gvu trojaner windows 8

LinusIda · 14.08.2013, 15:50

Hallo TB-Team, leider sehe ich seit kurzem auch nur noch die GVU-Seite...
ich habe bereits frst64 heruntergeladen und durchlaufen lassen.
Hier mein Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 01
Ran by SYSTEM on 14-08-2013 16:25:49
Running from G:\
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery
Attention: Could not load system hive.
==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11582848 2012-09-30] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-18] (Apple Inc.)
HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-08] (Conduit)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Inga\...\Run: [Spotify Web Helper] - C:\Users\Inga\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-09] (Spotify Ltd)
HKU\Inga\...\Run: [Spotify] - C:\Users\Inga\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-09] (Spotify Ltd)
HKU\Inga\...\Run: [SearchProtect] - C:\Users\Inga\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-08] (Conduit)
HKU\Inga\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe [52736 2013-08-14] (Valve Corporation) <===== ATTENTION
HKU\Inga\...\Winlogon: [Shell] cmd.exe [404992 2012-07-26] (Microsoft Corporation) <==== ATTENTION 
HKU\Inga\...\Command Processor: "C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe" <===== ATTENTION!
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll  [2691536 2013-07-26] ()
Startup: C:\Users\Inga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)

==================== Services (Whitelisted) =================


==================== Drivers (Whitelisted) ====================


==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-14 11:18 - 2013-08-14 11:18 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-08-14 11:03 - 2013-08-14 11:03 - 00454064 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-14 00:43 - 2013-06-27 23:04 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-14 00:43 - 2013-06-27 23:04 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-14 00:30 - 2013-08-14 00:30 - 01084772 _____ C:\Users\Inga\AppData\Roaming\2433f433
2013-08-14 00:30 - 2013-08-14 00:30 - 01084763 _____ C:\Users\Inga\AppData\Local\2433f433
2013-08-14 00:30 - 2013-08-14 00:30 - 01084742 _____ C:\ProgramData\2433f433
2013-08-14 00:11 - 2013-07-26 06:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-08-14 00:11 - 2013-07-26 06:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-08-14 00:11 - 2013-07-26 04:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-14 00:11 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 00:11 - 2013-07-26 04:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-14 00:11 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 00:11 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 00:11 - 2013-07-26 01:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-14 00:11 - 2013-07-09 07:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 00:11 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 00:11 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 00:10 - 2013-07-26 06:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-14 00:10 - 2013-07-26 06:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-14 00:10 - 2013-07-26 06:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-14 00:10 - 2013-07-26 06:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-14 00:10 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 00:10 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 00:10 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 00:10 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 00:10 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 00:10 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 00:09 - 2013-07-26 06:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-14 00:09 - 2013-07-26 06:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 00:08 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 00:08 - 2013-07-13 07:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 00:08 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\apprepapi.dll
2013-08-14 00:08 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 00:08 - 2013-07-13 05:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 00:08 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-14 00:07 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 00:07 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\apprepsync.dll
2013-08-14 00:07 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-12 17:00 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-08-12 17:00 - 2013-06-01 12:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-08-12 17:00 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-12 17:00 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-08-12 17:00 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-08-12 17:00 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-08-12 17:00 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-08-12 17:00 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-08-12 17:00 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-08-12 17:00 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-08-12 17:00 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-08-12 17:00 - 2013-06-01 10:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-08-12 17:00 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-08-12 17:00 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\System32\mscms.dll
2013-08-12 17:00 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-08-12 17:00 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-08-12 17:00 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-08-12 17:00 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-08-12 17:00 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-08-12 16:59 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-08-12 16:59 - 2013-06-01 12:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-08-12 16:59 - 2013-06-01 12:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-08-12 16:59 - 2013-06-01 12:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-08-12 16:59 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-08-12 16:59 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-08-12 16:59 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-08-12 16:59 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\System32\MbaeParserTask.exe
2013-08-12 16:59 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSetupManager.dll
2013-08-12 16:59 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-08-12 16:59 - 2013-05-20 01:08 - 00386642 _____ C:\Windows\System32\ApnDatabase.xml
2013-08-12 16:55 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-08-12 16:55 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-08-12 16:55 - 2013-05-31 00:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-08-12 16:55 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-08-12 16:55 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-08-12 16:53 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-12 16:53 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-12 16:32 - 2013-08-12 16:32 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-08-11 20:10 - 2013-08-11 20:10 - 00010181 _____ C:\WirelessDiagLog.csv
2013-08-11 17:43 - 2013-08-11 17:48 - 00000000 ____D C:\Windows\System32\MRT
2013-08-11 16:42 - 2013-08-11 16:42 - 00000000 ___RD C:\Users\Inga\Documents\Notes
2013-07-25 11:28 - 2013-07-25 11:28 - 00029964 _____ C:\Users\Inga\Desktop\usersql_zedat_fu-berlin_de.zip
2013-07-25 11:18 - 2013-07-26 11:43 - 07640984 _____ C:\Users\Inga\Desktop\joomla.zip
2013-07-23 12:00 - 2013-07-26 13:03 - 00000600 _____ C:\Users\Inga\AppData\Local\PUTTY.RND
2013-07-23 12:00 - 2013-07-23 12:00 - 00000600 _____ C:\Users\Inga\AppData\Roaming\PUTTY.RND
2013-07-23 11:57 - 2013-07-26 11:41 - 00000000 ____D C:\Users\Inga\Desktop\joomla
2013-07-21 12:47 - 2013-07-21 12:47 - 00294144 _____ C:\Windows\Minidump\072113-32484-01.dmp
2013-07-20 13:47 - 2013-07-20 13:47 - 00111499 _____ C:\Users\Inga\Desktop\dafe2.zip
2013-07-20 13:42 - 2013-07-20 13:46 - 00000000 ____D C:\Users\Inga\Desktop\abvtemplate(2)
2013-07-20 13:07 - 2013-07-20 13:59 - 00000000 ____D C:\Users\Inga\Desktop\dafe2
2013-07-20 13:05 - 2013-07-20 13:05 - 00030977 _____ C:\Users\Inga\Desktop\abvtemplate(2).zip
2013-07-20 11:44 - 2013-07-20 11:44 - 00084096 _____ C:\Users\Inga\Desktop\DAFE.zip
2013-07-20 11:42 - 2013-07-20 11:42 - 00000000 ____D C:\Users\Inga\Desktop\DAFE
2013-07-19 15:55 - 2013-07-19 15:55 - 00793536 _____ C:\Users\Inga\Downloads\ZipOpenerSetup.exe
2013-07-17 13:40 - 2013-07-17 13:40 - 00002205 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-07-17 13:40 - 2013-07-17 13:40 - 00002185 _____ C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-07-17 13:40 - 2012-11-29 15:06 - 00034656 _____ (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-17 13:40 - 2012-11-29 15:06 - 00025952 _____ (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-17 13:40 - 2012-11-29 15:06 - 00021344 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-17 13:38 - 2013-07-17 13:38 - 00001394 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-07-17 13:38 - 2013-07-17 13:38 - 00000000 ____D C:\Users\Inga\AppData\Roaming\TuneUp Software
2013-07-17 13:37 - 2013-08-12 16:24 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-17 13:37 - 2013-08-12 15:48 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-17 13:36 - 2013-07-17 13:38 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-17 13:32 - 2013-07-17 13:32 - 25326392 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Inga\Downloads\FreeYouTubeToMP3Converter.exe
2013-07-15 21:52 - 2013-05-15 23:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-07-15 12:36 - 2013-07-15 12:36 - 00013335 ____H C:\Users\Inga\Documents\~WRL1564.tmp

==================== One Month Modified Files and Folders =======

2013-08-14 11:20 - 2012-11-13 15:27 - 00000000 ____D C:\ProgramData\MOCP
2013-08-14 11:18 - 2013-08-14 11:18 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-08-14 11:18 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-14 11:04 - 2013-02-20 14:58 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-14 11:03 - 2013-08-14 11:03 - 00454064 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-14 11:02 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-08-14 11:01 - 2013-02-21 11:40 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-14 11:01 - 2012-11-13 15:02 - 01656283 _____ C:\Windows\WindowsUpdate.log
2013-08-14 11:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru
2013-08-14 00:46 - 2012-11-13 14:32 - 00753134 _____ C:\Windows\System32\perfh007.dat
2013-08-14 00:46 - 2012-11-13 14:32 - 00155826 _____ C:\Windows\System32\perfc007.dat
2013-08-14 00:46 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-14 00:42 - 2013-02-25 13:31 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-08-14 00:41 - 2013-03-31 13:17 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-08-14 00:41 - 2012-08-03 03:22 - 00069962 _____ C:\Windows\PFRO.log
2013-08-14 00:39 - 2012-07-26 08:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-14 00:39 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\oobe
2013-08-14 00:30 - 2013-08-14 00:30 - 01084772 _____ C:\Users\Inga\AppData\Roaming\2433f433
2013-08-14 00:30 - 2013-08-14 00:30 - 01084763 _____ C:\Users\Inga\AppData\Local\2433f433
2013-08-14 00:30 - 2013-08-14 00:30 - 01084742 _____ C:\ProgramData\2433f433
2013-08-14 00:24 - 2013-02-20 14:58 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-12 16:41 - 2013-02-24 12:25 - 00000000 ___RD C:\Users\Inga\Dropbox
2013-08-12 16:41 - 2013-02-24 12:22 - 00000000 ____D C:\Users\Inga\AppData\Roaming\Dropbox
2013-08-12 16:34 - 2013-02-20 14:52 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-743125971-97489409-2549583187-1001
2013-08-12 16:33 - 2013-02-20 20:59 - 00000000 ____D C:\Users\Inga\AppData\Roaming\Spotify
2013-08-12 16:32 - 2013-08-12 16:32 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-08-12 16:32 - 2013-02-25 13:31 - 00000000 __RSD C:\Users\Inga\Documents\McAfee-Tresore
2013-08-12 16:27 - 2013-02-20 14:44 - 00000000 ____D C:\users\Inga
2013-08-12 16:24 - 2013-07-17 13:37 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-08-12 16:23 - 2012-07-26 09:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-12 16:23 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\Dism
2013-08-12 16:23 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing
2013-08-12 16:20 - 2013-06-16 11:05 - 00000000 ____D C:\Users\Inga\AppData\Roaming\File Scout
2013-08-12 16:20 - 2013-03-31 13:17 - 00000000 ____D C:\Users\Inga\AppData\Roaming\Delta
2013-08-12 16:12 - 2012-11-13 15:27 - 00000000 ____D C:\Program Files\McAfeeEx
2013-08-12 16:11 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-12 15:57 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration
2013-08-12 15:54 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-08-12 15:51 - 2013-05-07 10:42 - 00000000 ____D C:\Users\Inga\Desktop\ressources_humaines
2013-08-12 15:50 - 2013-03-31 13:17 - 00000000 ____D C:\Users\Inga\AppData\Roaming\BabSolution
2013-08-12 15:48 - 2013-07-17 13:37 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-08-12 15:48 - 2012-11-13 14:55 - 00000000 ____D C:\ProgramData\Intel
2013-08-12 15:48 - 2012-11-13 14:39 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-08-12 15:41 - 2012-11-13 14:54 - 00000000 ____D C:\Program Files\Intel
2013-08-12 15:41 - 2012-11-13 14:52 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-08-12 15:41 - 2012-07-26 09:12 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-08-12 15:40 - 2013-03-31 13:17 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-12 15:40 - 2013-03-22 13:51 - 00000000 __RHD C:\MSOCache
2013-08-12 15:40 - 2012-11-13 14:56 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-08-12 15:40 - 2012-11-13 14:41 - 00000000 ____D C:\Program Files (x86)\Intel
2013-08-12 14:16 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\NDF
2013-08-11 20:10 - 2013-08-11 20:10 - 00010181 _____ C:\WirelessDiagLog.csv
2013-08-11 18:12 - 2012-11-13 14:45 - 00035532 _____ C:\Windows\DPINST.LOG
2013-08-11 17:48 - 2013-08-11 17:43 - 00000000 ____D C:\Windows\System32\MRT
2013-08-11 16:42 - 2013-08-11 16:42 - 00000000 ___RD C:\Users\Inga\Documents\Notes
2013-08-11 12:08 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\ELAM
2013-08-09 14:54 - 2013-06-22 09:58 - 00000000 ____D C:\Users\Inga\Documents\Bewerbungen
2013-08-09 02:01 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-05 16:59 - 2013-02-27 14:09 - 00000000 ____D C:\Users\Inga\Documents\Aktivitäten
2013-08-05 15:34 - 2013-02-20 20:59 - 00000000 ____D C:\Users\Inga\AppData\Local\Spotify
2013-07-27 13:04 - 2013-06-21 10:51 - 00000000 ____D C:\Users\Inga\Desktop\Abiturzeugnis
2013-07-26 13:35 - 2013-05-24 15:56 - 00000000 ____D C:\Users\Inga\AppData\Roaming\FileZilla
2013-07-26 13:03 - 2013-07-23 12:00 - 00000600 _____ C:\Users\Inga\AppData\Local\PUTTY.RND
2013-07-26 11:43 - 2013-07-25 11:18 - 07640984 _____ C:\Users\Inga\Desktop\joomla.zip
2013-07-26 11:41 - 2013-07-23 11:57 - 00000000 ____D C:\Users\Inga\Desktop\joomla
2013-07-26 06:13 - 2013-08-14 00:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-07-26 06:13 - 2013-08-14 00:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-07-26 06:13 - 2013-08-14 00:10 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-26 06:13 - 2013-08-14 00:10 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-26 06:13 - 2013-08-14 00:10 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-26 06:12 - 2013-08-14 00:10 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-26 06:12 - 2013-08-14 00:09 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-26 06:12 - 2013-08-14 00:09 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-26 04:35 - 2013-08-14 00:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-26 04:13 - 2013-08-14 00:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 04:13 - 2013-08-14 00:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 04:13 - 2013-08-14 00:10 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 04:12 - 2013-08-14 00:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 04:12 - 2013-08-14 00:10 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 04:12 - 2013-08-14 00:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 04:12 - 2013-08-14 00:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 04:11 - 2013-08-14 00:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:11 - 2013-08-14 00:10 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 03:49 - 2013-08-14 00:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 01:54 - 2013-08-14 00:11 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-25 11:28 - 2013-07-25 11:28 - 00029964 _____ C:\Users\Inga\Desktop\usersql_zedat_fu-berlin_de.zip
2013-07-23 12:00 - 2013-07-23 12:00 - 00000600 _____ C:\Users\Inga\AppData\Roaming\PUTTY.RND
2013-07-21 12:47 - 2013-07-21 12:47 - 00294144 _____ C:\Windows\Minidump\072113-32484-01.dmp
2013-07-21 12:47 - 2013-03-21 00:13 - 00000000 ____D C:\Windows\Minidump
2013-07-21 12:46 - 2013-03-21 00:13 - 644651553 _____ C:\Windows\MEMORY.DMP
2013-07-20 13:59 - 2013-07-20 13:07 - 00000000 ____D C:\Users\Inga\Desktop\dafe2
2013-07-20 13:47 - 2013-07-20 13:47 - 00111499 _____ C:\Users\Inga\Desktop\dafe2.zip
2013-07-20 13:46 - 2013-07-20 13:42 - 00000000 ____D C:\Users\Inga\Desktop\abvtemplate(2)
2013-07-20 13:05 - 2013-07-20 13:05 - 00030977 _____ C:\Users\Inga\Desktop\abvtemplate(2).zip
2013-07-20 11:44 - 2013-07-20 11:44 - 00084096 _____ C:\Users\Inga\Desktop\DAFE.zip
2013-07-20 11:42 - 2013-07-20 11:42 - 00000000 ____D C:\Users\Inga\Desktop\DAFE
2013-07-19 15:55 - 2013-07-19 15:55 - 00793536 _____ C:\Users\Inga\Downloads\ZipOpenerSetup.exe
2013-07-18 09:16 - 2013-02-22 11:15 - 00000000 ____D C:\Users\Inga\Documents\Maladie_Nerveuse
2013-07-18 02:05 - 2013-02-20 14:44 - 00000000 ____D C:\Users\Inga\AppData\Local\VirtualStore
2013-07-17 13:40 - 2013-07-17 13:40 - 00002205 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-07-17 13:40 - 2013-07-17 13:40 - 00002185 _____ C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-07-17 13:38 - 2013-07-17 13:38 - 00001394 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-07-17 13:38 - 2013-07-17 13:38 - 00000000 ____D C:\Users\Inga\AppData\Roaming\TuneUp Software
2013-07-17 13:38 - 2013-07-17 13:36 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-17 13:38 - 2013-06-24 13:20 - 00001235 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-17 13:36 - 2013-03-30 17:06 - 00000000 ____D C:\Users\Inga\AppData\Roaming\OpenCandy
2013-07-17 13:36 - 2013-03-15 18:47 - 00000000 ____D C:\Users\Inga\AppData\Roaming\DVDVideoSoft
2013-07-17 13:32 - 2013-07-17 13:32 - 25326392 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Inga\Downloads\FreeYouTubeToMP3Converter.exe
2013-07-17 10:45 - 2013-02-21 11:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-17 10:37 - 2013-02-21 12:40 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-15 15:00 - 2013-02-22 11:16 - 00000000 ____D C:\Users\Inga\Documents\Literaturwissenschaften
2013-07-15 12:36 - 2013-07-15 12:36 - 00013335 ____H C:\Users\Inga\Documents\~WRL1564.tmp

Files to move or delete:
====================
C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-07-17 10:34:33
Restore point made on: 2013-07-20 12:51:23
Restore point made on: 2013-07-24 11:49:05
Restore point made on: 2013-08-11 16:18:15
Restore point made on: 2013-08-11 20:39:37
Restore point made on: 2013-08-12 15:35:53

==================== Memory info =========================== 

Percentage of memory in use: 19%
Total physical RAM: 3968.39 MB
Available physical RAM: 3194.9 MB
Total Pagefile: 3968.39 MB
Available Pagefile: 3215.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.8 GB) (Free:335.76 GB) NTFS
Drive e: (Windows RE tools) (Fixed) (Total:1.44 GB) (Free:0.75 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive f: (Recovery) (Fixed) (Total:28.89 GB) (Free:4.27 GB) NTFS
Drive g: (Lexar) (Removable) (Total:3.73 GB) (Free:0.11 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.2 GB) (Free:0.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 1B49F7E6)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)


LastRegBack: 2013-08-12 12:46

==================== End Of Log ============================

Wie muss ich weiter vorgehen?

Danke im Voraus!

schrauber · 14.08.2013, 15:57

hi,

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\Inga\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe [52736 2013-08-14] (Valve Corporation) <===== ATTENTION
HKU\Inga\...\Winlogon: [Shell] cmd.exe [404992 2012-07-26] (Microsoft Corporation) <==== ATTENTION 
HKU\Inga\...\Command Processor: "C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe" <===== ATTENTION!
2013-08-14 00:30 - 2013-08-14 00:30 - 01084772 _____ C:\Users\Inga\AppData\Roaming\2433f433
2013-08-14 00:30 - 2013-08-14 00:30 - 01084763 _____ C:\Users\Inga\AppData\Local\2433f433
2013-08-14 00:30 - 2013-08-14 00:30 - 01084742 _____ C:\ProgramData\2433f433
C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

neu starten, freuen

LinusIda · 14.08.2013, 16:11

oha das ging ja schnell, vielen dank!

Fixlog:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-08-2013 01
Ran by SYSTEM at 2013-08-14 17:07:31 Run:1
Running from G:\
Boot Mode: Recovery
==============================================

HKU\Inga\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value deleted successfully.
HKU\Inga\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Inga\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
C:\Users\Inga\AppData\Roaming\2433f433 => Moved successfully.
C:\Users\Inga\AppData\Local\2433f433 => Moved successfully.
C:\ProgramData\2433f433 => Moved successfully.
C:\Users\Inga\AppData\Local\Temp\ahuospiitllowkrnf.exe => Moved successfully.

==== End of Fixlog ====

schrauber · 14.08.2013, 19:53

Kontrollscans im normalen Modus

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

LinusIda · 15.08.2013, 10:54

ich komme in keinen normalen modus! ich habe nen vaio und befinde mich da im rettungsmodus, wenn ich windows normal starten will, dann erscheint:

recovery:
The boot configuration data file doesn't contain valid information for an operating system.
File:\BCD Error code: 0xc0000098

schrauber · 15.08.2013, 14:38

Ging der Rechner nach dem ersten Fix wieder normal und jetzt wieder nicht oder ging er überhaupt nicht?

Poste mal ein frisches FRST log aus der Recovery.

LinusIda · 15.08.2013, 17:49

Leider überhaupt nicht!
Und jetzt komme ich nicht mal mehr zur eingabeaufforderung, da im vaiocare rettungsmodusmenü nicht mal mehr "system wiederherstellen oder instandhalten" funktioniert, wie kann ich da jetzt frst.exe laufen lassen?

schrauber · 15.08.2013, 20:07

Und wenn Du nicht in diesen Vaio Modus bootest?

LinusIda · 15.08.2013, 21:53

Nach dem anschalten kommt direkt die recovery meldung und dann ist die einzige möglichkeit diese vaio care rettungsseite.
Ich hab leider keine ahnung, wie man da wegkommt...

(Achso ich hab win8 falls das hilft)

schrauber · 15.08.2013, 22:12

Komisch dass du zu Beginn 1a nen FRST log posten kannst, jetzt wo die Malware gefixt ist ( und ich entferne die pro Woche 100mal, der Rechner muss normal booten) kommst du nichtmal mehr soweit um FRST scannen zu lassen?

Steckt zufällig noch en Stick oder ähnliches am laptop?

LinusIda · 15.08.2013, 22:18

sorry sorry, also ich hänge zwar immer noch im rettungsmodus aber ich komme wenigstens wieder zur eingabeaufforderung (ja ich hatte nen usbstick noch dran...)
kann dir gleich nen aktuellen frst log schicken!

schrauber · 15.08.2013, 22:20

ok

LinusIda · 15.08.2013, 22:25

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 01
Ran by SYSTEM on 15-08-2013 23:22:58
Running from E:\
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11582848 2012-09-30] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-18] (Apple Inc.)
HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-08] (Conduit)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Inga\...\Run: [Spotify Web Helper] - C:\Users\Inga\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-09] (Spotify Ltd)
HKU\Inga\...\Run: [Spotify] - C:\Users\Inga\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-09] (Spotify Ltd)
HKU\Inga\...\Run: [SearchProtect] - C:\Users\Inga\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-08] (Conduit)
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll  [2691536 2013-07-26] ()
Startup: C:\Users\Inga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)

==================== Services (Whitelisted) =================

S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2847696 2013-07-26] ()
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-08] (Conduit)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-25] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-25] (Intel Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [120592 2013-05-22] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-03-01] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-06-14] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1007288 2012-10-06] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
S2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2776256 2013-07-17] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
S2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-08-22] (Advanced Micro Devices, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132480 2012-10-01] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-03-15] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
S1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-06-14] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2012-12-26] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
S1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC)
S3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-14 11:18 - 2013-08-14 11:18 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-08-14 11:03 - 2013-08-14 11:03 - 00454064 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-14 00:43 - 2013-06-27 23:04 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-14 00:43 - 2013-06-27 23:04 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-14 00:11 - 2013-07-26 06:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-08-14 00:11 - 2013-07-26 06:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-08-14 00:11 - 2013-07-26 04:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-14 00:11 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 00:11 - 2013-07-26 04:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-14 00:11 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 00:11 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 00:11 - 2013-07-26 01:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-14 00:11 - 2013-07-09 07:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 00:11 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 00:11 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 00:10 - 2013-07-26 06:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-14 00:10 - 2013-07-26 06:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-14 00:10 - 2013-07-26 06:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-14 00:10 - 2013-07-26 06:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-14 00:10 - 2013-07-26 06:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-14 00:10 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 00:10 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 00:10 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 00:10 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 00:10 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 00:10 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 00:09 - 2013-07-26 06:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-14 00:09 - 2013-07-26 06:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 00:09 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 00:08 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 00:08 - 2013-07-13 07:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 00:08 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\apprepapi.dll
2013-08-14 00:08 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 00:08 - 2013-07-13 05:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 00:08 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-14 00:07 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 00:07 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\apprepsync.dll
2013-08-14 00:07 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-12 17:00 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-08-12 17:00 - 2013-06-01 12:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-08-12 17:00 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-12 17:00 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-08-12 17:00 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-08-12 17:00 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-08-12 17:00 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-08-12 17:00 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-08-12 17:00 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-08-12 17:00 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-08-12 17:00 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-08-12 17:00 - 2013-06-01 10:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-08-12 17:00 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-08-12 17:00 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-08-12 17:00 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\System32\mscms.dll
2013-08-12 17:00 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-08-12 17:00 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-08-12 17:00 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-08-12 17:00 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-08-12 17:00 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-08-12 16:59 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-08-12 16:59 - 2013-06-01 12:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-08-12 16:59 - 2013-06-01 12:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-08-12 16:59 - 2013-06-01 12:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-08-12 16:59 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-08-12 16:59 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-08-12 16:59 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-08-12 16:59 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\System32\MbaeParserTask.exe
2013-08-12 16:59 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSetupManager.dll
2013-08-12 16:59 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-08-12 16:59 - 2013-05-20 01:08 - 00386642 _____ C:\Windows\System32\ApnDatabase.xml
2013-08-12 16:55 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-08-12 16:55 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-08-12 16:55 - 2013-05-31 00:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-08-12 16:55 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-08-12 16:55 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-08-12 16:53 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-12 16:53 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-12 16:32 - 2013-08-12 16:32 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-08-11 20:10 - 2013-08-11 20:10 - 00010181 _____ C:\WirelessDiagLog.csv
2013-08-11 17:43 - 2013-08-11 17:48 - 00000000 ____D C:\Windows\System32\MRT
2013-08-11 16:42 - 2013-08-11 16:42 - 00000000 ___RD C:\Users\Inga\Documents\Notes
2013-07-25 11:28 - 2013-07-25 11:28 - 00029964 _____ C:\Users\Inga\Desktop\usersql_zedat_fu-berlin_de.zip
2013-07-25 11:18 - 2013-07-26 11:43 - 07640984 _____ C:\Users\Inga\Desktop\joomla.zip
2013-07-23 12:00 - 2013-07-26 13:03 - 00000600 _____ C:\Users\Inga\AppData\Local\PUTTY.RND
2013-07-23 12:00 - 2013-07-23 12:00 - 00000600 _____ C:\Users\Inga\AppData\Roaming\PUTTY.RND
2013-07-23 11:57 - 2013-07-26 11:41 - 00000000 ____D C:\Users\Inga\Desktop\joomla
2013-07-21 12:47 - 2013-07-21 12:47 - 00294144 _____ C:\Windows\Minidump\072113-32484-01.dmp
2013-07-20 13:47 - 2013-07-20 13:47 - 00111499 _____ C:\Users\Inga\Desktop\dafe2.zip
2013-07-20 13:42 - 2013-07-20 13:46 - 00000000 ____D C:\Users\Inga\Desktop\abvtemplate(2)
2013-07-20 13:07 - 2013-07-20 13:59 - 00000000 ____D C:\Users\Inga\Desktop\dafe2
2013-07-20 13:05 - 2013-07-20 13:05 - 00030977 _____ C:\Users\Inga\Desktop\abvtemplate(2).zip
2013-07-20 11:44 - 2013-07-20 11:44 - 00084096 _____ C:\Users\Inga\Desktop\DAFE.zip
2013-07-20 11:42 - 2013-07-20 11:42 - 00000000 ____D C:\Users\Inga\Desktop\DAFE
2013-07-19 15:55 - 2013-07-19 15:55 - 00793536 _____ C:\Users\Inga\Downloads\ZipOpenerSetup.exe
2013-07-17 13:40 - 2013-07-17 13:40 - 00002205 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-07-17 13:40 - 2013-07-17 13:40 - 00002185 _____ C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-07-17 13:40 - 2012-11-29 15:06 - 00034656 _____ (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-17 13:40 - 2012-11-29 15:06 - 00025952 _____ (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-17 13:40 - 2012-11-29 15:06 - 00021344 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-17 13:38 - 2013-07-17 13:38 - 00001394 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-07-17 13:38 - 2013-07-17 13:38 - 00000000 ____D C:\Users\Inga\AppData\Roaming\TuneUp Software
2013-07-17 13:37 - 2013-08-12 16:24 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-17 13:37 - 2013-08-12 15:48 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-17 13:36 - 2013-07-17 13:38 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-17 13:32 - 2013-07-17 13:32 - 25326392 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Inga\Downloads\FreeYouTubeToMP3Converter.exe

==================== One Month Modified Files and Folders =======

2013-08-14 16:25 - 2013-08-14 16:25 - 00000000 ____D C:\FRST
2013-08-14 11:20 - 2012-11-13 15:27 - 00000000 ____D C:\ProgramData\MOCP
2013-08-14 11:18 - 2013-08-14 11:18 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-08-14 11:18 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-14 11:04 - 2013-02-20 14:58 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-14 11:03 - 2013-08-14 11:03 - 00454064 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-14 11:02 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-08-14 11:01 - 2013-02-21 11:40 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-14 11:01 - 2012-11-13 15:02 - 01656283 _____ C:\Windows\WindowsUpdate.log
2013-08-14 11:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru
2013-08-14 00:46 - 2012-11-13 14:32 - 00753134 _____ C:\Windows\System32\perfh007.dat
2013-08-14 00:46 - 2012-11-13 14:32 - 00155826 _____ C:\Windows\System32\perfc007.dat
2013-08-14 00:46 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-14 00:42 - 2013-02-25 13:31 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-08-14 00:41 - 2013-03-31 13:17 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-08-14 00:41 - 2012-08-03 03:22 - 00069962 _____ C:\Windows\PFRO.log
2013-08-14 00:39 - 2012-07-26 08:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-14 00:39 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\oobe
2013-08-14 00:24 - 2013-02-20 14:58 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-12 16:41 - 2013-02-24 12:25 - 00000000 ___RD C:\Users\Inga\Dropbox
2013-08-12 16:41 - 2013-02-24 12:22 - 00000000 ____D C:\Users\Inga\AppData\Roaming\Dropbox
2013-08-12 16:34 - 2013-02-20 14:52 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-743125971-97489409-2549583187-1001
2013-08-12 16:33 - 2013-02-20 20:59 - 00000000 ____D C:\Users\Inga\AppData\Roaming\Spotify
2013-08-12 16:32 - 2013-08-12 16:32 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-08-12 16:32 - 2013-02-25 13:31 - 00000000 __RSD C:\Users\Inga\Documents\McAfee-Tresore
2013-08-12 16:27 - 2013-02-20 14:44 - 00000000 ____D C:\users\Inga
2013-08-12 16:24 - 2013-07-17 13:37 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-08-12 16:23 - 2012-07-26 09:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-12 16:23 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\Dism
2013-08-12 16:23 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing
2013-08-12 16:20 - 2013-06-16 11:05 - 00000000 ____D C:\Users\Inga\AppData\Roaming\File Scout
2013-08-12 16:20 - 2013-03-31 13:17 - 00000000 ____D C:\Users\Inga\AppData\Roaming\Delta
2013-08-12 16:12 - 2012-11-13 15:27 - 00000000 ____D C:\Program Files\McAfeeEx
2013-08-12 16:11 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-12 15:57 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration
2013-08-12 15:54 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-08-12 15:51 - 2013-05-07 10:42 - 00000000 ____D C:\Users\Inga\Desktop\ressources_humaines
2013-08-12 15:50 - 2013-03-31 13:17 - 00000000 ____D C:\Users\Inga\AppData\Roaming\BabSolution
2013-08-12 15:48 - 2013-07-17 13:37 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-08-12 15:48 - 2012-11-13 14:55 - 00000000 ____D C:\ProgramData\Intel
2013-08-12 15:48 - 2012-11-13 14:39 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-08-12 15:41 - 2012-11-13 14:54 - 00000000 ____D C:\Program Files\Intel
2013-08-12 15:41 - 2012-11-13 14:52 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-08-12 15:41 - 2012-07-26 09:12 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-08-12 15:40 - 2013-03-31 13:17 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-12 15:40 - 2013-03-22 13:51 - 00000000 __RHD C:\MSOCache
2013-08-12 15:40 - 2012-11-13 14:56 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-08-12 15:40 - 2012-11-13 14:41 - 00000000 ____D C:\Program Files (x86)\Intel
2013-08-12 14:16 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\NDF
2013-08-11 20:10 - 2013-08-11 20:10 - 00010181 _____ C:\WirelessDiagLog.csv
2013-08-11 18:12 - 2012-11-13 14:45 - 00035532 _____ C:\Windows\DPINST.LOG
2013-08-11 17:48 - 2013-08-11 17:43 - 00000000 ____D C:\Windows\System32\MRT
2013-08-11 16:42 - 2013-08-11 16:42 - 00000000 ___RD C:\Users\Inga\Documents\Notes
2013-08-11 12:08 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\ELAM
2013-08-09 14:54 - 2013-06-22 09:58 - 00000000 ____D C:\Users\Inga\Documents\Bewerbungen
2013-08-09 02:01 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-05 16:59 - 2013-02-27 14:09 - 00000000 ____D C:\Users\Inga\Documents\Aktivitäten
2013-08-05 15:34 - 2013-02-20 20:59 - 00000000 ____D C:\Users\Inga\AppData\Local\Spotify
2013-07-27 13:04 - 2013-06-21 10:51 - 00000000 ____D C:\Users\Inga\Desktop\Abiturzeugnis
2013-07-26 13:35 - 2013-05-24 15:56 - 00000000 ____D C:\Users\Inga\AppData\Roaming\FileZilla
2013-07-26 13:03 - 2013-07-23 12:00 - 00000600 _____ C:\Users\Inga\AppData\Local\PUTTY.RND
2013-07-26 11:43 - 2013-07-25 11:18 - 07640984 _____ C:\Users\Inga\Desktop\joomla.zip
2013-07-26 11:41 - 2013-07-23 11:57 - 00000000 ____D C:\Users\Inga\Desktop\joomla
2013-07-26 06:13 - 2013-08-14 00:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-07-26 06:13 - 2013-08-14 00:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-07-26 06:13 - 2013-08-14 00:10 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-26 06:13 - 2013-08-14 00:10 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-26 06:13 - 2013-08-14 00:10 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-26 06:12 - 2013-08-14 00:10 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-26 06:12 - 2013-08-14 00:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-26 06:12 - 2013-08-14 00:09 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-26 06:12 - 2013-08-14 00:09 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-26 04:35 - 2013-08-14 00:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-26 04:13 - 2013-08-14 00:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 04:13 - 2013-08-14 00:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 04:13 - 2013-08-14 00:10 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 04:12 - 2013-08-14 00:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 04:12 - 2013-08-14 00:10 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 04:12 - 2013-08-14 00:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 04:12 - 2013-08-14 00:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 04:12 - 2013-08-14 00:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 04:11 - 2013-08-14 00:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:11 - 2013-08-14 00:10 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 03:49 - 2013-08-14 00:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 01:54 - 2013-08-14 00:11 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-25 11:28 - 2013-07-25 11:28 - 00029964 _____ C:\Users\Inga\Desktop\usersql_zedat_fu-berlin_de.zip
2013-07-23 12:00 - 2013-07-23 12:00 - 00000600 _____ C:\Users\Inga\AppData\Roaming\PUTTY.RND
2013-07-21 12:47 - 2013-07-21 12:47 - 00294144 _____ C:\Windows\Minidump\072113-32484-01.dmp
2013-07-21 12:47 - 2013-03-21 00:13 - 00000000 ____D C:\Windows\Minidump
2013-07-21 12:46 - 2013-03-21 00:13 - 644651553 _____ C:\Windows\MEMORY.DMP
2013-07-20 13:59 - 2013-07-20 13:07 - 00000000 ____D C:\Users\Inga\Desktop\dafe2
2013-07-20 13:47 - 2013-07-20 13:47 - 00111499 _____ C:\Users\Inga\Desktop\dafe2.zip
2013-07-20 13:46 - 2013-07-20 13:42 - 00000000 ____D C:\Users\Inga\Desktop\abvtemplate(2)
2013-07-20 13:05 - 2013-07-20 13:05 - 00030977 _____ C:\Users\Inga\Desktop\abvtemplate(2).zip
2013-07-20 11:44 - 2013-07-20 11:44 - 00084096 _____ C:\Users\Inga\Desktop\DAFE.zip
2013-07-20 11:42 - 2013-07-20 11:42 - 00000000 ____D C:\Users\Inga\Desktop\DAFE
2013-07-19 15:55 - 2013-07-19 15:55 - 00793536 _____ C:\Users\Inga\Downloads\ZipOpenerSetup.exe
2013-07-18 09:16 - 2013-02-22 11:15 - 00000000 ____D C:\Users\Inga\Documents\Maladie_Nerveuse
2013-07-18 02:05 - 2013-02-20 14:44 - 00000000 ____D C:\Users\Inga\AppData\Local\VirtualStore
2013-07-17 13:40 - 2013-07-17 13:40 - 00002205 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-07-17 13:40 - 2013-07-17 13:40 - 00002185 _____ C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-07-17 13:38 - 2013-07-17 13:38 - 00001394 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-07-17 13:38 - 2013-07-17 13:38 - 00000000 ____D C:\Users\Inga\AppData\Roaming\TuneUp Software
2013-07-17 13:38 - 2013-07-17 13:36 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-17 13:38 - 2013-06-24 13:20 - 00001235 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-07-17 13:37 - 2013-07-17 13:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-17 13:36 - 2013-03-30 17:06 - 00000000 ____D C:\Users\Inga\AppData\Roaming\OpenCandy
2013-07-17 13:36 - 2013-03-15 18:47 - 00000000 ____D C:\Users\Inga\AppData\Roaming\DVDVideoSoft
2013-07-17 13:32 - 2013-07-17 13:32 - 25326392 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Inga\Downloads\FreeYouTubeToMP3Converter.exe
2013-07-17 10:45 - 2013-02-21 11:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-17 10:37 - 2013-02-21 12:40 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-07-17 10:34:33
Restore point made on: 2013-07-20 12:51:23
Restore point made on: 2013-07-24 11:49:05
Restore point made on: 2013-08-11 16:18:15
Restore point made on: 2013-08-11 20:39:37
Restore point made on: 2013-08-12 15:35:53

==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 3968.39 MB
Available physical RAM: 3264.91 MB
Total Pagefile: 3968.39 MB
Available Pagefile: 3281.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.8 GB) (Free:335.75 GB) NTFS
Drive e: (Lexar) (Removable) (Total:3.73 GB) (Free:0.11 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 1B49F7E6)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)


LastRegBack: 2013-08-12 12:46

==================== End Of Log ============================

--- --- ---

schrauber · 15.08.2013, 22:28

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll  [2691536 2013-07-26] ()

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Nach dem Fix alle externen Sachen raus und normal booten, das muss gehen, das muss schon seit dem ersten Fix gehen.

LinusIda · 15.08.2013, 22:38

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-08-2013 01
Ran by SYSTEM at 2013-08-15 23:34:16 Run:2
Running from E:\
Boot Mode: Recovery
==============================================

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.

==== End of Fixlog ====

Aber leider startet schon wieder nur die Recovery-Seite mit der ansage the boot configuration data file doesn't contain valid information ...

15.08.2013, 14:38	#6
schrauber /// the machine /// TB-Ausbilder	gvu trojaner windows 8 Ging der Rechner nach dem ersten Fix wieder normal und jetzt wieder nicht oder ging er überhaupt nicht? Poste mal ein frisches FRST log aus der Recovery. __________________ --> gvu trojaner windows 8

15.08.2013, 20:07	#8
schrauber /// the machine /// TB-Ausbilder	gvu trojaner windows 8 Und wenn Du nicht in diesen Vaio Modus bootest? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

15.08.2013, 22:20	#12
schrauber /// the machine /// TB-Ausbilder	gvu trojaner windows 8 ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

gvu trojaner windows 8

Log-Analyse und Auswertung: gvu trojaner windows 8