
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-22 11:21 - 2013-12-05 09:53 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2013-12-08 17:20 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 12:06 - 2013-12-08 22:11 - 00151042 _____ C:\Windows\PFRO.log
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-15 11:16 - 2013-08-21 05:31 - 00182680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-15 11:16 - 2013-08-21 05:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-13 08:04 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 08:04 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 08:04 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 08:04 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 08:04 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 08:04 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 08:04 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 08:04 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 08:04 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 08:04 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 08:04 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 08:04 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 07:50 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:49 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:49 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:49 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 07:49 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-09 15:41 - 2008-11-10 18:47 - 01526343 _____ C:\Windows\WindowsUpdate.log
2013-12-09 15:40 - 2008-08-28 06:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:34 - 2010-10-11 10:37 - 00000923 _____ C:\Users\Ingo\Desktop\Internet Explorer.lnk
2013-12-09 15:24 - 2009-06-30 16:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 15:23 - 2013-01-09 10:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 14:38 - 2008-12-03 15:59 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-09 14:38 - 2008-11-11 18:40 - 00087040 _____ C:\Users\Ingo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-09 14:37 - 2011-04-03 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-09 14:36 - 2006-11-02 11:33 - 01576246 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 14:35 - 2008-08-28 05:28 - 01072883 _____ C:\ProgramData\nvModes.001
2013-12-09 14:29 - 2008-08-28 05:22 - 01072883 _____ C:\ProgramData\nvModes.dat
2013-12-09 14:28 - 2009-06-30 16:49 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-09 14:28 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 14:28 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 14:27 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 14:16 - 2012-04-26 13:06 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\vlc
2013-12-09 10:02 - 2009-01-02 11:15 - 00000000 ____D C:\Users\Public\Documents\Profi cash
2013-12-09 10:02 - 2006-11-02 11:23 - 00001273 _____ C:\Windows\win.ini
2013-12-09 09:39 - 2008-11-10 19:31 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Adobe
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-09 08:33 - 2010-11-26 16:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\CrashDumps
2013-12-08 22:16 - 2008-08-28 03:21 - 00002140 _____ C:\Windows\bthservsdp.dat
2013-12-08 22:16 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-08 22:11 - 2013-11-18 12:06 - 00151042 _____ C:\Windows\PFRO.log
2013-12-08 22:10 - 2008-12-16 07:18 - 00000000 ____D C:\Windows\Sun
2013-12-08 22:09 - 2013-12-04 09:44 - 00000000 ____D C:\ProgramData\Conduit
2013-12-08 19:12 - 2013-12-04 09:43 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-08 18:31 - 2013-10-02 16:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AVS4YOU
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\Program Files\MAGIX
2013-12-08 17:37 - 2009-03-08 13:20 - 00000000 ____D C:\Windows\system32\MAGIX
2013-12-08 17:20 - 2013-11-22 11:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:05 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-08 17:17 - 2008-08-28 05:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 17:14 - 2012-12-17 21:09 - 00000000 ____D C:\Program Files\Epson Software
2013-12-08 17:11 - 2008-08-28 12:34 - 00000000 ____D C:\Program Files\HomeCinema
2013-12-08 17:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-08 16:48 - 2009-01-10 16:30 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-08 16:47 - 2011-12-23 11:26 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-08 16:28 - 2006-11-02 13:47 - 00599736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 15:17 - 2009-01-24 12:16 - 00000000 ____D C:\ProgramData\Lexware
2013-12-05 15:16 - 2011-12-08 16:29 - 00000000 ____D C:\ProgramData\BTrieve
2013-12-05 09:53 - 2013-11-22 11:21 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:45 - 2013-12-04 09:44 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:44 - 2013-12-04 09:44 - 00000000 ___DC C:\SearchProtect
2013-12-04 09:44 - 2013-12-04 09:42 - 00000009 ____C C:\END
2013-12-04 09:41 - 2013-10-02 16:09 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-12-04 09:41 - 2013-10-02 16:08 - 00000000 ____D C:\Program Files\AVS4YOU
2013-12-04 09:41 - 2008-11-10 18:50 - 00194352 _____ C:\Users\Ingo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-04 07:21 - 2013-12-03 18:20 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 19:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-12-03 19:19 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\SwvUpdater
2013-12-03 18:55 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:25 - 2013-10-02 15:19 - 00000136 ____C C:\LxDasi.Log
2013-12-03 18:21 - 2008-12-29 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 18:14 - 2013-12-03 17:27 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:26 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:25 - 2013-12-03 17:07 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 16:29 - 2013-12-03 16:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\IAC
2013-12-03 15:25 - 2013-12-08 16:41 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-03 15:25 - 2013-12-08 16:41 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-03 14:48 - 2013-06-30 17:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Skype
2013-12-03 14:48 - 2012-10-17 19:18 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-03 09:29 - 2013-06-30 17:11 - 00002379 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-03 08:38 - 2013-11-30 16:23 - 00000000 ____D C:\Program Files\Re-markit
2013-12-02 12:23 - 2013-12-02 12:20 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:19 - 2013-12-02 12:16 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:13 - 2013-12-02 12:11 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:11 - 2013-12-02 12:05 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:57 - 2013-12-02 11:46 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:56 - 2013-12-02 11:49 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:54 - 2013-12-02 11:44 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:38 - 2013-12-02 11:34 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:37 - 2013-12-02 11:32 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:26 - 2013-12-02 11:22 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:17 - 2013-12-02 11:15 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra  .mp4
2013-12-02 11:12 - 2013-12-02 11:07 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 11:06 - 2013-12-02 10:58 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 11:02 - 2013-12-02 10:53 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:50 - 2013-12-02 10:46 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:44 - 2013-12-02 10:37 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:41 - 2013-12-02 10:29 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra  .mp4
2013-12-02 10:34 - 2013-12-02 10:25 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:32 - 2013-12-02 10:23 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:09 - 2013-12-02 10:06 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:04 - 2013-12-02 10:00 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 10:02 - 2013-12-02 09:57 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:55 - 2013-12-02 09:50 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-12-02 09:29 - 2013-12-02 09:29 - 00000878 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2013-12-02 09:29 - 2013-12-02 09:29 - 00000870 _____ C:\Users\Ingo\Desktop\iLivid.lnk
2013-12-02 09:29 - 2013-12-02 09:26 - 00000000 ____D C:\Users\Ingo\AppData\Local\iLivid
2013-12-02 08:06 - 2013-11-30 16:25 - 00000000 ____D C:\ProgramData\eSafe
2013-12-02 07:49 - 2013-11-30 16:25 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-30 16:24 - 2010-10-11 09:40 - 00001940 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-30 16:24 - 2008-11-10 18:49 - 00001165 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 20:08 - 2012-10-17 19:18 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:08 - 2012-10-17 19:18 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-25 08:39 - 2013-05-30 11:02 - 00000000 ____D C:\Program Files\MyFree Codec
2013-11-25 08:30 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-11-25 07:57 - 2012-01-06 12:08 - 00000000 ____D C:\Users\Ingo\Documents\Steuerfälle
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2008-11-10 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Local\Google
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:55 - 2009-01-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-18 09:16 - 2009-09-24 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\FileZilla
2013-11-17 09:37 - 2013-06-30 17:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 09:36 - 2013-06-30 17:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-15 09:45 - 2008-11-16 12:35 - 00000000 ____D C:\Users\Ingo\AppData\Local\Adobe
2013-11-15 09:40 - 2012-04-11 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 09:40 - 2011-06-10 07:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-13 10:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-13 08:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-13 08:02 - 2013-07-18 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 07:51 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Ingo\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Ingo\AppData\Local\Temp\avgnt.exe
C:\Users\Ingo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ingo\AppData\Local\Temp\bassmod.dll
C:\Users\Ingo\AppData\Local\Temp\install_helper.exe
C:\Users\Ingo\AppData\Local\Temp\SHSetup.exe
C:\Users\Ingo\AppData\Local\Temp\Softonic_chr_1-8-28-14_cn_sign.exe
C:\Users\Ingo\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Ingo\AppData\Local\Temp\v2ayuhj3.dll
C:\Users\Ingo\AppData\Local\Temp\_is7A8C.exe
C:\Users\Ingo\AppData\Local\Temp\_isFC11.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-09 14:41

==================== End Of Log ============================
--- --- ---


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-12-2013 03
Ran by Ingo at 2013-12-09 15:42:43
Running from C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KOENQMB
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 6.1.1)
6200 (Version: 82.0.242.000)
6200_Help (Version: 82.0.242.000)
6200Trb (Version: 82.0.242.000)
AAVUpdateManager (Version: 18.00.0000)
ACDSee 8 (Version: 8.0.41)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.8)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.3) - Deutsch (Version: 10.1.3)
Adobe Shockwave Player (Version: 11)
Adobe SVG Viewer 3.0 (Version: 3.0)
AFPL Ghostscript 8.54
AFPL Ghostscript Fonts
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
ALDI NORD Bestellsoftware 4.9 (Version: 4.9)
Any DVD Converter Professional 4.6.1
Any Video Converter 5 5.0.3
Avira Free Antivirus (Version: 14.0.1.759)
AVS Media Player 4.2.2.104 (Version: 4.2.2.104)
AVS Video Converter 8 (Version: 8.4.2.541)
AVS Video Editor 6 (Version: 6.3.2.234)
BlackBerry Desktop Software 4.7 (Version: 4.7.0.37)
BufferChm (Version: 140.0.212.000)
CADENAS PARTwebViewer (Version: 1.0.36.7)
CCleaner (Version: 4.04)
Compatibility Pack für 2007 Office System (Version: 12.0.6514.5001)
Corel MediaOne (Version: 2.00.0000)
CorelDRAW Essential Edition 3
CorelDRAW Essential Edition 3 (Version: 3.0)
CrystalDiskInfo 5.6.2 (Version: 5.6.2)
CyberLink MediaShow (Version: 4.1.2014)
CyberLink YouCam (Version: 2.0.1916)
DE (Version: 3.0)
Digital Image (Version: 1.2.0.2)
DVDVideoSoftTB Toolbar (Version: 6.8.5.1)
DWG TrueView 2011 (Version: 18.1.49.0)
ElsterFormular-Upgrade (Version: 13.4.1.10296)
EPSON BX320FW Series Handbuch
EPSON BX320FW Series Netzwerk-Handbuch
EPSON BX320FW Series Printer Uninstall
Epson Event Manager (Version: 2.40.0001)
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EpsonNet Print (Version: 2.4j)
EpsonNet Setup 3.2 (Version: 3.2a)
EURACOM
e-Wörterbücher
Ext2 IFS 1.11a for Windows Vista/2008
Fax (Version: 120.0.194.000)
FileZilla Client 3.2.7.1 (Version: 3.2.7.1)
Firebird SQL Server - MAGIX Edition (Version: 2.0.1.13)
Foxlink Webcam (Version: 5.8.48000.201_WHQL)
Free YouTube Download version 3.2.16.1030 (Version: 3.2.16.1030)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.22.3)
IDA-STEP (HKCU Version: 4.0.12)
iLivid (Version: 5.0.0.4151) <==== ATTENTION
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
klickTel Fuzzy-Suchindex Juli 2003
klickTel Juli 2003
Lexware buchhalter 2013 (Version: 18.52.00.0375)
Lexware Elster (Version: 13.10.00.0021)
Lexware faktura+auftrag 2009 (Version: 13.51.00.0005)
Lexware Info Service (Version: 2.90.00.0009)
Lexware online banking (Version: 20.00.00.0059)
MAGIX Foto Manager 2008 5.0.0.255 (D) (Version: 5.0.0.255)
MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) (Version: 9.0.2.0)
MAGIX Screenshare 4.3.6.1987 (D) (Version: 4.3.6.1987)
MakeDisc (Version: 3.0.2601)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MEDION MD 41856
MegaView 2008
MegaView3D 2008
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Automated Troubleshooting Services Shim
Microsoft Money 99
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 1.0.30716.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XML Parser (Version: 8.0.7820.0)
Mozilla Firefox (3.6.10) (Version: 3.6.10 (de))
Mozilla Thunderbird (2.0.0.24) (Version: 2.0.0.24 (de))
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Music Editor Free
MyWinLocker 3 (Version: 3.1.20.0)
Nero 8 Essentials (Version: 8.3.124)
neroxml (Version: 1.0.0)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Drivers (Version: 1.10.61.39)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (Version: 9.10.0223)
OLYMPUS Master 2 (Version: 1.0.6)
Paint.NET v3.5.10 (Version: 3.60.0)
PC Inspector File Recovery (Version: 4.0)
PDFCreator (Version: 0.9.6)
PDF-Viewer (Version: 2.0.42.4)
Phase 5 HTML-Editor (Version: 5.6.2)
Presto! PageManager 9.00.11 SE (Version: 9.00.11)
Profi cash
Profi cash international
QuickTime (Version: 7.71.80.42)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5672)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
RedMon - Redirection Port Monitor
Roxio Media Manager (Version: 9.4.052)
Samsung CLX-3170 Series
Samsung Kies (Version: 2.5.3.13043_14)
Samsung Story Album Viewer (Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0)
Scan (Version: 8.1.0.0)
Sceneo AbsolutTV
Search Protect by conduit (Version: 1.7.0.72) <==== ATTENTION
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
Skype™ 6.10 (Version: 6.10.104)
SmarThru 4
SmarThru PC Fax
Solid Edge V19 (Version: 19.00.0066)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Steuer-Spar-Erklärung 2008 (Version: 13.02.0000)
Steuer-Spar-Erklärung 2009 (Version: 14.01.0000)
Steuer-Spar-Erklärung 2010 (Version: 15.14)
Steuer-Spar-Erklärung 2011 (Version: 16.16)
Steuer-Spar-Erklärung 2012 (Version: 17.12)
Steuer-Spar-Erklärung 2013 (Version: 18.09)
SUPER © Version 2010.bld.37 (Jan 2, 2010) (Version: Version 2010.bld.37 (Jan 2, 2010))
TextBridge Pro 8.0
Toolbox (Version: 82.0.173.000)
TVsweeper 3 (Version: 3.0.3)
Ulead Photo Express 3.0 SE
UnloadSupport (Version: 1.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update Manager (Version: 4.60)
VCRedistSetup (Version: 1.0.0)
VLC media player 2.0.1 (Version: 2.0.1)
WebReg (Version: 140.0.212.017)
WIDCOMM Bluetooth Software (Version: 6.3.0.6800)
Windows Live Fotogalerie (Version: 12.0.1347.0718)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Mail (Version: 12.0.1606.1023)
Windows Live Sign-in Assistant (Version: 5.000.742.2)
Windows Live Writer (Version: 12.0.1370.0325)
WinRAR
Zoner Photo Studio 12 (Version: 12.0.1.7)

==================== Restore Points =========================

18-11-2013 16:31:39 Geplanter Prüfpunkt
22-11-2013 11:06:35 TuneUp Utilities 2014 wird entfernt
22-11-2013 11:21:46 TuneUp Utilities 2014 (de-DE) wird entfernt
25-11-2013 07:28:48 Entfernt STK02N 2.4
25-11-2013 07:42:43 Removed Internet Explorer Toolbar 4.6 by SweetPacks
27-11-2013 07:13:52 Windows Update
29-11-2013 07:11:09 Windows Update
30-11-2013 16:26:12 Removed Snap.Do
30-11-2013 16:28:00 Removed Snap.Do
30-11-2013 16:30:03 Removed Snap.Do
30-11-2013 16:55:44 Removed RENESIS® Player Browser Plugins
03-12-2013 15:44:14 Installed Windows Movie Maker 2.6
03-12-2013 19:03:40 Installed Microsoft Fix it 50195
03-12-2013 19:08:42 Installed Microsoft Fix it 50195
04-12-2013 07:45:22 Windows Update
08-12-2013 15:43:36 Entfernt PhotoImpression
08-12-2013 15:45:33 Entfernt MediaImpression
08-12-2013 15:47:35 Entfernt VideoImpression
08-12-2013 15:49:33 Konfiguriert PhotoNow
08-12-2013 15:51:34 Konfiguriert PowerDirector
08-12-2013 16:05:11 Konfiguriert PowerProducer
08-12-2013 16:16:35 Entfernt Easy Photo Print Plug-in for PMB(Picture Motion BrowserÝâû%
08-12-2013 16:17:23 Removed Epson Event Manager
08-12-2013 16:17:59 Removed Epson Event Manager
08-12-2013 16:23:50 Removed Yahoo Community Smartbar
08-12-2013 16:25:09 Removed Yahoo Community Smartbar
08-12-2013 16:27:07 Removed Yahoo Community Smartbar
08-12-2013 16:32:38 Removed Windows Movie Maker 2.6
09-12-2013 14:05:16 Installed SpyHunter

==================== Hosts content: ==========================

2006-11-02 11:23 - 2012-07-07 16:29 - 00000791 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BC71857-671D-465F-B500-6599B10B3014} - System32\Tasks\Microsoft\Support\ATS\OAS Integration => C:\Users\Ingo\AppData\Local\Temp\MATS-Temp\IXPglzpxzuw.y2f\MATSWiz.exe
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {9E7C5EF5-74DE-4AA6-B24B-766C4CDF5EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\System32\pla.dll [2008-01-21] (Microsoft Corporation)
Task: {DE448A6E-3775-46A2-B855-A90581ABFD78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {E3289498-7688-49B7-BBC0-EE9CF2E13A92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-15] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F33FC516-073F-495D-9B84-AE6CAA931EBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-11-15 15:08 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-06-28 15:36 - 2005-01-06 17:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2009-12-16 13:15 - 2007-12-27 16:38 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll
2007-03-20 14:08 - 2007-03-20 14:08 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll
2012-10-17 19:18 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2009-08-23 18:58 - 2009-08-23 18:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-03-05 08:01 - 1998-12-14 11:06 - 00163328 _____ () C:\Program Files\Common Files\Xerox Shared\easytb32.dll
2009-03-05 08:01 - 1998-12-14 11:06 - 00034304 _____ () C:\Program Files\Common Files\Xerox Shared\VGFILE.dll
2009-05-27 16:09 - 2008-09-16 19:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-08-28 13:02 - 2007-05-16 21:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2009-08-19 06:51 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:FB1B13D8

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 3065.95 MB
Available physical RAM: 1315.66 MB
Total Pagefile: 6334.91 MB
Available Pagefile: 4387.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.49 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:163.89 GB) (Free:51.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Pittruff) (Fixed) (Total:48.83 GB) (Free:8.86 GB) NTFS
Drive e: (RECOVER) (Fixed) (Total:19.76 GB) (Free:3.97 GB) FAT32
Drive f: (IP Spanntechnik) (Fixed) (Total:65.6 GB) (Free:25.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 8E03B488)
Partition 1: (Active) - (Size=164 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=66 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20 GB) - (Type=0C)

==================== End Of Log ============================


Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.09.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Ingo :: PITTRUFF [Administrator]

Schutz: Deaktiviert

09.12.2013 15:50:40
mbam-log-2013-12-09 (15-50-40).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 210710
Laufzeit: 17 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKLM\Software\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.NationZoom) -> Bösartig: (hxxp://www.nationzoom.com/web/?type=ds&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Windows\Installer\MSID31.tmp-\Smartbar.Installer.CustomActions.dll (PUP.Optional.SmartBar) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
AdwCleaner Logfile:
Code:
# AdwCleaner v3.014 - Bericht erstellt am 09/12/2013 um 16:41:49
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Ingo - PITTRUFF
# Gestartet von : C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4UYX1SU\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Searchprotect
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files\myfree codec
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\eSupport.com
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\iac
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Ingo\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Ingo\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\thinstall
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\8eowee1n.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\search@searchsettings.com
Ordner Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\speedtestanalysis@SpeedAnalysis.com
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Users\Ingo\Desktop\iLivid.lnk
Datei Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\8eowee1n.default\user.js
Datei Gelöscht : C:\Program Files\Mozilla Firefox\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592218}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596618}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : HKCU\Software\allin1convert_8h
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\pdfforge.org
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\allin1convert_8h
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\allin1convert_8h
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\pdfforge.org
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16520

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v3.6.10 (de)

[ Datei : C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\prefs.js ]

Zeile gelöscht : user_pref("CT3312329.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3312329.UserID", "UN41390810601438920");
Zeile gelöscht : user_pref("CT3312329.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3312329.fullUserID", "UN41390810601438920.IN.20131204094330");
Zeile gelöscht : user_pref("CT3312329.installDate", "04/12/2013 09:43:40");
Zeile gelöscht : user_pref("CT3312329.installSessionId", "{BD58B5F8-A968-4909-85B4-0A6CB4DC7A83}");
Zeile gelöscht : user_pref("CT3312329.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3312329.installerVersion", "1.8.1.4");
Zeile gelöscht : user_pref("CT3312329.keyword", "true");
Zeile gelöscht : user_pref("CT3312329.originalHomepage", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=b2971a31000000000000001f1609202d&toi=16042");
Zeile gelöscht : user_pref("CT3312329.originalSearchAddressUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=b2971a31000000000000001f1609202d&toi=16042&q=");
Zeile gelöscht : user_pref("CT3312329.originalSearchEngine", "Search the web (Softonic)");
Zeile gelöscht : user_pref("CT3312329.originalSearchEngineName", "nationzoom");
Zeile gelöscht : user_pref("CT3312329.searchRevert", "false");
Zeile gelöscht : user_pref("CT3312329.searchUninstallUserMode", "2");
Zeile gelöscht : user_pref("CT3312329.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3312329.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3312329.toolbarInstallDate", "04-12-2013 09:43:30");
Zeile gelöscht : user_pref("CT3312329.versionFromInstaller", "10.22.5.10");
Zeile gelöscht : user_pref("CT3312329.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=b2971a31000000000000001f1609202d&toi=16042&q=");
Zeile gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "appbarioDE 1 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&CUI=UN41390810601438920&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 23);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=100480&babsrc=adbartrp&mntrId=b2971a31000000000000001f1609202d&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 23);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?AF=100480&babsrc=NT_ss&mntrId=b2971a31000000000000001f1609202d");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 92229423);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=b2971a31000000000000001f1609202d&toi=16042");
Zeile gelöscht : user_pref("extensions.Softonic.hpOld0", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=c2751ca9-1ac0-d8e5-99b1-37706eb121ed&searchtype=hp&installDate=30/11/2013");
Zeile gelöscht : user_pref("extensions.Softonic.id", "b2971a31000000000000001f1609202d");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16031");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=b2971a31000000000000001f1609202d&toi=16042&q=");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=b2971a31000000000000001f1609202d&toi=16042");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=b2971a31000000000000001f1609202d&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:20:07");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.enabledItems", "{21125b9c-8553-2206-6f45-25494cca0293}:1.0,{c2751ca9-1ac0-d8e5-99b1-37706eb121ed}:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,ffxtlbr@babylon.com:1.2.0,{CAFE[...]
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3312329&CUI=UN41390810601438920&UM=2&SearchSource=13");
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&SearchSource=2&CUI=UN41390810601438920&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.machineId", "DAF81IKWUHXASKGJVM75EFZHJPGJAZUUMNRXJCRY7UFKCY6M8GTDBNLYJ0WPQIP4FMHRCL8XH5U4LFQCCPVP2W");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://isearch.avg.com?cid=%7B065a6a0b-7a65-4803-b97e-976ca28c4373%7D&mid=09af52a062bd47d0997ad15ce91f5368-4def9bd3e7d1ac6d6544d578ec88f[...]
Zeile gelöscht : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010006.10031&barid={A2B303C0-3AC7-11E2-A7B1-0015AFFBBA9B}");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=21125b9c-8553-2206-6f45-25494cca0293&searchtype=hp&fr=linkury-tb&installDate=&type=hp1000"[...]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");

*************************

AdwCleaner[R0].txt - [18756 octets] - [09/12/2013 16:29:04]
AdwCleaner[S0].txt - [18316 octets] - [09/12/2013 16:41:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18377 octets] ##########
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Ingo on 09.12.2013 at 16:55:29,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2269050
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3241949
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3312329



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Ingo\appdata\local\apn"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Ingo\AppData\Roaming\mozilla\firefox\profiles\uuzkwcyk.default\extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com
Successfully deleted: [Folder] C:\Users\Ingo\AppData\Roaming\mozilla\firefox\profiles\uuzkwcyk.default\extensions\staged



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.12.2013 at 17:06:25,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-12-2013 03
Ran by Ingo (administrator) on PITTRUFF on 09-12-2013 17:13:29
Running from C:\Users\Ingo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHXNEHNO
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
() C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PDF Complete Inc) C:\Programme\PDF Complete\pdfsvc.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\SAgent4.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ip-spanntechnik.de/
URLSearchHook: HKLM - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
URLSearchHook: HKLM - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
BHO: No Name - {66b103a7-d772-4fcd-ace4-16f79a9056e0} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Ingo\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} -  No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default
FF NetworkProxy: "type", 0
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Shiny Profile - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c998d1a847b082; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-27] (Google Inc.)
R3 hpqcxs08; C:\Program Files\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [299008 2002-02-14] (Lexmark International, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 pdfcDispatcher; C:\Programme\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 StatusAgent4; C:\Windows\system32\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AfwCore; C:\Windows\system32\Drivers\AfwCore.sys [263192 2008-11-11] (Agnitum Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2010-12-09] (Broadcom Corporation.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 OlyUsbCam; system32\DRIVERS\OlyUsbCam.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 17:06 - 2013-12-09 17:06 - 00001462 _____ C:\Users\Ingo\Desktop\JRT.txt
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 15:53 - 2013-12-09 16:43 - 00000000 ___DC C:\AdwCleaner
2013-12-09 15:49 - 2013-12-09 15:49 - 00000225 _____ C:\Users\Ingo\Desktop\Addition.txt
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 16:41 - 2013-12-03 15:25 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-08 16:41 - 2013-12-03 15:25 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:44 - 2013-12-04 09:45 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:43 - 2013-12-08 19:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-03 18:20 - 2013-12-04 07:21 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 17:27 - 2013-12-03 18:14 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:17 - 2013-12-03 17:26 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 17:07 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-02 12:20 - 2013-12-02 12:23 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:16 - 2013-12-02 12:19 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:11 - 2013-12-02 12:13 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:05 - 2013-12-02 12:11 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:49 - 2013-12-02 11:56 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:46 - 2013-12-02 11:57 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:44 - 2013-12-02 11:54 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:34 - 2013-12-02 11:38 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:32 - 2013-12-02 11:37 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:22 - 2013-12-02 11:26 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:15 - 2013-12-02 11:17 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra  .mp4
2013-12-02 11:07 - 2013-12-02 11:12 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 10:58 - 2013-12-02 11:06 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 10:53 - 2013-12-02 11:02 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:46 - 2013-12-02 10:50 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:37 - 2013-12-02 10:44 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:29 - 2013-12-02 10:41 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra  .mp4
2013-12-02 10:25 - 2013-12-02 10:34 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:23 - 2013-12-02 10:32 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:06 - 2013-12-02 10:09 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:00 - 2013-12-02 10:04 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 09:57 - 2013-12-02 10:02 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:50 - 2013-12-02 09:55 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-30 16:23 - 2013-12-03 08:38 - 00000000 ____D C:\Program Files\Re-markit
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-22 11:21 - 2013-12-05 09:53 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2013-12-08 17:20 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 12:06 - 2013-12-09 16:11 - 00151428 _____ C:\Windows\PFRO.log
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-15 11:16 - 2013-08-21 05:31 - 00182680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-15 11:16 - 2013-08-21 05:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-13 08:04 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 08:04 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 08:04 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 08:04 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 08:04 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 08:04 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 08:04 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 08:04 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 08:04 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 08:04 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 08:04 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 08:04 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 08:04 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 08:04 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 07:50 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:49 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:49 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:49 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 07:49 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-09 17:10 - 2008-08-28 06:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-09 17:06 - 2013-12-09 17:06 - 00001462 _____ C:\Users\Ingo\Desktop\JRT.txt
2013-12-09 16:56 - 2008-11-10 18:47 - 01545880 _____ C:\Windows\WindowsUpdate.log
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 16:54 - 2011-04-03 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-09 16:54 - 2006-11-02 11:33 - 01576246 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 16:50 - 2008-08-28 05:28 - 01072883 _____ C:\ProgramData\nvModes.001
2013-12-09 16:50 - 2008-08-28 05:22 - 01072883 _____ C:\ProgramData\nvModes.dat
2013-12-09 16:49 - 2009-06-30 16:49 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-09 16:48 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 16:48 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 16:48 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 16:46 - 2008-08-28 03:21 - 00002140 _____ C:\Windows\bthservsdp.dat
2013-12-09 16:46 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-09 16:43 - 2013-12-09 15:53 - 00000000 ___DC C:\AdwCleaner
2013-12-09 16:43 - 2008-12-29 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-09 16:24 - 2009-06-30 16:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 16:23 - 2013-01-09 10:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 16:11 - 2013-11-18 12:06 - 00151428 _____ C:\Windows\PFRO.log
2013-12-09 15:49 - 2013-12-09 15:49 - 00000225 _____ C:\Users\Ingo\Desktop\Addition.txt
2013-12-09 15:46 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-09 15:46 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:34 - 2010-10-11 10:37 - 00000923 _____ C:\Users\Ingo\Desktop\Internet Explorer.lnk
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 14:38 - 2008-12-03 15:59 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-09 14:38 - 2008-11-11 18:40 - 00087040 _____ C:\Users\Ingo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-09 14:16 - 2012-04-26 13:06 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\vlc
2013-12-09 10:02 - 2009-01-02 11:15 - 00000000 ____D C:\Users\Public\Documents\Profi cash
2013-12-09 10:02 - 2006-11-02 11:23 - 00001273 _____ C:\Windows\win.ini
2013-12-09 09:39 - 2008-11-10 19:31 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Adobe
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-09 08:33 - 2010-11-26 16:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\CrashDumps
2013-12-08 22:10 - 2008-12-16 07:18 - 00000000 ____D C:\Windows\Sun
2013-12-08 19:12 - 2013-12-04 09:43 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-08 18:31 - 2013-10-02 16:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AVS4YOU
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\Program Files\MAGIX
2013-12-08 17:37 - 2009-03-08 13:20 - 00000000 ____D C:\Windows\system32\MAGIX
2013-12-08 17:20 - 2013-11-22 11:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:05 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-08 17:17 - 2008-08-28 05:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 17:14 - 2012-12-17 21:09 - 00000000 ____D C:\Program Files\Epson Software
2013-12-08 17:11 - 2008-08-28 12:34 - 00000000 ____D C:\Program Files\HomeCinema
2013-12-08 17:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-08 16:48 - 2009-01-10 16:30 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-08 16:47 - 2011-12-23 11:26 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-08 16:28 - 2006-11-02 13:47 - 00599736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 15:17 - 2009-01-24 12:16 - 00000000 ____D C:\ProgramData\Lexware
2013-12-05 15:16 - 2011-12-08 16:29 - 00000000 ____D C:\ProgramData\BTrieve
2013-12-05 09:53 - 2013-11-22 11:21 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:45 - 2013-12-04 09:44 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:41 - 2013-10-02 16:09 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-12-04 09:41 - 2013-10-02 16:08 - 00000000 ____D C:\Program Files\AVS4YOU
2013-12-04 09:41 - 2008-11-10 18:50 - 00194352 _____ C:\Users\Ingo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-04 07:21 - 2013-12-03 18:20 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 19:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:25 - 2013-10-02 15:19 - 00000136 ____C C:\LxDasi.Log
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 18:14 - 2013-12-03 17:27 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:26 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:25 - 2013-12-03 17:07 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 15:25 - 2013-12-08 16:41 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-03 15:25 - 2013-12-08 16:41 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-03 14:48 - 2013-06-30 17:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Skype
2013-12-03 14:48 - 2012-10-17 19:18 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-03 09:29 - 2013-06-30 17:11 - 00002379 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-03 08:38 - 2013-11-30 16:23 - 00000000 ____D C:\Program Files\Re-markit
2013-12-02 12:23 - 2013-12-02 12:20 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:19 - 2013-12-02 12:16 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:13 - 2013-12-02 12:11 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:11 - 2013-12-02 12:05 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:57 - 2013-12-02 11:46 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:56 - 2013-12-02 11:49 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:54 - 2013-12-02 11:44 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:38 - 2013-12-02 11:34 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:37 - 2013-12-02 11:32 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:26 - 2013-12-02 11:22 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:17 - 2013-12-02 11:15 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra  .mp4
2013-12-02 11:12 - 2013-12-02 11:07 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 11:06 - 2013-12-02 10:58 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 11:02 - 2013-12-02 10:53 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:50 - 2013-12-02 10:46 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:44 - 2013-12-02 10:37 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:41 - 2013-12-02 10:29 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra  .mp4
2013-12-02 10:34 - 2013-12-02 10:25 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:32 - 2013-12-02 10:23 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:09 - 2013-12-02 10:06 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:04 - 2013-12-02 10:00 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 10:02 - 2013-12-02 09:57 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:55 - 2013-12-02 09:50 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-30 16:24 - 2010-10-11 09:40 - 00001940 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-30 16:24 - 2008-11-10 18:49 - 00001165 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 20:08 - 2012-10-17 19:18 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:08 - 2012-10-17 19:18 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-25 08:30 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-11-25 07:57 - 2012-01-06 12:08 - 00000000 ____D C:\Users\Ingo\Documents\Steuerfälle
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2008-11-10 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Local\Google
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:55 - 2009-01-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 09:45 - 2013-11-18 09:45 - 00029966 _____ C:\Users\Ingo\Desktop\Registry sicherung 18.11.13.reg
2013-11-18 09:16 - 2009-09-24 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\FileZilla
2013-11-17 09:37 - 2013-06-30 17:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 09:36 - 2013-06-30 17:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-15 09:45 - 2008-11-16 12:35 - 00000000 ____D C:\Users\Ingo\AppData\Local\Adobe
2013-11-15 09:40 - 2012-04-11 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-15 09:40 - 2011-06-10 07:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-13 10:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-13 08:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-13 08:02 - 2013-07-18 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 07:51 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Ingo\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Ingo\AppData\Local\Temp\avgnt.exe
C:\Users\Ingo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ingo\AppData\Local\Temp\bassmod.dll
C:\Users\Ingo\AppData\Local\Temp\install_helper.exe
C:\Users\Ingo\AppData\Local\Temp\Quarantine.exe
C:\Users\Ingo\AppData\Local\Temp\SHSetup.exe
C:\Users\Ingo\AppData\Local\Temp\Softonic_chr_1-8-28-14_cn_sign.exe
C:\Users\Ingo\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Ingo\AppData\Local\Temp\v2ayuhj3.dll
C:\Users\Ingo\AppData\Local\Temp\_is7A8C.exe
C:\Users\Ingo\AppData\Local\Temp\_isFC11.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-09 16:58

==================== End Of Log ============================
--- --- ---



Mit freundlich Grüßen,

Stefan

schrauber 11.12.2013 11:51
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
  • Starte die sc-cleaner.exe mit einem Doppelclick.
  • Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
  • Eine Logdatei wird sich öffnen (sc-cleaner.txt).
  • Poste den Inhalt mit deiner nächsten Antwort.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Stefan_P 12.12.2013 17:00
Hallo,

Ich habe alles wie beschrieben ausgeführt.

Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows Vista (TM) Home Premium Service Pack 2
Program started at: 12/11/2013 03:32:09 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\

* Shortcut Cleaned: C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065

* Shortcut Cleaned: C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk => C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065

* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065

Searching C:\Users\Ingo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

* Shortcut Cleaned: C:\Users\Public\Desktop\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.nationzoom.com/?type=sc&ts=1385825039&from=tugs&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE608S1106511065

Searching C:\Users\Ingo\Desktop


5 bad shortcuts found.

Program finished at: 12/11/2013 03:32:26 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=836f510cdb40ae4ca03c9ccad2304a33
# engine=16229
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-12 03:40:04
# local_time=2013-12-12 04:40:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 97 46595 252242894 46298 0
# compatibility_mode=5892 16776574 100 100 36418069 224352332 0 0
# scanned=501008
# found=5
# cleaned=0
# scan_time=46207
sh=03A03606024702BB364ED99F5D930D265979FB8C ft=1 fh=cf8a43385da48423 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\Local\Temp\Temporary files\software\Re-markit_2040-2081.exe"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\Local\Temp\{5A81B184-1BCD-4924-9ADB-C565045F01C2}\setup.exe"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\Local\Temp\{827C5DE7-C84B-47AC-96E8-838D81CDBEC3}\setup.exe"
sh=66F508779116D26A5D4D88F2A26BF33A77784527 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Ingo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5f9fb050-1cf7f760"
sh=E9C427E074AE8F4CD8A35F66AB46B53C4F3651BF ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.QFQ trojan" ac=I fn="C:\Users\Ingo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\6de5c2ec-3675ef14"




Results of screen317's Security Check version 0.99.77
Windows Vista Service Pack 2 x86 (UAC is disabled!)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
CCleaner
Java 7 Update 9
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.3 Adobe Reader out of Date!
Mozilla Firefox (3.6.10) Firefox out of Date!
Mozilla Thunderbird (2.0.0 Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2013
Ran by Ingo (administrator) on PITTRUFF on 12-12-2013 10:17:43
Running from C:\Users\Ingo\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
() C:\Windows\System32\LEXPPS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PDF Complete Inc) C:\Programme\PDF Complete\pdfsvc.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\SAgent4.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Program Files\Profi cash\wpc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\buchhalter\2013\Pcbh32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Ingo\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ip-spanntechnik.de/
URLSearchHook: HKLM - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
URLSearchHook: HKLM - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Speed Test Analysis - {310D38FE-EB4C-467C-8781-B7C2AEB7847D} - C:\Program Files\Speed Test Analysis\ScriptHost.dll (SpeedAnalysis.com)
BHO: No Name - {66b103a7-d772-4fcd-ace4-16f79a9056e0} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} -  No File
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\Ingo\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} -  No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default
FF NetworkProxy: "type", 0
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Shiny Profile - C:\Users\Ingo\AppData\Roaming\Mozilla\Firefox\Profiles\uuzkwcyk.default\Extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c998d1a847b082; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-27] (Google Inc.)
R3 hpqcxs08; C:\Program Files\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [299008 2002-02-14] (Lexmark International, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [304688 2008-08-04] (EgisTec Inc.)
R2 pdfcDispatcher; C:\Programme\PDF Complete\pdfsvc.exe [540184 2007-08-07] (PDF Complete Inc)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-29] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 StatusAgent4; C:\Windows\system32\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AfwCore; C:\Windows\system32\Drivers\AfwCore.sys [263192 2008-11-11] (Agnitum Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2010-12-09] (Broadcom Corporation.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-08-04] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-08-04] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-08-04] (Egis Incorporated.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 OlyUsbCam; system32\DRIVERS\OlyUsbCam.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-12 10:16 - 2013-12-12 10:18 - 00014036 _____ C:\Users\Ingo\Downloads\FRST.txt
2013-12-12 10:06 - 2013-12-12 10:07 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST (1).exe
2013-12-12 10:02 - 2013-12-12 10:02 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST.exe
2013-12-12 07:54 - 2013-12-12 07:55 - 00891200 _____ C:\Users\Ingo\Downloads\SecurityCheck.exe
2013-12-11 15:40 - 2013-12-11 15:44 - 02347384 _____ (ESET) C:\Users\Ingo\Downloads\esetsmartinstaller_enu.exe
2013-12-11 15:39 - 2013-12-12 10:14 - 00000000 ____D C:\Users\Ingo\Desktop\Virus
2013-12-11 15:32 - 2013-12-11 15:32 - 00004536 ____C C:\sc-cleaner.txt
2013-12-11 15:31 - 2013-12-11 15:32 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Ingo\Downloads\sc-cleaner.exe
2013-12-11 08:24 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 08:24 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 08:24 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 08:24 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 08:24 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 08:24 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 08:24 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 08:24 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 08:24 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 08:24 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 08:24 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 08:24 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 08:24 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 08:24 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 08:24 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 08:24 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 08:22 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 08:22 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 08:22 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 08:22 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 08:22 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 08:22 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 08:22 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 08:22 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 08:22 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 08:21 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-09 17:26 - 2013-12-09 17:26 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 15:53 - 2013-12-09 16:43 - 00000000 ___DC C:\AdwCleaner
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 16:41 - 2013-12-03 15:25 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-08 16:41 - 2013-12-03 15:25 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:44 - 2013-12-04 09:45 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:43 - 2013-12-08 19:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-03 18:55 - 2013-12-09 15:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-03 18:20 - 2013-12-04 07:21 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 17:27 - 2013-12-03 18:14 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:17 - 2013-12-03 17:26 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 17:07 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-02 12:20 - 2013-12-02 12:23 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:16 - 2013-12-02 12:19 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:11 - 2013-12-02 12:13 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:05 - 2013-12-02 12:11 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:49 - 2013-12-02 11:56 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:46 - 2013-12-02 11:57 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:44 - 2013-12-02 11:54 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:34 - 2013-12-02 11:38 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:32 - 2013-12-02 11:37 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:22 - 2013-12-02 11:26 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:15 - 2013-12-02 11:17 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra  .mp4
2013-12-02 11:07 - 2013-12-02 11:12 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 10:58 - 2013-12-02 11:06 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 10:53 - 2013-12-02 11:02 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:46 - 2013-12-02 10:50 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:37 - 2013-12-02 10:44 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:29 - 2013-12-02 10:41 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra  .mp4
2013-12-02 10:25 - 2013-12-02 10:34 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:23 - 2013-12-02 10:32 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:06 - 2013-12-02 10:09 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:00 - 2013-12-02 10:04 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 09:57 - 2013-12-02 10:02 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:50 - 2013-12-02 09:55 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-30 16:23 - 2013-12-03 08:38 - 00000000 ____D C:\Program Files\Re-markit
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-22 11:21 - 2013-12-05 09:53 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2013-12-08 17:20 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 12:06 - 2013-12-09 16:11 - 00151428 _____ C:\Windows\PFRO.log
2013-11-15 11:16 - 2013-08-21 05:31 - 00182680 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-15 11:16 - 2013-08-21 05:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-13 07:50 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:49 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:49 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:49 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-13 07:49 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-12 10:18 - 2013-12-12 10:16 - 00014036 _____ C:\Users\Ingo\Downloads\FRST.txt
2013-12-12 10:15 - 2008-08-28 06:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-12 10:14 - 2013-12-11 15:39 - 00000000 ____D C:\Users\Ingo\Desktop\Virus
2013-12-12 10:07 - 2013-12-12 10:06 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST (1).exe
2013-12-12 10:02 - 2013-12-12 10:02 - 01060373 _____ (Farbar) C:\Users\Ingo\Downloads\FRST.exe
2013-12-12 09:49 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 09:49 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 09:24 - 2009-06-30 16:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 09:23 - 2013-01-09 10:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 08:55 - 2009-01-24 12:16 - 00000000 ____D C:\ProgramData\Lexware
2013-12-12 08:55 - 2008-11-10 18:47 - 01698796 _____ C:\Windows\WindowsUpdate.log
2013-12-12 08:54 - 2008-08-28 05:28 - 01072883 _____ C:\ProgramData\nvModes.001
2013-12-12 08:54 - 2008-08-28 05:22 - 01072883 _____ C:\ProgramData\nvModes.dat
2013-12-12 08:14 - 2009-01-02 11:15 - 00000000 ____D C:\Users\Public\Documents\Profi cash
2013-12-12 07:55 - 2013-12-12 07:54 - 00891200 _____ C:\Users\Ingo\Downloads\SecurityCheck.exe
2013-12-12 00:24 - 2009-06-30 16:49 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 16:23 - 2012-04-11 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 16:23 - 2011-06-10 07:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 16:01 - 2011-12-08 16:29 - 00000000 ____D C:\ProgramData\BTrieve
2013-12-11 15:44 - 2013-12-11 15:40 - 02347384 _____ (ESET) C:\Users\Ingo\Downloads\esetsmartinstaller_enu.exe
2013-12-11 15:36 - 2006-11-02 11:33 - 01576246 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 15:32 - 2013-12-11 15:32 - 00004536 ____C C:\sc-cleaner.txt
2013-12-11 15:32 - 2013-12-11 15:31 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Ingo\Downloads\sc-cleaner.exe
2013-12-11 15:32 - 2010-10-11 09:40 - 00001728 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-11 15:32 - 2008-11-10 18:49 - 00000953 _____ C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 10:21 - 2010-07-02 18:29 - 00000000 ____D C:\Users\Ingo\AppData\Local\Paint.NET
2013-12-11 09:42 - 2009-03-17 08:32 - 00002713 _____ C:\Users\Ingo\Desktop\CorelDRAW Essentials 3.lnk
2013-12-11 09:27 - 2011-04-03 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-11 09:22 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 09:18 - 2006-11-02 13:47 - 00599736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 09:16 - 2008-08-28 03:21 - 00002140 _____ C:\Windows\bthservsdp.dat
2013-12-11 09:16 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-11 09:15 - 2008-08-28 05:26 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-11 09:12 - 2006-11-02 11:23 - 00001273 _____ C:\Windows\win.ini
2013-12-11 08:33 - 2013-07-18 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 08:26 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-10 11:14 - 2010-11-26 16:12 - 00000000 ____D C:\Users\Ingo\AppData\Local\CrashDumps
2013-12-09 17:26 - 2013-12-09 17:26 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 16:55 - 2013-12-09 16:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-09 16:43 - 2013-12-09 15:53 - 00000000 ___DC C:\AdwCleaner
2013-12-09 16:43 - 2008-12-29 17:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-09 16:11 - 2013-11-18 12:06 - 00151428 _____ C:\Windows\PFRO.log
2013-12-09 15:46 - 2013-12-03 18:55 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-09 15:46 - 2013-12-03 18:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-09 15:39 - 2013-12-09 15:39 - 00000000 ___DC C:\FRST
2013-12-09 15:34 - 2010-10-11 10:37 - 00000923 _____ C:\Users\Ingo\Desktop\Internet Explorer.lnk
2013-12-09 15:05 - 2013-12-09 15:05 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-09 14:38 - 2008-12-03 15:59 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-09 14:38 - 2008-11-11 18:40 - 00087040 _____ C:\Users\Ingo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-09 14:16 - 2012-04-26 13:06 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\vlc
2013-12-09 09:39 - 2008-11-10 19:31 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Adobe
2013-12-09 08:45 - 2013-12-09 08:45 - 00000000 ____D C:\Users\Ingo\Documents\Any Video Converter
2013-12-08 22:10 - 2008-12-16 07:18 - 00000000 ____D C:\Windows\Sun
2013-12-08 19:12 - 2013-12-04 09:43 - 00000000 ____D C:\Users\Ingo\AppData\Local\Plus-HD-4.9
2013-12-08 18:31 - 2013-10-02 16:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AVS4YOU
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 17:37 - 2009-03-08 13:22 - 00000000 ____D C:\Program Files\MAGIX
2013-12-08 17:37 - 2009-03-08 13:20 - 00000000 ____D C:\Windows\system32\MAGIX
2013-12-08 17:20 - 2013-11-22 11:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:05 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\DVDVideoSoft
2013-12-08 17:20 - 2011-12-21 18:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-08 17:17 - 2008-08-28 05:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-08 17:14 - 2012-12-17 21:09 - 00000000 ____D C:\Program Files\Epson Software
2013-12-08 17:11 - 2008-08-28 12:34 - 00000000 ____D C:\Program Files\HomeCinema
2013-12-08 17:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-08 16:48 - 2009-01-10 16:30 - 00000000 ____D C:\Program Files\ArcSoft
2013-12-08 16:47 - 2011-12-23 11:26 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2013-12-05 09:53 - 2013-11-22 11:21 - 00001036 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-04 11:45 - 2013-12-04 11:45 - 00000000 ____D C:\Users\Ingo\Documents\AVS4YOU
2013-12-04 09:45 - 2013-12-04 09:44 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\speedtest137
2013-12-04 09:41 - 2013-10-02 16:09 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-12-04 09:41 - 2013-10-02 16:08 - 00000000 ____D C:\Program Files\AVS4YOU
2013-12-04 09:41 - 2008-11-10 18:50 - 00194352 _____ C:\Users\Ingo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 09:39 - 2013-12-04 09:39 - 00000998 _____ C:\Users\Ingo\Desktop\AVS Video Editor.lnk
2013-12-04 07:21 - 2013-12-03 18:20 - 00000000 ____D C:\Program Files\Speed Test Analysis
2013-12-03 19:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Malwarebytes
2013-12-03 18:55 - 2013-12-03 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 18:25 - 2013-10-02 15:19 - 00000136 ____C C:\LxDasi.Log
2013-12-03 18:20 - 2013-12-03 18:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\SpeedTestAnalysis
2013-12-03 18:14 - 2013-12-03 17:27 - 00000000 ____D C:\Users\Ingo\Documents\Any DVD Converter Professional
2013-12-03 17:26 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\AnvSoft
2013-12-03 17:25 - 2013-12-03 17:25 - 00001090 _____ C:\Users\Ingo\Desktop\Any DVD Converter Professional.lnk
2013-12-03 17:25 - 2013-12-03 17:07 - 00000000 ____D C:\Program Files\AnvSoft
2013-12-03 17:08 - 2013-12-03 17:08 - 00001010 _____ C:\Users\Ingo\Desktop\Any Video Converter 5.lnk
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\Ingo\AppData\Local\WMTools Downloaded Files
2013-12-03 16:38 - 2013-12-03 16:38 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2013-12-03 15:25 - 2013-12-08 16:41 - 00716360 _____ (MindSpark) C:\Program Files\8hUninstall Allin1Convert.dll
2013-12-03 15:25 - 2013-12-08 16:41 - 00190856 _____ () C:\Program Files\8hres.dll
2013-12-03 14:48 - 2013-06-30 17:11 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Skype
2013-12-03 14:48 - 2012-10-17 19:18 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-03 12:34 - 2013-12-03 12:34 - 01910286 _____ C:\Users\Ingo\Downloads\131025_Ferrero_DU_CU_III_1121305_15sec.flv
2013-12-03 12:33 - 2013-12-03 12:33 - 02563070 _____ C:\Users\Ingo\Downloads\131120_Ferrero_FK_Christmas_WichtelnII_1031306_20s.flv
2013-12-03 12:32 - 2013-12-03 12:32 - 02596088 _____ C:\Users\Ingo\Downloads\Ferrero_KinderSchokoBons_MusicalChairs_20s_.flv
2013-12-03 09:29 - 2013-06-30 17:11 - 00002379 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-03 08:38 - 2013-11-30 16:23 - 00000000 ____D C:\Program Files\Re-markit
2013-12-02 12:23 - 2013-12-02 12:20 - 30939666 _____ C:\Users\Ingo\Downloads\Learn The Secrets.mp4
2013-12-02 12:19 - 2013-12-02 12:16 - 49593372 _____ C:\Users\Ingo\Downloads\Eat.mp4
2013-12-02 12:13 - 2013-12-02 12:11 - 36741315 _____ C:\Users\Ingo\Downloads\Sensual Hands On Cock.mp4
2013-12-02 12:11 - 2013-12-02 12:05 - 49581300 _____ C:\Users\Ingo\Downloads\Yoni Massage .mp4
2013-12-02 11:57 - 2013-12-02 11:46 - 39770405 _____ C:\Users\Ingo\Downloads\Pool .mp4
2013-12-02 11:56 - 2013-12-02 11:49 - 64022692 _____ C:\Users\Ingo\Downloads\Kamasutra Anal .mp4
2013-12-02 11:54 - 2013-12-02 11:44 - 34434165 _____ C:\Users\Ingo\Downloads\Tantra Massage .mp4
2013-12-02 11:38 - 2013-12-02 11:34 - 30991557 _____ C:\Users\Ingo\Downloads\Cock Massage .mp4
2013-12-02 11:37 - 2013-12-02 11:32 - 31335138 _____ C:\Users\Ingo\Downloads\Hot Tao Massage .mp4
2013-12-02 11:26 - 2013-12-02 11:22 - 31864408 _____ C:\Users\Ingo\Downloads\Kamasutra Part 6 anal .mp4
2013-12-02 11:17 - 2013-12-02 11:15 - 28748676 _____ C:\Users\Ingo\Downloads\Kamsutra  .mp4
2013-12-02 11:12 - 2013-12-02 11:07 - 42208226 _____ C:\Users\Ingo\Downloads\Cunnilingus .mp4
2013-12-02 11:06 - 2013-12-02 10:58 - 36056506 _____ C:\Users\Ingo\Downloads\Vagina Massage .mp4
2013-12-02 11:02 - 2013-12-02 10:53 - 44661675 _____ C:\Users\Ingo\Downloads\Stellungen .mp4
2013-12-02 10:50 - 2013-12-02 10:46 - 48031261 _____ C:\Users\Ingo\Downloads\Fellatio Indian .mp4
2013-12-02 10:44 - 2013-12-02 10:37 - 46121383 _____ C:\Users\Ingo\Downloads\Prostata Massage .mp4
2013-12-02 10:41 - 2013-12-02 10:29 - 48431059 _____ C:\Users\Ingo\Downloads\Kamasutra  .mp4
2013-12-02 10:34 - 2013-12-02 10:25 - 49139834 _____ C:\Users\Ingo\Downloads\Lingam relaxation .mp4
2013-12-02 10:32 - 2013-12-02 10:23 - 49839213 _____ C:\Users\Ingo\Downloads\Penis self relaxation .mp4
2013-12-02 10:09 - 2013-12-02 10:06 - 50062056 _____ C:\Users\Ingo\Downloads\Fellatio Master.mp4
2013-12-02 10:04 - 2013-12-02 10:00 - 28359432 _____ C:\Users\Ingo\Downloads\Kamasutra Part 4 .mp4
2013-12-02 10:02 - 2013-12-02 09:57 - 45582178 _____ C:\Users\Ingo\Downloads\Kamasutra .mp4
2013-12-02 09:55 - 2013-12-02 09:50 - 49459434 _____ C:\Users\Ingo\Downloads\Kamasutra 2.mp4
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\ShinyProfile
2013-12-02 09:36 - 2013-12-02 09:36 - 00000000 ____D C:\Users\Ingo\AppData\Local\C
2013-11-26 20:08 - 2012-10-17 19:18 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:08 - 2012-10-17 19:18 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setuperr.log
2013-11-26 19:50 - 2013-11-26 19:50 - 00000000 _____ C:\Windows\setupact.log
2013-11-26 18:58 - 2013-11-26 18:58 - 106323794 _____ C:\Windows\system32\鄁瀧ᴼ¦
2013-11-25 08:30 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-11-25 07:57 - 2012-01-06 12:08 - 00000000 ____D C:\Users\Ingo\Documents\Steuerfälle
2013-11-22 11:21 - 2013-11-22 11:21 - 00002015 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2013-11-22 11:19 - 2008-11-10 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Local\Google
2013-11-21 07:51 - 2013-11-21 07:51 - 105457292 _____ C:\Windows\system32\�ᴼ¦
2013-11-20 16:55 - 2013-11-20 16:55 - 00159848 _____ C:\Windows\Minidump\Mini112013-01.dmp
2013-11-20 16:55 - 2009-01-23 11:36 - 00000000 ____D C:\Windows\Minidump
2013-11-20 16:54 - 2013-11-20 16:54 - 404709609 _____ C:\Windows\MEMORY.DMP
2013-11-20 15:05 - 2008-11-10 18:49 - 00000000 ____D C:\Users\Ingo
2013-11-20 15:02 - 2013-11-20 15:02 - 105361780 _____ C:\Windows\system32\�ᴼx
2013-11-18 09:16 - 2009-09-24 18:50 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\FileZilla
2013-11-17 09:37 - 2013-06-30 17:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 09:36 - 2013-06-30 17:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-15 09:45 - 2008-11-16 12:35 - 00000000 ____D C:\Users\Ingo\AppData\Local\Adobe
2013-11-15 00:13 - 2013-12-11 08:24 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 23:50 - 2013-12-11 08:24 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 23:50 - 2013-12-11 08:24 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 23:43 - 2013-12-11 08:24 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 23:42 - 2013-12-11 08:24 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 23:42 - 2013-12-11 08:24 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 23:41 - 2013-12-11 08:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 23:40 - 2013-12-11 08:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 23:38 - 2013-12-11 08:24 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 23:38 - 2013-12-11 08:24 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 23:38 - 2013-12-11 08:24 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 23:37 - 2013-12-11 08:24 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 23:36 - 2013-12-11 08:24 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 23:36 - 2013-12-11 08:24 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 23:35 - 2013-12-11 08:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 23:32 - 2013-12-11 08:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 10:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-13 08:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE

Files to move or delete:
====================
C:\Users\Ingo\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Ingo\AppData\Local\Temp\avgnt.exe
C:\Users\Ingo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ingo\AppData\Local\Temp\bassmod.dll
C:\Users\Ingo\AppData\Local\Temp\install_helper.exe
C:\Users\Ingo\AppData\Local\Temp\Quarantine.exe
C:\Users\Ingo\AppData\Local\Temp\SHSetup.exe
C:\Users\Ingo\AppData\Local\Temp\Softonic_chr_1-8-28-14_cn_sign.exe
C:\Users\Ingo\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Ingo\AppData\Local\Temp\v2ayuhj3.dll
C:\Users\Ingo\AppData\Local\Temp\_is7A8C.exe
C:\Users\Ingo\AppData\Local\Temp\_isFC11.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-12 09:33

==================== End Of Log ============================
--- --- ---




Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-12-2013
Ran by Ingo at 2013-12-12 10:19:04
Running from C:\Users\Ingo\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 6.1.1)
6200 (Version: 82.0.242.000)
6200_Help (Version: 82.0.242.000)
6200Trb (Version: 82.0.242.000)
AAVUpdateManager (Version: 18.00.0000)
ACDSee 8 (Version: 8.0.41)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.8)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader X (10.1.3) - Deutsch (Version: 10.1.3)
Adobe Shockwave Player (Version: 11)
Adobe SVG Viewer 3.0 (Version: 3.0)
AFPL Ghostscript 8.54
AFPL Ghostscript Fonts
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
ALDI NORD Bestellsoftware 4.9 (Version: 4.9)
Any DVD Converter Professional 4.6.1
Any Video Converter 5 5.0.3
Avira Free Antivirus (Version: 14.0.1.759)
AVS Media Player 4.2.2.104 (Version: 4.2.2.104)
AVS Video Converter 8 (Version: 8.4.2.541)
AVS Video Editor 6 (Version: 6.3.2.234)
BlackBerry Desktop Software 4.7 (Version: 4.7.0.37)
BufferChm (Version: 140.0.212.000)
CADENAS PARTwebViewer (Version: 1.0.36.7)
CCleaner (Version: 4.04)
Compatibility Pack für 2007 Office System (Version: 12.0.6514.5001)
Corel MediaOne (Version: 2.00.0000)
CorelDRAW Essential Edition 3
CorelDRAW Essential Edition 3 (Version: 3.0)
CrystalDiskInfo 5.6.2 (Version: 5.6.2)
CyberLink MediaShow (Version: 4.1.2014)
CyberLink YouCam (Version: 2.0.1916)
DE (Version: 3.0)
Digital Image (Version: 1.2.0.2)
DVDVideoSoftTB Toolbar (Version: 6.8.5.1)
DWG TrueView 2011 (Version: 18.1.49.0)
ElsterFormular-Upgrade (Version: 13.4.1.10296)
EPSON BX320FW Series Handbuch
EPSON BX320FW Series Netzwerk-Handbuch
EPSON BX320FW Series Printer Uninstall
Epson Event Manager (Version: 2.40.0001)
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EpsonNet Print (Version: 2.4j)
EpsonNet Setup 3.2 (Version: 3.2a)
EURACOM
e-Wörterbücher
Ext2 IFS 1.11a for Windows Vista/2008
Fax (Version: 120.0.194.000)
FileZilla Client 3.2.7.1 (Version: 3.2.7.1)
Firebird SQL Server - MAGIX Edition (Version: 2.0.1.13)
Foxlink Webcam (Version: 5.8.48000.201_WHQL)
Free YouTube Download version 3.2.16.1030 (Version: 3.2.16.1030)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.22.3)
IDA-STEP (HKCU Version: 4.0.12)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
klickTel Fuzzy-Suchindex Juli 2003
klickTel Juli 2003
Lexware buchhalter 2013 (Version: 18.52.00.0375)
Lexware Elster (Version: 13.10.00.0021)
Lexware faktura+auftrag 2009 (Version: 13.51.00.0005)
Lexware Info Service (Version: 2.90.00.0009)
Lexware online banking (Version: 20.00.00.0059)
MAGIX Foto Manager 2008 5.0.0.255 (D) (Version: 5.0.0.255)
MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) (Version: 9.0.2.0)
MAGIX Screenshare 4.3.6.1987 (D) (Version: 4.3.6.1987)
MakeDisc (Version: 3.0.2601)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MEDION MD 41856
MegaView 2008
MegaView3D 2008
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Automated Troubleshooting Services Shim
Microsoft Money 99
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 1.0.30716.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XML Parser (Version: 8.0.7820.0)
Mozilla Firefox (3.6.10) (Version: 3.6.10 (de))
Mozilla Thunderbird (2.0.0.24) (Version: 2.0.0.24 (de))
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Music Editor Free
MyWinLocker 3 (Version: 3.1.20.0)
Nero 8 Essentials (Version: 8.3.124)
neroxml (Version: 1.0.0)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Drivers (Version: 1.10.61.39)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (Version: 9.10.0223)
OLYMPUS Master 2 (Version: 1.0.6)
Paint.NET v3.5.10 (Version: 3.60.0)
PC Inspector File Recovery (Version: 4.0)
PDFCreator (Version: 0.9.6)
PDF-Viewer (Version: 2.0.42.4)
Phase 5 HTML-Editor (Version: 5.6.2)
Presto! PageManager 9.00.11 SE (Version: 9.00.11)
Profi cash
Profi cash international
QuickTime (Version: 7.71.80.42)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5672)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
RedMon - Redirection Port Monitor
Roxio Media Manager (Version: 9.4.052)
Samsung CLX-3170 Series
Samsung Kies (Version: 2.5.3.13043_14)
Samsung Story Album Viewer (Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0)
Scan (Version: 8.1.0.0)
Sceneo AbsolutTV
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
Skype™ 6.10 (Version: 6.10.104)
SmarThru 4
SmarThru PC Fax
Solid Edge V19 (Version: 19.00.0066)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Steuer-Spar-Erklärung 2008 (Version: 13.02.0000)
Steuer-Spar-Erklärung 2009 (Version: 14.01.0000)
Steuer-Spar-Erklärung 2010 (Version: 15.14)
Steuer-Spar-Erklärung 2011 (Version: 16.16)
Steuer-Spar-Erklärung 2012 (Version: 17.12)
Steuer-Spar-Erklärung 2013 (Version: 18.09)
SUPER © Version 2010.bld.37 (Jan 2, 2010) (Version: Version 2010.bld.37 (Jan 2, 2010))
TextBridge Pro 8.0
Toolbox (Version: 82.0.173.000)
TVsweeper 3 (Version: 3.0.3)
Ulead Photo Express 3.0 SE
UnloadSupport (Version: 1.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update Manager (Version: 4.60)
VCRedistSetup (Version: 1.0.0)
VLC media player 2.0.1 (Version: 2.0.1)
WebReg (Version: 140.0.212.017)
WIDCOMM Bluetooth Software (Version: 6.3.0.6800)
Windows Live Fotogalerie (Version: 12.0.1347.0718)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Mail (Version: 12.0.1606.1023)
Windows Live Sign-in Assistant (Version: 5.000.742.2)
Windows Live Writer (Version: 12.0.1370.0325)
WinRAR
Zoner Photo Studio 12 (Version: 12.0.1.7)

==================== Restore Points =========================

25-11-2013 07:28:48 Entfernt STK02N 2.4
25-11-2013 07:42:43 Removed Internet Explorer Toolbar 4.6 by SweetPacks
27-11-2013 07:13:52 Windows Update
29-11-2013 07:11:09 Windows Update
30-11-2013 16:26:12 Removed Snap.Do
30-11-2013 16:28:00 Removed Snap.Do
30-11-2013 16:30:03 Removed Snap.Do
30-11-2013 16:55:44 Removed RENESIS® Player Browser Plugins
03-12-2013 15:44:14 Installed Windows Movie Maker 2.6
03-12-2013 19:03:40 Installed Microsoft Fix it 50195
03-12-2013 19:08:42 Installed Microsoft Fix it 50195
04-12-2013 07:45:22 Windows Update
08-12-2013 15:43:36 Entfernt PhotoImpression
08-12-2013 15:45:33 Entfernt MediaImpression
08-12-2013 15:47:35 Entfernt VideoImpression
08-12-2013 15:49:33 Konfiguriert PhotoNow
08-12-2013 15:51:34 Konfiguriert PowerDirector
08-12-2013 16:05:11 Konfiguriert PowerProducer
08-12-2013 16:16:35 Entfernt Easy Photo Print Plug-in for PMB(Picture Motion BrowserÝâû%
08-12-2013 16:17:23 Removed Epson Event Manager
08-12-2013 16:17:59 Removed Epson Event Manager
08-12-2013 16:23:50 Removed Yahoo Community Smartbar
08-12-2013 16:25:09 Removed Yahoo Community Smartbar
08-12-2013 16:27:07 Removed Yahoo Community Smartbar
08-12-2013 16:32:38 Removed Windows Movie Maker 2.6
09-12-2013 14:05:16 Installed SpyHunter
11-12-2013 07:22:55 Windows Update
12-12-2013 04:33:57 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 11:23 - 2012-07-07 16:29 - 00000791 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BC71857-671D-465F-B500-6599B10B3014} - System32\Tasks\Microsoft\Support\ATS\OAS Integration => C:\Users\Ingo\AppData\Local\Temp\MATS-Temp\IXPglzpxzuw.y2f\MATSWiz.exe
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {9E7C5EF5-74DE-4AA6-B24B-766C4CDF5EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\System32\pla.dll [2008-01-21] (Microsoft Corporation)
Task: {DE448A6E-3775-46A2-B855-A90581ABFD78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {E3289498-7688-49B7-BBC0-EE9CF2E13A92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F33FC516-073F-495D-9B84-AE6CAA931EBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-11-15 15:08 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-06-28 15:36 - 2005-01-06 17:33 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2009-12-16 13:15 - 2007-12-27 16:38 - 00094208 _____ () C:\Windows\System32\SamFaxPort.dll
2007-03-20 14:08 - 2007-03-20 14:08 - 00022723 _____ () C:\Windows\System32\sst1cl3.dll
2012-10-17 19:18 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2008-08-28 13:02 - 2007-05-16 21:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2009-08-19 06:51 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2009-08-23 18:58 - 2009-08-23 18:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-05-27 16:09 - 2008-09-16 19:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2009-03-05 08:01 - 1998-12-14 11:06 - 00163328 _____ () C:\Program Files\Common Files\Xerox Shared\easytb32.dll
2009-03-05 08:01 - 1998-12-14 11:06 - 00034304 _____ () C:\Program Files\Common Files\Xerox Shared\VGFILE.dll
2009-01-02 11:15 - 2000-02-11 15:27 - 00417792 _____ () C:\Program Files\Profi cash\flam32.dll
2009-01-02 11:15 - 2000-10-16 16:27 - 00167936 _____ () C:\Program Files\Profi cash\CRMBSAPW.dll
2009-01-02 11:15 - 2002-09-12 09:29 - 00057344 _____ () C:\Program Files\Profi cash\zlib.dll
2009-01-02 11:15 - 2006-05-09 14:48 - 00056785 _____ () C:\Program Files\Profi cash\mc_acchk.dll
2009-01-02 11:15 - 2003-12-22 09:10 - 00065536 _____ () C:\Program Files\Profi cash\encrypt4.dll
2013-10-16 10:29 - 2013-10-16 10:29 - 00326712 _____ () C:\Program Files\Lexware\buchhalter\2013\BH_DATA130VC8.dll
2013-03-21 15:29 - 2013-03-21 15:29 - 00319032 _____ () C:\Windows\system32\LxDNT100.dll
2013-03-21 15:29 - 2013-03-21 15:29 - 00074808 _____ () C:\Windows\system32\LxDNTvm100.dll
2013-05-07 08:55 - 2013-05-07 08:55 - 00084536 _____ () C:\Program Files\Lexware\buchhalter\2013\LexCheckView.dll
2013-05-07 08:55 - 2013-05-07 08:55 - 00089144 _____ () C:\Program Files\Lexware\buchhalter\2013\LexCheckMini.dll
2013-05-07 08:55 - 2013-05-07 08:55 - 00073272 _____ () C:\Program Files\Lexware\buchhalter\2013\LexCheckDataProviderStd.dll
2009-04-24 07:42 - 2003-07-12 08:54 - 00844288 _____ () C:\Program Files\klickTel\klickTel Juli 2003\ktOutlkA.dll
2009-04-24 07:42 - 2003-07-14 14:58 - 04410880 _____ () C:\Program Files\klickTel\klickTel Juli 2003\ktaddin.dll
2009-04-24 07:38 - 1999-03-02 08:12 - 00372736 _____ () C:\Program Files\klickTel\klickTel Juli 2003\KSDB32.DLL
2013-09-03 14:54 - 2013-09-03 14:54 - 02897280 _____ () C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-09-03 14:54 - 2013-09-03 14:54 - 01446400 _____ () C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 3065.95 MB
Available physical RAM: 1015.18 MB
Total Pagefile: 6332.9 MB
Available Pagefile: 4120.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.52 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:163.89 GB) (Free:48.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Pittruff) (Fixed) (Total:48.83 GB) (Free:8.64 GB) NTFS
Drive e: (RECOVER) (Fixed) (Total:19.76 GB) (Free:3.91 GB) FAT32
Drive f: (IP Spanntechnik) (Fixed) (Total:65.6 GB) (Free:24.78 GB) NTFS
Drive k: (HDDRIVE2GO) (Fixed) (Total:596.02 GB) (Free:179.25 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 8E03B488)
Partition 1: (Active) - (Size=164 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=66 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 596 GB) (Disk ID: 8078AF9B)
Partition 1: (Not Active) - (Size=596 GB) - (Type=0C)

==================== End Of Log ============================




Mit freundlichen Grüßen,

Stefan

schrauber 13.12.2013 16:52
Java, Adobe, Firefox und THunderbird updaten.


Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Stefan_P 16.12.2013 23:07
Hallo,

es hat alles wunderbar geklappt.

Vielen vielen dank für diese schnelle und vorallem gut verständliche Hilfestellung.


Mit freundlichen Grüßen,

Stefan

schrauber 17.12.2013 12:11
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:19 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19