08-Schrauber | 28.07.2014 21:41 | FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Matthias Knödler (administrator) on MATTHIAS on 28-07-2014 22:20:41
Running from C:\Dokumente und Einstellungen\Matthias Knödler\Eigene Dateien\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgwdsvc.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgemcx.exe
(Nero AG) C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Ralink Technology, Corp.) C:\Programme\Hama\Common\RalinkRegistryWriter.exe
(AVG) C:\Programme\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(shbox.de) C:\Programme\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVG) C:\Programme\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(AutoIt Team) C:\Google\AutoIt3.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgui.exe
(DuckLink Software) C:\Programme\DuckLink\DuckCapture\DuckCapture.exe
(Hama GmbH & Co KG) C:\Programme\Hama\Common\RaUI.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\InprocServer32: [Default-wbemess] wbemess.dll ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\Run: [] => [X]
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\Run: [DuckCapture] => C:\Programme\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\Run: [Windows Update] => C:\Google\Windowsupdate.lnk [515 2014-02-04] ()
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\Run: [AdopeUpdate] => C:\Google\GoogleUpdate.lnk [549 2014-02-04] ()
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\Run: [AdopeFlash] => C:\Google\AutoIt3.exe [750320 2012-01-29] (AutoIt Team)
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...\MountPoints2: {5324aaac-6bf9-11e3-9a15-001f1fc3db11} - E:\LaunchU3.exe -a
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-602162358-1580818891-725345543-1003\...409d6c4515e9\InprocServer32: [Default-shell32] shell32.dll ATTENTION! ====> ZeroAccess?
IFEO: [Debugger] "C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\GoogleUpdate.lnk
ShortcutTarget: GoogleUpdate.lnk -> C:\Google\AutoIt3.exe (AutoIt Team)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Hama Wireless LAN Utility.lnk
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Programme\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Update.lnk
ShortcutTarget: Windows Update.lnk -> C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {41B75564-83D0-40D9-AA71-001FFD29C4D7} URL = https://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog9 12 mswsock.dll File Not found ()
Winsock: Catalog9 13 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\Mozilla\Firefox\Profiles\hn2iu7ph.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Garmin\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-11-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Programme\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Programme\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
S4 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-31] (Apple Inc.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2011-09-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2011-09-02] (Google Inc.)
S4 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553288 2014-02-06] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-05-07] (Oracle Corporation)
R2 MBAMScheduler; C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-07-17] (Mozilla Foundation)
R2 Nero BackItUp Scheduler 3; C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
S2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296 2013-01-31] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RalinkRegistryWriter; C:\Programme\Hama\Common\RalinkRegistryWriter.exe [69632 2008-05-12] (Ralink Technology, Corp.) [File not signed]
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [737616 2013-04-18] (Nokia)
S4 StarMoney 9.0 OnlineUpdate; C:\Programme\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 TuneUp.UtilitiesSvc; C:\Programme\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2011-08-21] (Cisco Systems, Inc.) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 oxpar; C:\WINDOWS\System32\DRIVERS\oxpar.sys [76416 2007-01-11] (OEM) [File not signed]
R3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [619136 2008-07-30] (Ralink Technology, Corp.)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1156648 2006-03-20] (SigmaTel, Inc.)
R3 TuneUpUtilitiesDrv; C:\Programme\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-06-23] (TuneUp Software)
S3 esgiguard; \??\C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
S1 iSafeNetFilter; \??\C:\Programme\iSafe\iSafeNetFilter.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-28 22:16 - 2014-07-28 22:20 - 00000000 ____D () C:\FRST
2014-07-28 20:00 - 2014-07-28 20:00 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 20:00 - 2014-07-28 20:00 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware
2014-07-28 20:00 - 2014-07-28 20:00 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes Anti-Malware
2014-07-28 20:00 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-28 20:00 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-28 18:59 - 2014-07-28 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AVG
2014-07-28 18:59 - 2014-07-28 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\AVG
2014-07-26 19:44 - 2014-07-26 19:44 - 00001711 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG PC TuneUp 2014.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00001709 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG 1-Klick-Wartung.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00001705 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG PC TuneUp 2014.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Anwendungsdaten\AVG
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\AVG
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG PC TuneUp 2014
2014-07-26 19:44 - 2014-07-14 12:26 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-07-26 19:42 - 2014-07-26 19:48 - 00000000 __SHD () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-26 19:42 - 2014-07-26 19:45 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG
2014-07-26 19:02 - 2014-07-26 19:02 - 00666459 _____ () C:\WINDOWS\system32\Drivers\Cat.DB
2014-07-26 19:01 - 2014-07-26 20:59 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\PC Tools
2014-07-26 19:01 - 2014-07-26 19:16 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools
2014-07-26 19:01 - 2014-07-26 19:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\TestApp
2014-07-26 19:01 - 2012-11-01 15:35 - 00202280 _____ (PC Tools) C:\WINDOWS\system32\Drivers\PCTSD.sys
2014-07-26 16:51 - 2014-07-26 16:51 - 00000000 ____D () C:\WINDOWS\iskVolumeMinidump
2014-07-26 16:51 - 2014-07-26 16:51 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\eCyber
2014-07-26 16:50 - 2014-07-26 18:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\iSafe
2014-07-24 20:15 - 2014-07-24 20:15 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\AVG2014
2014-07-24 20:14 - 2014-07-24 20:14 - 00000698 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2014.lnk
2014-07-24 20:14 - 2014-07-24 20:14 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2014-07-24 20:13 - 2014-07-26 18:55 - 00000000 ___HD () C:\$AVG
2014-07-24 20:12 - 2014-07-26 19:44 - 00000000 ____D () C:\Programme\AVG
2014-07-24 20:11 - 2014-07-24 20:16 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Anwendungsdaten\Avg2014
2014-07-23 18:31 - 2014-07-23 18:31 - 00002346 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Nero StartSmart Essentials.lnk
2014-07-23 18:31 - 2014-07-23 18:31 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nero 8
2014-07-23 18:30 - 2014-07-23 18:30 - 00001024 _____ () C:\Dokumente und Einstellungen\Matthias Knödler\.rnd
2014-07-23 18:28 - 2014-07-23 18:30 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nero
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\DESIGNER
2014-07-05 09:07 - 2014-07-05 09:08 - 00005540 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-07-05 09:07 - 2014-07-05 09:07 - 00005369 _____ () C:\WINDOWS\KB2378111.log
2014-07-05 09:07 - 2014-07-05 09:07 - 00004170 _____ () C:\WINDOWS\KB954154.log
2014-07-05 09:07 - 2014-07-05 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954154_WM11$
2014-07-05 09:07 - 2014-07-05 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB939683$
2014-07-05 09:06 - 2014-07-05 09:07 - 00008377 _____ () C:\WINDOWS\KB939683.log
2014-07-04 21:46 - 2014-07-04 21:46 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-06-30 12:43 - 2014-06-30 12:43 - 00121624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-06-29 21:46 - 2014-06-29 19:48 - 00000030 _____ () C:\AVScanner.ini
2014-06-29 20:59 - 2014-06-29 20:59 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Java
2014-06-29 20:59 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-29 20:59 - 2014-05-07 14:42 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-06-29 20:58 - 2014-06-29 20:58 - 00004487 _____ () C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log
2014-06-29 20:58 - 2014-06-29 20:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-06-29 20:58 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-29 20:58 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-29 20:58 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-28 22:20 - 2014-07-28 22:16 - 00000000 ____D () C:\FRST
2014-07-28 22:20 - 2011-08-21 15:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Temp
2014-07-28 22:18 - 2011-08-21 15:37 - 01903532 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-28 22:17 - 2011-08-21 16:32 - 00000000 ___RD () C:\Programme
2014-07-28 22:13 - 2014-06-11 19:00 - 00000000 _RSHD () C:\Google
2014-07-28 22:07 - 2014-06-11 19:01 - 00000637 _____ () C:\WINDOWS\WINDOWS.lnk
2014-07-28 22:07 - 2011-08-21 20:51 - 00000000 ____D () C:\TEMP
2014-07-28 22:06 - 2004-08-04 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-28 22:05 - 2014-03-14 22:22 - 00000244 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
2014-07-28 22:05 - 2011-09-02 19:04 - 00001106 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 22:05 - 2011-08-21 16:34 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-28 22:05 - 2011-08-21 16:34 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-28 22:05 - 2011-08-21 15:41 - 00032644 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-28 22:05 - 2011-08-21 15:41 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-28 20:21 - 2012-11-27 21:19 - 00131072 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-07-28 20:21 - 2011-08-21 15:42 - 00000300 ___SH () C:\Dokumente und Einstellungen\Matthias Knödler\ntuser.ini
2014-07-28 20:21 - 2011-08-21 15:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler
2014-07-28 20:00 - 2014-07-28 20:00 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 20:00 - 2014-07-28 20:00 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware
2014-07-28 20:00 - 2014-07-28 20:00 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes Anti-Malware
2014-07-28 20:00 - 2011-08-21 16:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-07-28 19:32 - 2011-09-02 19:04 - 00001110 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 19:02 - 2014-06-14 15:17 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2014-07-28 18:59 - 2014-07-28 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AVG
2014-07-28 18:59 - 2014-07-28 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\AVG
2014-07-28 18:56 - 2012-09-08 20:03 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2014-07-27 11:12 - 2012-09-08 20:03 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2014-07-27 10:37 - 2012-11-27 23:48 - 00586915 _____ () C:\WINDOWS\setupapi.log
2014-07-27 09:24 - 2011-08-21 16:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2014-07-27 09:11 - 2013-08-31 18:44 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2014-07-26 21:08 - 2014-06-18 20:05 - 00000000 ____D () C:\Programme\Mozilla Firefox
2014-07-26 21:08 - 2013-08-31 18:44 - 00000702 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
2014-07-26 21:08 - 2013-08-31 18:44 - 00000696 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
2014-07-26 21:02 - 2012-11-28 00:09 - 00007023 _____ () C:\WINDOWS\setupact.log
2014-07-26 20:59 - 2014-07-26 19:01 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\PC Tools
2014-07-26 19:48 - 2014-07-26 19:42 - 00000000 __SHD () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-26 19:48 - 2011-08-21 15:42 - 00000000 ___RD () C:\Dokumente und Einstellungen\Matthias Knödler\Startmenü
2014-07-26 19:45 - 2014-07-26 19:42 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG
2014-07-26 19:44 - 2014-07-26 19:44 - 00001711 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG PC TuneUp 2014.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00001709 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG 1-Klick-Wartung.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00001705 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG PC TuneUp 2014.lnk
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Anwendungsdaten\AVG
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\AVG
2014-07-26 19:44 - 2014-07-26 19:44 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG PC TuneUp 2014
2014-07-26 19:44 - 2014-07-24 20:12 - 00000000 ____D () C:\Programme\AVG
2014-07-26 19:43 - 2012-11-27 21:18 - 00000000 ____D () C:\Programme\TuneUp Utilities 2013
2014-07-26 19:16 - 2014-07-26 19:01 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools
2014-07-26 19:16 - 2014-03-04 21:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2014-07-26 19:02 - 2014-07-26 19:02 - 00666459 _____ () C:\WINDOWS\system32\Drivers\Cat.DB
2014-07-26 19:01 - 2014-07-26 19:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\TestApp
2014-07-26 18:56 - 2013-12-11 20:44 - 00000000 ____D () C:\StoneTrip
2014-07-26 18:56 - 2013-01-05 18:46 - 00000000 __RHD () C:\MSOCache
2014-07-26 18:56 - 2012-07-07 18:26 - 00000000 ____D () C:\sh4ldr
2014-07-26 18:56 - 2012-04-25 21:14 - 00000000 ____D () C:\Games
2014-07-26 18:56 - 2012-04-05 21:18 - 00000000 ____D () C:\GarminMaps
2014-07-26 18:56 - 2012-03-11 11:28 - 00000000 ____D () C:\Garmin
2014-07-26 18:56 - 2011-11-22 21:03 - 00000000 ____D () C:\FreePDF
2014-07-26 18:56 - 2011-10-07 18:18 - 00000000 ____D () C:\Corel
2014-07-26 18:56 - 2011-08-21 19:03 - 00000000 ____D () C:\drvrtmp
2014-07-26 18:56 - 2011-08-21 15:38 - 00000000 ____D () C:\DELL
2014-07-26 18:55 - 2014-07-24 20:13 - 00000000 ___HD () C:\$AVG
2014-07-26 18:55 - 2014-06-11 19:01 - 00000000 _RSHD () C:\Skypee
2014-07-26 18:55 - 2011-11-29 19:58 - 00000000 ____D () C:\16415ef2d6aa40d5ac4663c148c872
2014-07-26 18:49 - 2014-07-26 16:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\iSafe
2014-07-26 18:49 - 2011-08-21 16:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü
2014-07-26 16:52 - 2011-08-21 15:42 - 00000000 ___RD () C:\Dokumente und Einstellungen\Matthias Knödler\Startmenü\Programme
2014-07-26 16:51 - 2014-07-26 16:51 - 00000000 ____D () C:\WINDOWS\iskVolumeMinidump
2014-07-26 16:51 - 2014-07-26 16:51 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\eCyber
2014-07-24 22:29 - 2014-06-14 15:20 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2014
2014-07-24 20:16 - 2014-07-24 20:11 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Anwendungsdaten\Avg2014
2014-07-24 20:15 - 2014-07-24 20:15 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\AVG2014
2014-07-24 20:14 - 2014-07-24 20:14 - 00000698 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2014.lnk
2014-07-24 20:14 - 2014-07-24 20:14 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2014-07-23 18:31 - 2014-07-23 18:31 - 00002346 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Nero StartSmart Essentials.lnk
2014-07-23 18:31 - 2014-07-23 18:31 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nero 8
2014-07-23 18:31 - 2011-10-07 19:16 - 00000356 _____ () C:\WINDOWS\system32\MsiExec.exe.log
2014-07-23 18:30 - 2014-07-23 18:30 - 00001024 _____ () C:\Dokumente und Einstellungen\Matthias Knödler\.rnd
2014-07-23 18:30 - 2014-07-23 18:28 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nero
2014-07-23 18:28 - 2011-10-07 19:13 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nero
2014-07-23 18:18 - 2011-08-28 10:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Anwendungsdaten\Corel
2014-07-23 18:08 - 2011-09-02 19:49 - 00001420 ___SH () C:\WINDOWS\system32\KGyGaAvL.sys
2014-07-22 22:04 - 2013-08-15 20:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-22 21:57 - 2011-08-21 19:31 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-22 21:56 - 2013-01-05 18:46 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2014-07-20 17:55 - 2011-08-21 15:42 - 00000000 ___RD () C:\Dokumente und Einstellungen\Matthias Knödler\Eigene Dateien\Eigene Bilder
2014-07-14 12:26 - 2014-07-26 19:44 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-07-08 20:33 - 2011-08-21 15:58 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Eigene Dateien\Eltern
2014-07-06 13:38 - 2013-01-05 18:51 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-07-05 19:20 - 2012-11-28 20:20 - 00146338 _____ () C:\WINDOWS\spupdsvc.log
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\DESIGNER
2014-07-05 09:08 - 2014-07-05 09:07 - 00005540 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-07-05 09:08 - 2012-11-28 20:23 - 00054307 _____ () C:\WINDOWS\updspapi.log
2014-07-05 09:08 - 2012-11-28 20:20 - 01635536 _____ () C:\WINDOWS\iis6.log
2014-07-05 09:08 - 2012-11-28 20:20 - 01321816 _____ () C:\WINDOWS\FaxSetup.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00690586 _____ () C:\WINDOWS\ocgen.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00623108 _____ () C:\WINDOWS\tsoc.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00442170 _____ () C:\WINDOWS\msmqinst.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00441557 _____ () C:\WINDOWS\comsetup.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00273535 _____ () C:\WINDOWS\ntdtcsetup.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00233324 _____ () C:\WINDOWS\netfxocm.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00074863 _____ () C:\WINDOWS\ocmsn.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00068159 _____ () C:\WINDOWS\msgsocm.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00065933 _____ () C:\WINDOWS\tabletoc.log
2014-07-05 09:08 - 2012-11-28 20:20 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-07-05 09:08 - 2012-11-28 20:19 - 00097477 _____ () C:\WINDOWS\medctroc.Log
2014-07-05 09:08 - 2011-08-21 19:38 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-07-05 09:07 - 2014-07-05 09:07 - 00005369 _____ () C:\WINDOWS\KB2378111.log
2014-07-05 09:07 - 2014-07-05 09:07 - 00004170 _____ () C:\WINDOWS\KB954154.log
2014-07-05 09:07 - 2014-07-05 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954154_WM11$
2014-07-05 09:07 - 2014-07-05 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB939683$
2014-07-05 09:07 - 2014-07-05 09:06 - 00008377 _____ () C:\WINDOWS\KB939683.log
2014-07-05 09:07 - 2012-11-28 20:38 - 00015772 _____ () C:\WINDOWS\wmsetup.log
2014-07-05 09:07 - 2012-11-28 20:20 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-07-04 21:46 - 2014-07-04 21:46 - 00000000 ____D () C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-06-30 17:47 - 2011-11-19 22:14 - 00000000 ____D () C:\WINDOWS\system32\Adobe
2014-06-30 12:43 - 2014-06-30 12:43 - 00121624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-06-29 20:59 - 2014-06-29 20:59 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Java
2014-06-29 20:58 - 2014-06-29 20:58 - 00004487 _____ () C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log
2014-06-29 20:58 - 2014-06-29 20:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-06-29 20:58 - 2011-09-30 18:28 - 00000000 ____D () C:\Programme\Java
2014-06-29 19:48 - 2014-06-29 21:46 - 00000030 _____ () C:\AVScanner.ini
2014-06-29 19:48 - 2012-07-15 10:10 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-29 19:48 - 2011-08-21 20:59 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
ZeroAccess:
C:\Windows\Installer\{a5258bf6-c577-b069-1883-a4ed160430e8}
C:\Windows\Installer\{a5258bf6-c577-b069-1883-a4ed160430e8}\@
ZeroAccess:
C:\RECYCLER\S-1-5-21-602162358-1580818891-725345543-1003\$a5258bf6c577b0691883a4ed160430e8
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Matthias Knödler\Lokale Einstellungen\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================ --- --- --- |