Trojaner-Board - Avira bleibt bei Scan bei shellmon.exe hängen.

Hi,
ich steh was auf dem Schlauch.
Wo steht das mit dem <----ATTENTION?

Olli

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by OH (administrator) on OH-VAIO on 29-03-2014 13:10:14

Running from C:\Users\OH\Downloads\FRST-OlderVersion

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Volkswagen AG) C:\ElsaWin\bin\LcSvrAdm.exe

(Volkswagen AG) C:\ElsaWin\bin\LcSvrDba.exe

(Volkswagen AG) C:\ElsaWin\bin\LcSvrHis.exe

(Volkswagen AG) C:\ElsaWin\bin\LcSvrPas.exe

(Volkswagen AG) C:\ElsaWin\bin\LcSvrSaz.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(ICQ, LLC.) C:\Program Files (x86)\ICQ7.5\ICQ.exe

(Huawei Technologies Co., Ltd.) C:\Users\OH\AppData\Roaming\T-Mobile Internet Manager\ouc.exe

(SWR3.online) C:\Program Files (x86)\RauchFrei\RauchFrei.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

(Microsoft) C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe

(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1357462529\ee\aolsoftware.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe

(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe

(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Volkswagen AG) C:\ElsaWin\bin\LcSvrAuf.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe

(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Microsoft Corporation) C:\Windows\System32\Magnify.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)

HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)

HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [253952 2011-07-06] (Huawei Technologies Co., Ltd.)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-09-28] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [HostManager] - C:\Program Files (x86)\Common Files\AOL\1357462529\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)

HKLM-x32\...\Run: [QuickTime Plugin Install] - C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2013-07-04] ()

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-4989281-2294219093-863846339-1001\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-06-23] (Huawei Technologies Co., Ltd.)

HKU\S-1-5-21-4989281-2294219093-863846339-1001\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7.5\ICQ.exe [124480 2011-08-01] (ICQ, LLC.)

HKU\S-1-5-21-4989281-2294219093-863846339-1001\...\Run: [SWR3RauchFrei] - C:\Program Files (x86)\RauchFrei\RauchFrei.exe [895488 2004-04-07] (SWR3.online)

HKU\S-1-5-21-4989281-2294219093-863846339-1001\...\Run: [HP Officejet 4620 series (NET)] - C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-4989281-2294219093-863846339-1001\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [115544 2014-03-04] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-21-4989281-2294219093-863846339-1001\...\Run: [BrowserMask] - C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe [101328 2012-08-14] (Microsoft)

Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater-PCI.lnk

ShortcutTarget: Ross-Tech VCDS DRV Updater-PCI.lnk -> C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC)

Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater.lnk

ShortcutTarget: Ross-Tech VCDS DRV Updater.lnk -> C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC)

Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk

ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=053113

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {06797DD0-B899-40BB-A36C-BF7F382FD418} URL = hxxp://de.shopping.com/?linkin_id=8056363

SearchScopes: HKCU - {27C0E32C-9041-4E45-9647-D0E3AEBF7103} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}

SearchScopes: HKCU - {6083E34B-C277-41EF-8A48-3CF29E852A36} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll (TODO: <Company name>)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default

FF Homepage: https://www.google.de/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF SearchPlugin: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\searchplugins\aol-search.xml

FF SearchPlugin: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\searchplugins\ashampoo-de-customized-web-search.xml

FF SearchPlugin: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\searchplugins\englische-ergebnisse.xml

FF SearchPlugin: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\searchplugins\gmx-suche.xml

FF SearchPlugin: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\searchplugins\lastminute.xml

FF SearchPlugin: C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\searchplugins\webde-suche.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Garmin Communicator - C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]

FF Extension: WOT - C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-28]

FF Extension: AOL Mail Toolbar - C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\Extensions\{fa1cfe8c-66b4-4469-b360-b60c79d70c28} [2013-09-29]

FF Extension: Adblock Plus - C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-25]

FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-04-27]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-15]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-15]

FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\FF\
 

Chrome: 

=======

CHR DefaultSearchKeyword: bing.com

CHR DefaultSearchProvider: Bing

CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}

CHR DefaultNewTabURL: 

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File

CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File

CHR Extension: (Google Wallet) - C:\Users\OH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
 

==================== Services (Whitelisted) =================
 

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()

R2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1012280 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [910416 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)

S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)

R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [424280 2014-03-04] (Garmin Ltd or its subsidiaries)

R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG)

R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG)

R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG)

R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG)

R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG)

R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)

R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
 

==================== Drivers (Whitelisted) ====================
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2014-02-25] (Avira GmbH)

R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2014-02-25] (Avira GmbH)

R1 avfwot; C:\Windows\SysWOW64\DRIVERS\avfwot.sys [131336 2011-06-28] (Avira GmbH)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2014-02-25] (Avira Operations GmbH & Co. KG)

S2 IWPORT; C:\Windows\SysWOW64\DRIVERS\IWPORT.SYS [8152 2011-06-30] (TDi GmbH TechnoData - Interware)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)

S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech LLC)

S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)

S3 bnsdusb; system32\DRIVERS\bnsdusb.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-03-29 12:57 - 2014-03-29 12:57 - 00000000 ___RD () C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-03-29 12:50 - 2014-03-29 12:50 - 00002062 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-03-29 12:50 - 2014-03-29 12:50 - 00000000 ____D () C:\Users\OH\AppData\Roaming\Avira

2014-03-29 12:49 - 2014-03-29 12:49 - 00000000 ____D () C:\ProgramData\Avira

2014-03-29 12:49 - 2014-03-29 12:49 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-03-29 12:49 - 2014-02-25 11:40 - 00141376 _____ (Avira GmbH) C:\Windows\system32\Drivers\avfwot.sys

2014-03-29 12:49 - 2014-02-25 11:40 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2014-03-29 12:49 - 2014-02-25 11:40 - 00114608 _____ (Avira GmbH) C:\Windows\system32\Drivers\avfwim.sys

2014-03-29 12:49 - 2014-02-25 11:40 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2014-03-29 12:49 - 2014-02-25 11:40 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-03-29 12:49 - 2014-02-25 11:40 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2014-03-29 12:42 - 2014-03-29 12:46 - 152733072 _____ () C:\Users\OH\Downloads\avira_internet_security_de(2).exe

2014-03-29 12:13 - 2014-03-29 12:13 - 00001260 _____ () C:\Users\OH\Desktop\Revo Uninstaller.lnk

2014-03-29 12:13 - 2014-03-29 12:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-03-29 12:09 - 2014-03-29 12:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\OH\Downloads\revosetup95.exe

2014-03-28 22:56 - 2014-03-29 13:10 - 00000000 ____D () C:\FRST

2014-03-28 08:16 - 2014-03-28 08:16 - 00000000 _____ () C:\Windows\SysWOW64\sho7AB0.tmp

2014-03-28 00:19 - 2014-03-28 00:19 - 00526323 _____ () C:\Users\OH\Downloads\web_of_trust_wot-20131118-fx.zip

2014-03-28 00:06 - 2014-03-28 00:06 - 00448512 _____ (OldTimer Tools) C:\Users\OH\Downloads\TFC.exe

2014-03-27 23:25 - 2014-03-27 23:25 - 00452204 _____ () C:\Windows\system32\s000000.dat

2014-03-27 22:09 - 2014-03-27 22:09 - 00000040 _____ () C:\Windows\system32\sstate_prev.sdt

2014-03-27 22:09 - 2014-03-27 22:09 - 00000000 _____ () C:\Windows\system32\sstates.sdt

2014-03-21 21:18 - 2014-03-21 21:20 - 00000000 ____D () C:\Users\OH\Desktop\schiff

2014-03-20 13:14 - 2014-03-21 22:17 - 00157590 _____ () C:\Users\OH\Documents\meinschiff1kanaren.pbf

2014-03-20 13:14 - 2014-03-21 22:17 - 00000000 ____D () C:\Users\OH\Documents\meinschiff1kanaren-Dateien

2014-03-20 11:09 - 2014-03-20 11:09 - 00000000 _____ () C:\Windows\SysWOW64\sho2EE.tmp

2014-03-20 09:16 - 2014-03-29 13:10 - 00000000 ____D () C:\Users\OH\Downloads\FRST-OlderVersion

2014-03-19 09:10 - 2014-03-19 09:10 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask

2014-03-17 08:55 - 2014-03-17 08:55 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2014-03-17 00:55 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-17 00:55 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-17 00:55 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-17 00:55 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-17 00:55 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-17 00:55 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-17 00:55 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-17 00:55 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-17 00:55 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-17 00:55 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-17 00:55 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-17 00:55 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-17 00:55 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-17 00:55 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-17 00:55 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-17 00:55 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-17 00:55 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-17 00:55 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-17 00:55 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-17 00:55 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-17 00:55 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-17 00:55 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-17 00:55 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-17 00:55 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-17 00:55 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-17 00:55 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-17 00:55 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-17 00:55 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-17 00:55 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-17 00:55 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-17 00:55 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-17 00:55 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-17 00:55 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-17 00:55 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-17 00:55 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-17 00:55 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-17 00:55 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-17 00:55 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-17 00:55 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-17 00:55 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-17 00:55 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-17 00:55 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-17 00:55 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-17 00:55 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-17 00:54 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-17 00:54 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-17 00:54 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-17 00:54 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-07 16:44 - 2014-03-07 16:44 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-03-06 14:20 - 2014-03-06 14:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\OH\Desktop\mbam-setup-1.75.0.1300(2).exe

2014-03-04 16:06 - 2014-03-04 16:06 - 00017839 _____ () C:\Users\OH\Documents\Unbenannt 1.odt

2014-03-04 15:21 - 2014-03-04 15:39 - 00000000 ____D () C:\Users\OH\Desktop\scan malwarebytes

2014-03-04 15:11 - 2014-03-04 15:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\OH\Downloads\mbam-setup-1.75.0.1300(1).exe

2014-03-04 11:22 - 2014-03-04 11:22 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk

2014-03-04 10:14 - 2014-03-04 10:15 - 00000000 ____D () C:\Users\OH\Desktop\Vienbank

2014-03-03 14:30 - 2014-03-28 22:10 - 00000316 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job

2014-03-03 14:30 - 2014-03-26 14:30 - 00000324 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job

2014-03-03 14:30 - 2014-03-20 11:26 - 00003182 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner

2014-03-03 14:30 - 2014-03-03 14:30 - 00003058 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_UPDATES

2014-03-03 14:30 - 2014-03-03 14:30 - 00002902 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_DEFAULT

2014-03-03 14:29 - 2014-03-03 14:29 - 00000000 ____D () C:\Users\OH\AppData\Roaming\SuperEasy

2014-03-03 14:27 - 2014-03-03 14:27 - 04786016 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\OH\Downloads\supereasy_registry_cleaner_1.0.0_7987.exe

2014-03-03 14:22 - 2014-03-03 14:23 - 00002046 _____ () C:\Users\OH\Desktop\Entfernen des Avira DE-Cleaners.lnk

2014-03-03 14:22 - 2014-03-03 14:23 - 00001975 _____ () C:\Users\OH\Desktop\Avira DE-Cleaner.lnk

2014-02-28 20:45 - 2014-02-28 20:45 - 00000359 _____ () C:\Users\OH\Desktop\SnipFile-{2383AFC1-A5F6-4473-A46F-874A010C46E3}.HTML
 

==================== One Month Modified Files and Folders =======
 

2014-03-29 13:10 - 2014-03-28 22:56 - 00000000 ____D () C:\FRST

2014-03-29 13:10 - 2014-03-20 09:16 - 00000000 ____D () C:\Users\OH\Downloads\FRST-OlderVersion

2014-03-29 13:07 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-29 13:07 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-29 13:06 - 2012-04-02 21:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-03-29 13:03 - 2011-06-09 18:14 - 01724969 _____ () C:\Windows\WindowsUpdate.log

2014-03-29 12:58 - 2012-12-18 20:48 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-29 12:57 - 2014-03-29 12:57 - 00000000 ___RD () C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-03-29 12:57 - 2012-07-01 17:38 - 00065536 _____ () C:\Windows\system32\Ikeext.etl

2014-03-29 12:56 - 2010-11-21 04:47 - 00791926 _____ () C:\Windows\PFRO.log

2014-03-29 12:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-03-29 12:56 - 2009-07-14 05:51 - 00116871 _____ () C:\Windows\setupact.log

2014-03-29 12:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing

2014-03-29 12:50 - 2014-03-29 12:50 - 00002062 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-03-29 12:50 - 2014-03-29 12:50 - 00000000 ____D () C:\Users\OH\AppData\Roaming\Avira

2014-03-29 12:49 - 2014-03-29 12:49 - 00000000 ____D () C:\ProgramData\Avira

2014-03-29 12:49 - 2014-03-29 12:49 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-03-29 12:46 - 2014-03-29 12:42 - 152733072 _____ () C:\Users\OH\Downloads\avira_internet_security_de(2).exe

2014-03-29 12:40 - 2011-06-09 19:21 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2AD172AF-193F-4FFD-B26F-A47DC864C1B4}

2014-03-29 12:27 - 2012-12-18 20:48 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-29 12:13 - 2014-03-29 12:13 - 00001260 _____ () C:\Users\OH\Desktop\Revo Uninstaller.lnk

2014-03-29 12:13 - 2014-03-29 12:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-03-29 12:09 - 2014-03-29 12:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\OH\Downloads\revosetup95.exe

2014-03-28 22:10 - 2014-03-03 14:30 - 00000316 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job

2014-03-28 13:02 - 2011-06-09 19:21 - 00000000 ____D () C:\Users\OH\Documents\Bluetooth Folder

2014-03-28 08:22 - 2011-06-09 22:07 - 00000000 ____D () C:\Users\OH\AppData\Roaming\ICQ

2014-03-28 08:16 - 2014-03-28 08:16 - 00000000 _____ () C:\Windows\SysWOW64\sho7AB0.tmp

2014-03-28 08:14 - 2013-12-04 23:40 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU

2014-03-28 08:14 - 2013-12-03 19:36 - 00000000 ____D () C:\Users\OH\Desktop\Videobearbeitung

2014-03-28 00:19 - 2014-03-28 00:19 - 00526323 _____ () C:\Users\OH\Downloads\web_of_trust_wot-20131118-fx.zip

2014-03-28 00:06 - 2014-03-28 00:06 - 00448512 _____ (OldTimer Tools) C:\Users\OH\Downloads\TFC.exe

2014-03-27 23:25 - 2014-03-27 23:25 - 00452204 _____ () C:\Windows\system32\s000000.dat

2014-03-27 22:10 - 2011-06-09 19:21 - 00000000 ____D () C:\Users\OH\AppData\Roaming\Atheros

2014-03-27 22:09 - 2014-03-27 22:09 - 00000040 _____ () C:\Windows\system32\sstate_prev.sdt

2014-03-27 22:09 - 2014-03-27 22:09 - 00000000 _____ () C:\Windows\system32\sstates.sdt

2014-03-26 22:35 - 2011-06-20 14:12 - 00000000 ____D () C:\Users\OH\AppData\Local\CrashDumps

2014-03-26 14:30 - 2014-03-03 14:30 - 00000324 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job

2014-03-21 22:17 - 2014-03-20 13:14 - 00157590 _____ () C:\Users\OH\Documents\meinschiff1kanaren.pbf

2014-03-21 22:17 - 2014-03-20 13:14 - 00000000 ____D () C:\Users\OH\Documents\meinschiff1kanaren-Dateien

2014-03-21 21:20 - 2014-03-21 21:18 - 00000000 ____D () C:\Users\OH\Desktop\schiff

2014-03-21 20:09 - 2014-01-12 20:54 - 00000000 ____D () C:\Users\OH\AppData\Local\Apps\2.0

2014-03-20 12:48 - 2011-04-21 07:42 - 00700118 _____ () C:\Windows\system32\perfh007.dat

2014-03-20 12:48 - 2011-04-21 07:42 - 00149968 _____ () C:\Windows\system32\perfc007.dat

2014-03-20 12:48 - 2009-07-14 06:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-20 12:36 - 2014-01-07 14:00 - 00000000 ____D () C:\Program Files (x86)\Lidl_Fotos

2014-03-20 12:26 - 2011-07-14 09:01 - 00025946 _____ () C:\test.xml

2014-03-20 11:26 - 2014-03-03 14:30 - 00003182 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner

2014-03-20 11:09 - 2014-03-20 11:09 - 00000000 _____ () C:\Windows\SysWOW64\sho2EE.tmp

2014-03-20 11:00 - 2013-11-24 09:07 - 00001241 _____ () C:\DelFix.txt

2014-03-20 10:55 - 2013-05-21 22:16 - 00000000 ____D () C:\Windows\erdnt

2014-03-20 08:36 - 2013-07-23 09:07 - 00000000 ____D () C:\Windows\system32\MRT

2014-03-20 08:32 - 2011-06-10 19:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-03-19 09:12 - 2012-02-02 15:48 - 00000000 ____D () C:\ProgramData\Garmin

2014-03-19 09:11 - 2013-03-16 09:50 - 00000000 ____D () C:\ProgramData\Package Cache

2014-03-19 09:11 - 2012-04-08 20:44 - 00000000 ____D () C:\Program Files\DIFX

2014-03-19 09:10 - 2014-03-19 09:10 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask

2014-03-19 09:10 - 2012-02-02 15:44 - 00000000 ____D () C:\Program Files (x86)\Garmin

2014-03-17 14:29 - 2013-07-27 08:11 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-17 10:29 - 2009-07-14 05:45 - 00458032 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-03-17 09:05 - 2012-04-02 21:45 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-17 09:05 - 2012-04-02 21:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-17 08:56 - 2012-04-02 21:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-17 08:55 - 2014-03-17 08:55 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2014-03-17 08:55 - 2012-04-02 21:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-17 08:55 - 2011-06-19 09:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-10 16:55 - 2014-01-12 21:18 - 00000000 ____D () C:\Users\OH\Desktop\Bilder

2014-03-07 16:44 - 2014-03-07 16:44 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-03-06 14:21 - 2013-05-27 04:36 - 00001105 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-06 14:21 - 2013-05-27 04:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-06 14:20 - 2014-03-06 14:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\OH\Desktop\mbam-setup-1.75.0.1300(2).exe

2014-03-05 17:46 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-03-04 16:06 - 2014-03-04 16:06 - 00017839 _____ () C:\Users\OH\Documents\Unbenannt 1.odt

2014-03-04 15:39 - 2014-03-04 15:21 - 00000000 ____D () C:\Users\OH\Desktop\scan malwarebytes

2014-03-04 15:11 - 2014-03-04 15:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\OH\Downloads\mbam-setup-1.75.0.1300(1).exe

2014-03-04 11:22 - 2014-03-04 11:22 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk

2014-03-04 11:22 - 2011-06-13 14:38 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-03-04 11:00 - 2012-04-27 23:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-04 10:15 - 2014-03-04 10:14 - 00000000 ____D () C:\Users\OH\Desktop\Vienbank

2014-03-03 14:30 - 2014-03-03 14:30 - 00003058 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_UPDATES

2014-03-03 14:30 - 2014-03-03 14:30 - 00002902 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_DEFAULT

2014-03-03 14:29 - 2014-03-03 14:29 - 00000000 ____D () C:\Users\OH\AppData\Roaming\SuperEasy

2014-03-03 14:27 - 2014-03-03 14:27 - 04786016 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\OH\Downloads\supereasy_registry_cleaner_1.0.0_7987.exe

2014-03-03 14:23 - 2014-03-03 14:22 - 00002046 _____ () C:\Users\OH\Desktop\Entfernen des Avira DE-Cleaners.lnk

2014-03-03 14:23 - 2014-03-03 14:22 - 00001975 _____ () C:\Users\OH\Desktop\Avira DE-Cleaner.lnk

2014-03-01 07:05 - 2014-03-17 00:55 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-01 06:17 - 2014-03-17 00:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-01 06:16 - 2014-03-17 00:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-01 05:58 - 2014-03-17 00:55 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-01 05:52 - 2014-03-17 00:55 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-01 05:51 - 2014-03-17 00:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-01 05:42 - 2014-03-17 00:55 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-01 05:40 - 2014-03-17 00:55 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-01 05:37 - 2014-03-17 00:55 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-01 05:33 - 2014-03-17 00:55 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-01 05:33 - 2014-03-17 00:55 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-01 05:32 - 2014-03-17 00:55 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-01 05:30 - 2014-03-17 00:55 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-01 05:23 - 2014-03-17 00:55 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-01 05:17 - 2014-03-17 00:55 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-01 05:11 - 2014-03-17 00:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-01 05:02 - 2014-03-17 00:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-01 04:54 - 2014-03-17 00:55 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-01 04:52 - 2014-03-17 00:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-01 04:51 - 2014-03-17 00:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-01 04:47 - 2014-03-17 00:55 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-01 04:43 - 2014-03-17 00:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-01 04:43 - 2014-03-17 00:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-01 04:42 - 2014-03-17 00:55 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-01 04:40 - 2014-03-17 00:55 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-01 04:38 - 2014-03-17 00:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-01 04:37 - 2014-03-17 00:55 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-01 04:35 - 2014-03-17 00:55 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-01 04:18 - 2014-03-17 00:55 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-01 04:16 - 2014-03-17 00:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-01 04:14 - 2014-03-17 00:55 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-01 04:10 - 2014-03-17 00:55 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-01 04:03 - 2014-03-17 00:55 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-01 04:00 - 2014-03-17 00:55 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-01 03:57 - 2014-03-17 00:55 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-01 03:38 - 2014-03-17 00:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-01 03:32 - 2014-03-17 00:55 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-01 03:27 - 2014-03-17 00:55 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-01 03:25 - 2014-03-17 00:55 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-01 03:25 - 2014-03-17 00:55 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-28 20:45 - 2014-02-28 20:45 - 00000359 _____ () C:\Users\OH\Desktop\SnipFile-{2383AFC1-A5F6-4473-A46F-874A010C46E3}.HTML

2014-02-27 09:47 - 2011-06-24 22:51 - 00000000 ____D () C:\Users\OH\AppData\Roaming\Skype
 

Some content of TEMP:

====================

C:\Users\OH\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-21 15:05
 

==================== End Of Log ============================
--- --- ---

--- --- ---