Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner auf meinem Win 7 Laptop.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.07.2013, 18:09   #16
schrauber
/// the machine
/// TB-Ausbilder
 

GVU Trojaner auf meinem Win 7 Laptop. - Standard

GVU Trojaner auf meinem Win 7 Laptop.



und wann wolltest Du mir das sagen? Dein letzter Post sagt "fix geht nit, rechner bootet nit", dann postest Du plötzlich ein AdwCleaner Log

dann den Rest obiger Anleitung.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.07.2013, 22:08   #17
Oase63
 
GVU Trojaner auf meinem Win 7 Laptop. - Standard

GVU Trojaner auf meinem Win 7 Laptop.



Das hier kam beim JRt raus:
Code:
ATTFilter

~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\browserprotect"



~~~ FireFox

Successfully deleted: [File] C:\Users\Jacky\AppData\Roaming\mozilla\firefox\profiles\ocj8egh5.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\Jacky\AppData\Roaming\mozilla\firefox\profiles\ocj8egh5.default\prefs.js

user_pref("iminent.webbooster.scripts.minibar.FavLinkSplitTestingClass", "v1");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1374492047001");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1365105244316");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1365105244336");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1365105293249");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1365105244344");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent127", "1364232572101");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent128", "1364233047496");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1374086250654");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent136", "1374154176191");
user_pref("iminent.webbooster.scripts.sslminibar.FavLinkSplitTestingClass", "v2");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1374492044871");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1374341199142");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1374169626288");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1374341199148");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1374341200420");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1374341199154");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent134", "1374154511157");
Emptied folder: C:\Users\Jacky\AppData\Roaming\mozilla\firefox\profiles\ocj8egh5.default\minidumps [45 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2013 at 22:30:44,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und das hier beim FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Jacky (administrator) on 30-07-2013 23:03:40
Running from C:\Users\Jacky\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\ExpressGateUtil\VAWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Jacky\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(ALi) C:\Windows\WebCam\S6000\S6000Mnt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-30] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd [x]
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Jacky\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [FLxHCIm] - C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [40448 2011-02-25] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [S6000Mnt] - C:\Windows\SysWOW64\Rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [SessionLogon] - C:\ExpressGateUtil\SessionLogon.exe [x]
HKLM-x32\...\Run: [VAWinAgent] - C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-13] ()
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-11-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [523216 2011-08-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] - D:\PDF24\pdf24.exe [162856 2013-06-10] (Geek Software GmbH)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2011-03-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jacky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jacky\AppData\Roaming\Mozilla\Firefox\Profiles\ocj8egh5.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Jacky\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Jacky\AppData\Roaming\Mozilla\Firefox\Profiles\ocj8egh5.default\searchplugins\ChatZumSearch.xml
FF Extension: No Name - C:\Users\Jacky\AppData\Roaming\Mozilla\Firefox\Profiles\ocj8egh5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-21] ()

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-09-08] ()
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17024 2010-07-26] (ASUS)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17024 2010-07-26] (ASUS)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-04-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-04-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-03] (Avira Operations GmbH & Co. KG)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [81920 2011-02-25] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 KOBCCEX; C:\Windows\System32\drivers\KOBCCEX.sys [25344 2012-08-27] (KOBIL Systems GmbH)
S3 KOBCCID; C:\Windows\System32\drivers\KOBCCID.sys [104576 2012-08-27] (KOBIL Systems GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-09-08] ()
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [190232 2010-08-05] (Windows (R) Win 7 DDK provider)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-30 22:30 - 2013-07-30 22:30 - 00005499 _____ C:\Users\Jacky\Desktop\JRT.txt
2013-07-30 22:21 - 2013-07-30 22:21 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 22:20 - 2013-07-30 22:20 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Jacky\Downloads\JRT.exe
2013-07-30 22:15 - 2013-07-30 22:15 - 00000000 ___RD C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-07-24 17:34 - 2013-07-24 17:34 - 00666633 _____ C:\Users\Jacky\Downloads\adwcleaner.exe
2013-07-24 17:34 - 2013-07-24 17:34 - 00047355 _____ C:\AdwCleaner[S1].txt
2013-07-24 17:34 - 2013-07-24 17:34 - 00000097 _____ C:\Windows\DeleteOnReboot.bat
2013-07-24 07:10 - 2013-07-24 07:10 - 00000000 ____D C:\FRST
2013-07-23 19:36 - 2013-07-23 19:36 - 01558672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-23 19:08 - 2013-07-24 01:10 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-07-17 13:12 - 2013-07-17 13:29 - 00000000 ____D C:\Users\Jacky\Documents\Methoden
2013-07-17 13:12 - 2013-07-17 13:12 - 00000000 ____D C:\Users\Jacky\AppData\Local\PDF24
2013-07-17 13:08 - 2013-07-17 13:08 - 00000579 _____ C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-07-17 13:05 - 2013-07-17 13:05 - 15905080 _____ (Geek Software GmbH                                          ) C:\Users\Jacky\Downloads\pdf24-creator-5.6.0.exe
2013-07-15 10:49 - 2013-07-15 10:52 - 00000000 ____D C:\Windows\system32\MRT
2013-07-12 03:24 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 03:24 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 03:24 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 03:24 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 03:24 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 03:24 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 03:24 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 03:24 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 03:24 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 03:24 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 03:24 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 03:24 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 03:24 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 03:24 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 03:24 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 03:24 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 03:24 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 03:24 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 03:24 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 03:24 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 03:24 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 03:24 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 14:30 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 14:30 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 14:30 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 14:30 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 14:30 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 14:30 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 14:30 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 17:05 - 2013-07-17 18:41 - 00000000 ____D C:\Users\Jacky\Documents\Methodik Mathe
2013-07-08 01:59 - 2013-07-08 01:59 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\NVIDIA
2013-07-08 01:59 - 2013-07-08 01:59 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\Frogwares
2013-07-08 01:55 - 2013-07-08 01:55 - 00000657 _____ C:\Users\Public\Desktop\Das Testament des Sherlock Holmes.lnk
2013-07-07 22:46 - 2013-07-07 22:46 - 00983920 _____ (Amazon Services LLC) C:\Users\Jacky\Downloads\Das_Testament_des_Sherlock_Holmes_Downloader.exe
2013-07-07 15:06 - 2013-07-07 15:06 - 00000000 ____D C:\Users\Jacky\Documents\ANNO 2070
2013-07-07 01:12 - 2013-07-07 14:26 - 00000000 ____D C:\Users\Jacky\AppData\Local\Ubisoft Game Launcher
2013-07-07 01:12 - 2013-07-07 01:12 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\Ubisoft
2013-07-07 00:56 - 2013-07-07 00:56 - 00000000 ____D C:\ProgramData\Solidshield
2013-07-07 00:55 - 2013-07-07 00:55 - 00000658 _____ C:\Users\Jacky\Desktop\ANNO 2070.lnk
2013-07-07 00:54 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-07-07 00:54 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-07-07 00:54 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-07-07 00:54 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-07-07 00:54 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-07-07 00:54 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-07-07 00:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-07-07 00:53 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-07-07 00:53 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-07-07 00:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-07-07 00:53 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-07-07 00:53 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-07-07 00:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-07-07 00:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-07-07 00:53 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-07-07 00:53 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-07-07 00:53 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-07-07 00:53 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-07-07 00:53 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-07-07 00:53 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-07-06 21:56 - 2013-07-06 21:56 - 00983920 _____ (Amazon Services LLC) C:\Users\Jacky\Downloads\ANNO_2070_Königsedition_Downloader.exe
126

==================== One Month Modified Files and Folders =======

2013-07-30 23:02 - 2013-07-30 23:02 - 01781589 _____ (Farbar) C:\Users\Jacky\Downloads\FRST64.exe
2013-07-30 22:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-30 22:30 - 2013-07-30 22:30 - 00005499 _____ C:\Users\Jacky\Desktop\JRT.txt
2013-07-30 22:21 - 2013-07-30 22:21 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 22:20 - 2013-07-30 22:20 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Jacky\Downloads\JRT.exe
2013-07-30 22:20 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-30 22:20 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 22:19 - 2012-08-27 01:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 22:15 - 2013-07-30 22:15 - 00000000 ___RD C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-07-30 22:15 - 2012-09-07 17:53 - 00000000 ____D C:\Users\Jacky\Documents\Bluetooth Folder
2013-07-26 23:06 - 2012-09-03 11:42 - 00000000 ____D C:\Users\Jacky\Documents\Outlook-Dateien
2013-07-26 23:03 - 2011-02-19 06:24 - 00669360 _____ C:\Windows\system32\perfh007.dat
2013-07-26 23:03 - 2011-02-19 06:24 - 00135040 _____ C:\Windows\system32\perfc007.dat
2013-07-26 23:03 - 2009-07-14 07:13 - 01538262 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 23:02 - 2011-11-20 07:34 - 01547515 _____ C:\Windows\WindowsUpdate.log
2013-07-26 22:56 - 2013-04-15 15:59 - 00000000 ___RD C:\Users\Jacky\Dropbox
2013-07-26 22:56 - 2013-04-15 15:34 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\Dropbox
2013-07-26 22:56 - 2012-08-24 22:45 - 00000000 ___HD C:\ASUS.DAT
2013-07-26 22:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-26 22:54 - 2009-07-14 06:51 - 00071270 _____ C:\Windows\setupact.log
2013-07-24 18:30 - 2012-08-24 22:45 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-07-24 17:37 - 2011-11-20 07:57 - 00002458 _____ C:\Windows\system32\AutoRunFilter.ini
2013-07-24 17:34 - 2013-07-24 17:34 - 00666633 _____ C:\Users\Jacky\Downloads\adwcleaner.exe
2013-07-24 17:34 - 2013-07-24 17:34 - 00047355 _____ C:\AdwCleaner[S1].txt
2013-07-24 17:34 - 2013-07-24 17:34 - 00000097 _____ C:\Windows\DeleteOnReboot.bat
2013-07-24 07:10 - 2013-07-24 07:10 - 00000000 ____D C:\FRST
2013-07-24 01:10 - 2013-07-23 19:08 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-07-23 19:36 - 2013-07-23 19:36 - 01558672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-17 18:41 - 2013-07-10 17:05 - 00000000 ____D C:\Users\Jacky\Documents\Methodik Mathe
2013-07-17 13:29 - 2013-07-17 13:12 - 00000000 ____D C:\Users\Jacky\Documents\Methoden
2013-07-17 13:12 - 2013-07-17 13:12 - 00000000 ____D C:\Users\Jacky\AppData\Local\PDF24
2013-07-17 13:08 - 2013-07-17 13:08 - 00000579 _____ C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-07-17 13:05 - 2013-07-17 13:05 - 15905080 _____ (Geek Software GmbH                                          ) C:\Users\Jacky\Downloads\pdf24-creator-5.6.0.exe
2013-07-15 10:52 - 2013-07-15 10:49 - 00000000 ____D C:\Windows\system32\MRT
2013-07-12 08:09 - 2013-04-15 15:35 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-07-12 08:09 - 2012-08-24 22:45 - 00000000 ___RD C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-12 03:56 - 2009-07-14 06:45 - 00436504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 03:55 - 2013-03-14 18:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 03:55 - 2013-03-14 18:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 03:54 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 03:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 03:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 03:37 - 2012-08-26 23:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 12:56 - 2012-08-24 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 01:59 - 2013-07-08 01:59 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\NVIDIA
2013-07-08 01:59 - 2013-07-08 01:59 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\Frogwares
2013-07-08 01:57 - 2011-04-13 04:35 - 00081975 _____ C:\Windows\DirectX.log
2013-07-08 01:56 - 2011-11-20 07:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-08 01:55 - 2013-07-08 01:55 - 00000657 _____ C:\Users\Public\Desktop\Das Testament des Sherlock Holmes.lnk
2013-07-07 22:46 - 2013-07-07 22:46 - 00983920 _____ (Amazon Services LLC) C:\Users\Jacky\Downloads\Das_Testament_des_Sherlock_Holmes_Downloader.exe
2013-07-07 15:06 - 2013-07-07 15:06 - 00000000 ____D C:\Users\Jacky\Documents\ANNO 2070
2013-07-07 14:26 - 2013-07-07 01:12 - 00000000 ____D C:\Users\Jacky\AppData\Local\Ubisoft Game Launcher
2013-07-07 01:12 - 2013-07-07 01:12 - 00000000 ____D C:\Users\Jacky\AppData\Roaming\Ubisoft
2013-07-07 00:56 - 2013-07-07 00:56 - 00000000 ____D C:\ProgramData\Solidshield
2013-07-07 00:55 - 2013-07-07 00:55 - 00000658 _____ C:\Users\Jacky\Desktop\ANNO 2070.lnk
2013-07-07 00:54 - 2012-09-08 19:25 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-07-07 00:54 - 2011-11-20 07:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-06 21:56 - 2013-07-06 21:56 - 00983920 _____ (Amazon Services LLC) C:\Users\Jacky\Downloads\ANNO_2070_Königsedition_Downloader.exe
2013-07-04 08:54 - 2013-03-09 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 11:07

==================== End Of Log ============================
         
--- --- ---


Und der Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Jacky at 2013-07-30 23:04:39
Running from C:\Users\Jacky\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Alcor Micro USB Card Reader (x32 Version: 1.8.17.26026)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
Anno 1701 (x32 Version: 1.02)
ANNO 2070 (x32 Version: 1.0.0.0)
ASUS AI Recovery (x32 Version: 1.0.13)
ASUS FancyStart (x32 Version: 1.1.0)
ASUS LifeFrame3 (x32 Version: 3.0.21)
ASUS Live Update (x32 Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.44)
ASUS SmartLogon (x32 Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0031)
ASUS Video Magic (x32 Version: 6.0.4710)
ASUS Virtual Camera (x32 Version: 1.0.21)
ASUS WebStorage (x32 Version: 3.0.84.161)
ASUS_Screensaver (x32)
AsusVibe2.0 (x32 Version: 2.0.4.617)
Atheros Client Installation Program (x32 Version: 7.0)
ATK Package (x32 Version: 1.0.0008)
Audacity 1.2.6 (x32)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
Biet-O-Matic v2.14.8 (x32 Version: 2.14.8)
Black Mirror III (x32)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bookworm Deluxe (x32)
CDBurnerXP (x32 Version: 4.5.1.4003)
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.0.3054)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.3054)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Cooking Dash (x32)
CourseLab 2.4 (x32 Version: 2.4)
CyberLink LabelPrint (x32 Version: 2.5.1908)
CyberLink MediaEspresso (x32 Version: 6.0.1123_32710)
CyberLink Power2Go (x32 Version: 6.1.3602c)
CyberLink PowerDirector (x32 Version: 8.0.3327)
CyberLink PowerDVD 10 (x32 Version: 10.0.2312.52)
D3DX10 (x32 Version: 15.4.2368.0902)
Das Testament des Sherlock Holmes (x32 Version: 1.00.0777)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Die Sims™ 3 (x32 Version: 1.38.151)
Die Sims™ 3 Late Night (x32 Version: 6.5.1)
Dropbox (HKCU Version: 2.0.22)
Duden-Rechtschreibprüfung (x32 Version: 8.0)
DynaGeo 3.6f (x32)
EA Download Manager (x32 Version: 5.0.0.255)
ExpressGate Cloud (x32 Version: 2.1.88.405)
Fast Boot (Version: 1.0.9)
Free YouTube to MP3 Converter version 3.11.33.1005 (x32 Version: 3.11.33.1005)
FreeMind (x32 Version: 0.9.0)
Fresco Logic USB3.0 Host Controller (Version: 3.0.116.3)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Game Park Console (x32 Version: 6.2.1.1)
GeoGebra (x32 Version: 4.0.38.0)
Governor of Poker (x32)
Hotel Dash Suite Success (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2405)
Intel(R) Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Java 7 Update 7 (x32 Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.0)
Jewel Quest 3 (x32)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
KOBIL Chipkartenterminal Treiber V2.2s  Build: 20100503.2 (x32 Version: 2.2s )
KOBIL drivers x64x86 installation (x32 Version: 1.10.0211)
Mahjongg dimensions (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft GIF Animator (x32)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MyPhoneExplorer (x32 Version: 1.8.4)
Nuance PDF Reader (x32 Version: 6.00.0041)
NVIDIA Control Panel 267.54 (Version: 267.54)
NVIDIA Graphics Driver 267.54 (Version: 267.54)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA Update Components (Version: 1.0.21)
OpenSC (x32 Version: 0.12.2.0)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF24 Creator 5.6.0 (x32)
PhotoScape (x32)
Plants vs Zombies (x32)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6334)
Skype™ 6.5 (x32 Version: 6.5.158)
SonicMaster (x32 Version: 1.00.0000)
syncables desktop SE (x32 Version: 5.5.746.11492)
TeamViewer 8 (x32 Version: 8.0.18051)
Theme Park World (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
USB2.0 2.0M UVC WebCam (x32 Version: 2.103.13.10)
Ware PS/2-x64 7.0.5.16_WHQL (Version: 7.0.5.16)
Wildlife Park 3 v1.0 (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
WinFlash (x32 Version: 2.31.1)
Wireless Console 3 (x32 Version: 3.0.19)
World of Goo (x32)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (x32 Version: 15.4.5722.2)
بريد Windows Live (x32 Version: 15.4.3502.0922)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (x32 Version: 15.4.5722.2)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)

==================== Restore Points  =========================

12-07-2013 01:13:09 Windows Update
15-07-2013 08:48:07 Windows Update
19-07-2013 08:18:54 Windows Update
23-07-2013 08:37:15 Windows Update
26-07-2013 21:01:09 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0378438A-D02B-4F92-BD2D-2B6264ECE6B8} - System32\Tasks\BrowserProtect => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {0FEE6F1D-4688-41D7-9DB1-1E3ED9338FF5} - System32\Tasks\{0FB17B31-2723-41CB-98DD-EFDEE083DCF6} => D:\singles.exe No File
Task: {14A9E335-0555-4A5E-ACE0-EA79117A9AB8} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {1EE64B44-99B8-4BC7-A02B-B9DC594C92E5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {1F4CC989-4FC5-48FB-B54A-3B8B0218A322} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
Task: {30FFE04D-4167-4132-A19C-CD9A1711422E} - System32\Tasks\{4B5211F8-8BDD-490C-921B-74E240790C7A} => D:\singles.exe No File
Task: {3E54018B-30EB-4A08-9CA1-8DC785DFDCA1} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: {42051585-026F-4ACF-BEE2-F274B155F713} - System32\Tasks\ASUS Patch 10430001 => C:\Windows\AsPatch10430001.exe [2010-07-29] ()
Task: {46FBF7B8-766A-40AC-A467-807AE038FD66} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {4B4EBCC9-51DC-4117-B234-08B2CE0F4C21} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-11-24] (CyberLink)
Task: {53F43D7C-240D-492B-B6EF-A8193011415E} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {5E9FD39C-B0EB-468C-AFEA-8AB7E169806D} - System32\Tasks\{1AE8EF7C-950E-46EA-9C1B-C0BFE55CD914} => C:\Program Files (x86)\Singles\singles.exe No File
Task: {6B3732F0-AB7E-4271-B268-4EF3F6121B06} - System32\Tasks\{96C24CE2-A787-42B8-9136-13CC1E89570A} => C:\Program Files (x86)\Singles\singles.exe No File
Task: {7209F08E-78DE-47FD-931B-E72E1BC09511} - System32\Tasks\{8577D6A2-4369-40EC-9D7F-784AB74AC9AB} => C:\Program Files (x86)\Singles\singles.exe No File
Task: {7EF2C660-9A08-46AF-9B47-376E57480BFC} - System32\Tasks\{69DC74B8-D039-45F3-85B3-C87118A2E4F6} => D:\singles.exe No File
Task: {8B6A7FA8-25EC-4779-BC29-B62D54E34AC1} - System32\Tasks\{7EF9312B-963A-4CD1-AA38-1ECE741BB790} => C:\Program Files (x86)\Singles\singles.exe No File
Task: {8B6D10A9-CBD3-4199-8A08-8D8F8EAE5B13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {8DD5AF38-8AE1-4A96-B881-F40F8C9E5213} - System32\Tasks\{EBE76672-A6E8-432F-AF96-C8094C0A377A} => D:\singles.exe No File
Task: {8F4D8641-97A8-4DB4-8411-A801B429E370} - System32\Tasks\{5E454559-B17D-45E8-9F16-CBEEFB6187E1} => D:\tp.exe [2000-06-28] ()
Task: {93599B2E-816F-4CC7-8D44-5B973B4968FC} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {A105D3F5-C6B5-42E8-AF38-FC000B310E11} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {A7C1A3D0-817E-409C-B516-589B4F58014F} - System32\Tasks\{1E3786EF-12B5-4863-B5CC-56C3A3098C38} => D:\singles.exe No File
Task: {AC207542-5A83-4ECE-B5AD-5FFB893F8040} - System32\Tasks\{B3276CDC-FB93-43A6-AEEE-3FA0C29853B7} => D:\tp.exe [2000-06-28] ()
Task: {BCF9BFE6-EEDB-4695-BE0B-5E3AF6EA9ED3} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {D02FCF48-91BA-424B-89AD-30C91DFD2D45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {D1673874-BE88-4505-809A-E96A4C07BEEF} - System32\Tasks\{FDD17066-DD55-4B8A-A1A8-F60BAB93403F} => D:\tp.exe [2000-06-28] ()
Task: {D3257F5F-F2B5-4355-B0C1-34731D5ECCD5} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (07/30/2013 10:35:51 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 6049.06 MB
Available physical RAM: 3959.07 MB
Total Pagefile: 12096.3 MB
Available Pagefile: 9716.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:73.08 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:214.05 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Ist nun wieder alles in Ordnung? Vielen lieben Dank schonmal=)
__________________


Alt 31.07.2013, 09:40   #18
schrauber
/// the machine
/// TB-Ausbilder
 

GVU Trojaner auf meinem Win 7 Laptop. - Standard

GVU Trojaner auf meinem Win 7 Laptop.



Noch nen Onlinescan und wir sollten durch sein


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
__________________

Antwort

Themen zu GVU Trojaner auf meinem Win 7 Laptop.
abgesichterten, aufgrund, eingefangen, entferne, entfernen, gefangen, gen, gvu trojaner, heute, hilfe, hoffe, inter, interne, internet, laptop, troja, trojaner, win, win 7




Ähnliche Themen: GVU Trojaner auf meinem Win 7 Laptop.


  1. Interpool Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (12)
  2. GVU - Trojaner auf meinem Laptop
    Log-Analyse und Auswertung - 26.07.2013 (10)
  3. GVU Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (7)
  4. Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 30.05.2013 (9)
  5. Trojaner auf meinem Laptop (serialcodes_net[1].htm) + SpyHunter 4
    Plagegeister aller Art und deren Bekämpfung - 15.03.2013 (29)
  6. BKA Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (1)
  7. GVU-Trojaner auf meinem Laptop
    Log-Analyse und Auswertung - 22.09.2012 (9)
  8. Trojaner Windows Update - OTL Log von meinem Laptop
    Log-Analyse und Auswertung - 06.06.2012 (6)
  9. weitere BKA-Trojaner-Variante von der GVU auf meinem laptop
    Log-Analyse und Auswertung - 28.03.2012 (1)
  10. abnow-trojaner auf meinem laptop
    Plagegeister aller Art und deren Bekämpfung - 14.03.2012 (4)
  11. Bundeskriminalamt Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 05.08.2011 (7)
  12. Trojaner Fake.AV auf meinem Laptop....
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (5)
  13. Trojaner (TR/Trash.Gen) auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (4)
  14. Trojaner-Problem bei meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 16.08.2009 (1)
  15. Trojaner auf meinem laptop! HILFE!!!
    Log-Analyse und Auswertung - 28.01.2009 (0)
  16. Mehrere Trojaner auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 03.09.2008 (8)
  17. Trojaner und Wurm auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 31.10.2006 (3)

Zum Thema GVU Trojaner auf meinem Win 7 Laptop. - und wann wolltest Du mir das sagen? Dein letzter Post sagt "fix geht nit, rechner bootet nit", dann postest Du plötzlich ein AdwCleaner Log dann den Rest obiger Anleitung. - GVU Trojaner auf meinem Win 7 Laptop....
Archiv
Du betrachtest: GVU Trojaner auf meinem Win 7 Laptop. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.