Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
GMX Account gehackt

GMX Account gehackt


Log-Analyse und Auswertung: GMX Account gehackt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.11.2013, 23:08   #1
divemann68
 
GMX Account gehackt - Standard

GMX Account gehackt


Hallo zusammen,

ich habe am Samstag mehrer mailer daemon Nachrichten in meinem Postfach gefunden.

Ich habe sofort die GMX Hotline kontaktiert dort wurde mir gesagt, dass jemand mein Account gehackt hat. Auf anraten der Hotline habe ich sofort mein Kennwort geändert. am Sonntag wurde noch 3 mal versucht sich zugang zu verschaffen, ohne Erfolg. Ich benutze G data Total Protection 2014 mit dem ich sofort den Rechner Überprüft habe. Laut G data kein Problem festzustellen. Ich habe keine Ahnung wie sich jemand meine Login Daten von GMX beschaft hat.
Bitte um Hilfe
Vielen Dank

Divemann68

Alt 19.11.2013, 00:11   #2
aharonov
/// TB-Ausbilder
 
GMX Account gehackt - Standard

GMX Account gehackt


Hallo,

war das Passwort schwach? Kann auch durch Bruteforce- oder eine Wörterbuchattacke geknackt worden sein.
Schauen wir mal:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 19.11.2013, 00:34   #3
divemann68
 
GMX Account gehackt - Standard

GMX Account gehackt


Hallo und Danke für die Antwort.

Nein das Kennwort bestand aus 5 Buchstaben Groß und Klein und 8 Zahlen.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Lappi (administrator) on LAPPI-PC on 19-11-2013 00:21:03
Running from C:\Users\Lappi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) D:\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
() D:\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Adobe Sytems Incorporated) D:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
() C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe
() C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(G Data Software) C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\Integrator.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TUDefragBackend64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EeeStorageBackup] - C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-12] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [Adobe Reader Synchronizer] - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [694152 2013-09-05] (Adobe Systems Incorporated)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
MountPoints2: {5413034b-d630-11de-9a4b-806e6f6e6963} - E:\zdata\cobi.exe
MountPoints2: {5b1daece-2cc8-11e3-96b7-e0cb4e087490} - F:\LG_PC_Programs.exe
MountPoints2: {8a1d1aae-b825-11e2-9d37-e0cb4e087490} - F:\Startme.exe
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - D:\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SmartMon] - C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe [73806 2006-04-28] ()
HKLM-x32\...\Run: [BePCSC] - C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe [45129 2006-04-28] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
AppInit_DLLs: C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=66fd3dfa-8934-4ff8-90a2-cb5341a7634f&searchtype=ds&q={searchTerms}&installDate=09/05/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=66fd3dfa-8934-4ff8-90a2-cb5341a7634f&searchtype=ds&q={searchTerms}&installDate=09/05/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=66fd3dfa-8934-4ff8-90a2-cb5341a7634f&searchtype=ds&q={searchTerms}&installDate=09/05/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=66fd3dfa-8934-4ff8-90a2-cb5341a7634f&searchtype=ds&q={searchTerms}&installDate=09/05/2013
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\rjbtxsf1.default
FF user.js: detected! => C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\rjbtxsf1.default\user.js
FF NewTab: about:blank
FF Homepage: www.google.de
FF Keyword.URL: hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=66fd3dfa-8934-4ff8-90a2-cb5341a7634f&searchtype=ds&installDate=09/05/2013&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\rjbtxsf1.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: jid0-fYBxovYoN2ub8ikjBeKqMuW8igs - C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\rjbtxsf1.default\Extensions\jid0-fYBxovYoN2ub8ikjBeKqMuW8igs@jetpack.xpi
FF Extension: prefs - C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\rjbtxsf1.default\Extensions\{de9644c0-a985-11e1-afa6-0800200c9a66}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-26] (Adobe Systems)
R2 Adobe Version Cue CS2; D:\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe [2562208 2013-10-15] (G Data Software AG)
S2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 OberonGameConsoleService; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [257512 2013-02-25] (G Data Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-10-11] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-28] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [79704 2013-10-23] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [59736 2013-10-23] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-09-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-10-23] (G Data Software AG)
S1 GLogin; No ImagePath
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-11-05] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-28] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2013-10-23] (G Data Software)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2013-03-26] (TuneUp Software)
S3 PciDumpr; \??\C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [x]
U2 SCardDrv; 
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-19 00:21 - 2013-11-19 00:22 - 00023112 _____ C:\Users\Lappi\Downloads\FRST.txt
2013-11-19 00:20 - 2013-11-19 00:20 - 00000000 ____D C:\FRST
2013-11-19 00:18 - 2013-11-19 00:18 - 01957964 _____ (Farbar) C:\Users\Lappi\Downloads\FRST64.exe
2013-11-18 23:49 - 2013-11-18 23:49 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-11-18 23:49 - 2013-11-18 23:49 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-11-18 23:31 - 2013-10-11 22:01 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-11-18 23:31 - 2013-10-11 22:01 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-11-18 23:31 - 2013-10-11 22:01 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-11-18 23:30 - 2013-11-18 23:30 - 00002207 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-11-18 23:30 - 2013-11-18 23:30 - 00002187 _____ C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-11-18 23:30 - 2013-11-18 23:30 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\TuneUp Software
2013-11-18 23:30 - 2013-11-18 23:30 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-11-18 23:24 - 2013-11-18 23:49 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-11-18 23:24 - 2013-11-18 23:30 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-11-17 16:27 - 2013-11-17 16:27 - 00068980 _____ C:\Users\Lappi\Desktop\Extras.Txt
2013-11-17 16:21 - 2013-11-17 16:21 - 00110526 _____ C:\Users\Lappi\Desktop\OTL.Txt
2013-11-17 14:53 - 2013-11-17 16:27 - 00068980 _____ C:\Users\Lappi\Downloads\Extras.Txt
2013-11-17 13:14 - 2013-11-17 13:14 - 00001055 _____ C:\Users\Lappi\Desktop\OTL.exe - Verknüpfung.lnk
2013-11-17 12:40 - 2013-11-17 14:50 - 00112238 _____ C:\Users\Lappi\Downloads\OTL.Txt
2013-11-17 10:57 - 2013-11-17 10:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lappi\Downloads\OTL.exe
2013-11-15 13:37 - 2013-11-15 13:37 - 00001107 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-15 13:37 - 2013-11-15 13:37 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\Malwarebytes
2013-11-15 13:37 - 2013-11-15 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-15 13:37 - 2013-11-15 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-15 13:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-15 13:35 - 2013-11-15 13:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lappi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-15 13:32 - 2013-11-15 13:32 - 02209056 _____ C:\Users\Lappi\Downloads\avira-eu-cleaner_de.exe
2013-11-15 13:32 - 2013-11-15 13:32 - 00001985 _____ C:\Users\Lappi\Desktop\Entfernen des Avira EU-Cleaners.lnk
2013-11-15 13:32 - 2013-11-15 13:32 - 00001929 _____ C:\Users\Lappi\Desktop\Avira EU-Cleaner.lnk
2013-11-15 13:29 - 2013-11-17 10:52 - 00003148 _____ C:\Users\Lappi\Desktop\Rkill.txt
2013-11-13 09:14 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 09:14 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 09:14 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 09:14 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 09:14 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 09:14 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 09:14 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 09:14 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 09:14 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 09:14 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 09:14 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 09:14 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 08:39 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 08:39 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 08:39 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 08:39 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 08:39 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 08:39 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 08:39 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 08:39 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 08:39 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 08:39 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 08:39 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 08:39 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 08:39 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 08:39 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 08:39 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 08:39 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 08:39 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 08:39 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 08:39 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 08:39 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 08:39 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 08:39 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 08:39 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 08:39 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 08:39 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 08:39 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 08:39 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 08:39 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 08:39 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 08:39 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-09 11:37 - 2013-11-09 11:39 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\vlc
2013-11-09 11:37 - 2013-11-09 11:37 - 00000873 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-09 10:10 - 2013-08-21 05:31 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-09 10:10 - 2013-08-21 05:31 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-09 10:07 - 2013-11-09 10:07 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-03 10:00 - 2013-11-03 10:00 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\Program Files\iTunes
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\Program Files\iPod
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-21 08:39 - 2013-10-21 08:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 08:39 - 2013-10-21 08:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 08:39 - 2013-10-21 08:39 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 08:39 - 2013-10-21 08:39 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 08:38 - 2013-10-21 08:38 - 00000000 ____D C:\ProgramData\Oracle

==================== One Month Modified Files and Folders =======

2013-11-19 00:22 - 2013-11-19 00:21 - 00023112 _____ C:\Users\Lappi\Downloads\FRST.txt
2013-11-19 00:20 - 2013-11-19 00:20 - 00000000 ____D C:\FRST
2013-11-19 00:18 - 2013-11-19 00:18 - 01957964 _____ (Farbar) C:\Users\Lappi\Downloads\FRST64.exe
2013-11-19 00:02 - 2013-06-03 21:45 - 01693478 _____ C:\Windows\WindowsUpdate.log
2013-11-18 23:49 - 2013-11-18 23:49 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-11-18 23:49 - 2013-11-18 23:49 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-11-18 23:49 - 2013-11-18 23:24 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-11-18 23:49 - 2013-05-23 00:48 - 00000000 __HDC C:\ProgramData\{87B61FE8-334F-4066-B7AA-68DC81782D4D}
2013-11-18 23:49 - 2013-04-28 21:31 - 00000000 ____D C:\Users\Lappi\AppData\Local\Microsoft Help
2013-11-18 23:49 - 2013-01-14 20:22 - 00000000 ____D C:\Users\Lappi\AppData\Local\Downloaded Installations
2013-11-18 23:30 - 2013-11-18 23:30 - 00002207 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-11-18 23:30 - 2013-11-18 23:30 - 00002187 _____ C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-11-18 23:30 - 2013-11-18 23:30 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\TuneUp Software
2013-11-18 23:30 - 2013-11-18 23:30 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-11-18 23:30 - 2013-11-18 23:24 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-11-18 22:14 - 2009-07-14 05:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-18 22:14 - 2009-07-14 05:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-18 22:06 - 2013-06-03 21:40 - 00047704 _____ C:\Windows\setupact.log
2013-11-18 22:05 - 2013-05-07 23:04 - 00003170 _____ C:\Windows\System32\Tasks\P4GIntlCtrl
2013-11-18 22:05 - 2013-01-15 00:56 - 00003106 _____ C:\Windows\System32\Tasks\P4G Sidebar
2013-11-18 22:04 - 2009-11-21 01:07 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-18 22:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-17 16:57 - 2013-01-22 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 16:27 - 2013-11-17 16:27 - 00068980 _____ C:\Users\Lappi\Desktop\Extras.Txt
2013-11-17 16:27 - 2013-11-17 14:53 - 00068980 _____ C:\Users\Lappi\Downloads\Extras.Txt
2013-11-17 16:21 - 2013-11-17 16:21 - 00110526 _____ C:\Users\Lappi\Desktop\OTL.Txt
2013-11-17 14:50 - 2013-11-17 12:40 - 00112238 _____ C:\Users\Lappi\Downloads\OTL.Txt
2013-11-17 13:14 - 2013-11-17 13:14 - 00001055 _____ C:\Users\Lappi\Desktop\OTL.exe - Verknüpfung.lnk
2013-11-17 12:11 - 2013-06-03 21:41 - 00122096 _____ C:\Users\Lappi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-17 12:09 - 2013-06-16 16:48 - 00009708 _____ C:\Windows\PFRO.log
2013-11-17 12:09 - 2013-06-03 21:39 - 00451488 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-17 10:57 - 2013-11-17 10:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lappi\Downloads\OTL.exe
2013-11-17 10:52 - 2013-11-15 13:29 - 00003148 _____ C:\Users\Lappi\Desktop\Rkill.txt
2013-11-17 10:41 - 2009-11-21 00:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-17 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-17 10:39 - 2013-01-13 23:01 - 00000000 ___RD C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 10:39 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2013-11-17 10:37 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2013-11-15 17:27 - 2009-11-21 00:37 - 00002071 _____ C:\Windows\system32\ServiceFilter.ini
2013-11-15 13:37 - 2013-11-15 13:37 - 00001107 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-15 13:37 - 2013-11-15 13:37 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\Malwarebytes
2013-11-15 13:37 - 2013-11-15 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-15 13:37 - 2013-11-15 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-15 13:35 - 2013-11-15 13:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lappi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-15 13:32 - 2013-11-15 13:32 - 02209056 _____ C:\Users\Lappi\Downloads\avira-eu-cleaner_de.exe
2013-11-15 13:32 - 2013-11-15 13:32 - 00001985 _____ C:\Users\Lappi\Desktop\Entfernen des Avira EU-Cleaners.lnk
2013-11-15 13:32 - 2013-11-15 13:32 - 00001929 _____ C:\Users\Lappi\Desktop\Avira EU-Cleaner.lnk
2013-11-15 13:23 - 2013-01-22 00:32 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2013-11-15 13:23 - 2013-01-13 23:01 - 00000000 ____D C:\Users\Lappi
2013-11-15 13:11 - 2013-05-18 15:38 - 00000000 ____D C:\Users\Lappi\Documents\Outlook-Dateien
2013-11-14 00:41 - 2013-09-20 21:53 - 00000000 ____D C:\Users\Lappi\Desktop\debitelzahlen
2013-11-13 09:13 - 2013-07-27 08:02 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 09:10 - 2013-01-14 01:29 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 23:59 - 2013-01-18 00:37 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-11-09 11:39 - 2013-11-09 11:37 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\vlc
2013-11-09 11:37 - 2013-11-09 11:37 - 00000873 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-09 11:35 - 2013-09-06 19:01 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\MediaMonkey
2013-11-09 10:11 - 2013-06-19 09:56 - 00002000 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-11-09 10:07 - 2013-11-09 10:07 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-06 01:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-05 20:55 - 2013-01-16 09:40 - 00019016 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-11-05 20:55 - 2013-01-14 20:52 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-03 10:05 - 2009-08-04 10:51 - 00700638 _____ C:\Windows\system32\perfh007.dat
2013-11-03 10:05 - 2009-08-04 10:51 - 00149402 _____ C:\Windows\system32\perfc007.dat
2013-11-03 10:05 - 2009-07-14 06:13 - 01622140 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-03 10:00 - 2013-11-03 10:00 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\Program Files\iTunes
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\Program Files\iPod
2013-11-03 10:00 - 2013-11-03 10:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-25 17:26 - 2013-08-15 09:08 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-25 17:26 - 2013-02-09 19:25 - 00000000 ____D C:\Users\Lappi\AppData\Roaming\DVDVideoSoft
2013-10-23 07:33 - 2013-05-07 23:01 - 00079704 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd64.sys
2013-10-23 07:33 - 2013-05-07 23:01 - 00059736 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv64.sys
2013-10-23 07:33 - 2013-01-14 20:37 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-10-23 07:33 - 2013-01-14 20:36 - 00064856 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2013-10-21 08:39 - 2013-10-21 08:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 08:39 - 2013-10-21 08:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 08:39 - 2013-10-21 08:39 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 08:39 - 2013-10-21 08:39 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 08:38 - 2013-10-21 08:38 - 00000000 ____D C:\ProgramData\Oracle

Files to move or delete:
====================
C:\Users\Lappi\MicrosoftFixit.wu.LB.3728365031049149.1.1.Run.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 23:03

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Lappi at 2013-11-19 00:23:02
Running from C:\Users\Lappi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data TotalProtection 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data TotalProtection 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (x32 Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (x32 Version: 7.1.0)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.002)
Adobe Creative Suite 2 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Help Center 1.0 (x32 Version: 001.000.0002)
Adobe Illustrator CS2 (x32 Version: 12.000.000)
Adobe InCopy CS2 (x32 Version: 004.000.000)
Adobe InDesign CS2 (x32 Version: 004.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version:  3.0)
Adobe Version Cue CS2 (x32 Version: 2.0)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.25001)
Alice Greenfingers (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ASUS AI Recovery (x32 Version: 1.0.6)
ASUS AP Bank (x32 Version: 1.0.0.0)
ASUS Data Security Manager (x32 Version: 1.00.0013)
ASUS FancyStart (x32 Version: 1.0.6)
ASUS LifeFrame3 (x32 Version: 3.0.20)
ASUS Live Update (x32 Version: 2.5.9)
ASUS MultiFrame (x32 Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.22)
ASUS SmartLogon (x32 Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0028)
ASUS Virtual Camera (x32 Version: 1.0.19)
Asus WebStorage (Version: 2.0.31.477)
ASUS_Screensaver (x32)
ATK Generic Function Service (x32 Version: 1.00.0008)
ATK Hotkey (x32 Version: 1.0.0052)
ATK Media (x32 Version: 2.0.0006)
ATKOSD2 (x32 Version: 7.0.0006)
Bonjour (Version: 3.0.0.10)
Canon Easy-PhotoPrint EX (x32)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scanner Selector EX (x32)
Canon IJ Network Tool (x32)
Canon Kurzwahlprogramm (x32)
Canon MP Navigator EX 5.1 (x32)
Canon MX430 series Benutzerregistrierung (x32)
Canon MX430 series MP Drivers
Canon MX430 series On-screen Manual (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
CCleaner (Version: 4.00)
Chicken Invaders 2 (x32)
ControlDeck (x32 Version: 1.0.4)
CyberLink LabelPrint (x32 Version: 2.5.1720)
CyberLink Power2Go (x32 Version: 6.1.2713)
Dream Day Wedding Married in Manhattan (x32)
dreamboxEDIT -- The one and only settings editor for your Dreambox (x32)
eReg (x32 Version: 1.20.138.34)
ETDWare PS/2-x64 7.0.5.9_WHQL
Fast Boot (Version: 1.0.4)
Free Audio CD to MP3 Converter version 1.3.12.1228 (x32 Version: 1.3.12.1228)
Free Studio version 2013 (x32 Version: 6.1.13.1022)
Free YouTube Download version 3.2.0.128 (x32 Version: 3.2.0.128)
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925)
FreePDF (Remove only) (x32)
G Data TotalProtection 2014 (x32 Version: 24.0.3.4)
Game Park Console (x32 Version: 5.2.1.4)
GPL Ghostscript (Version: 9.04)
Harmony Browser Plug-in (x32 Version: 2.0)
iCloud (Version: 3.0.2.163)
Image Data Converter (x32 Version: 4.2.02.10112)
Island Wars 2 (x32)
iTunes (Version: 11.1.2.32)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
Logitech SetPoint 6.52 (Version: 6.52.74)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Maxthon 3 (x32 Version: )
MediaMonkey 4.0 (x32 Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
MyPhoneExplorer (x32 Version: 1.8.4)
Netzmanager (Version: 1.071)
Netzmanager (x32 Version: 1.071)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA Drivers (Version: 1.9)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 7.2.17 (Version: 7.2.17)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1)
Piggly (x32)
PlayMemories Home (x32 Version: 7.0.03.04240)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
RedMon - Redirection Port Monitor
Remote Control USB Driver (x32 Version: 2.3.2.317)
Samsung Kies (x32 Version: 2.5.2.13021_10)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0)
SHIELD Streaming (Version: 1.05.19)
SmartCard Reader Driver Installation (x32 Version: 1.2.3)
Smileyville (x32)
Sony Image Data Suite (x32 Version: 3.2.00.15160)
SRS Premium Sound Control Panel (Version: 1.8.1200)
StarMoney (x32 Version: 3.0.5.8)
StarMoney 8.0  (x32 Version: 8.0)
Suite Specific (x32 Version: 2.0.0)
Treiber-Studio 2013 (Version: 8.1.430)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.154)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.154)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
USB 2.0 1.3M UVC WebCam
VLC media player 2.0.8 (Version: 2.0.8)
WinFlash (x32 Version: 2.29.0)
Wireless Console 3 (x32 Version: 3.0.14)
WISO Steuer-Sparbuch 2013 (x32 Version: 20.00.8137)
XING Connector 1.2 (Version: 1.2)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01327153-FDEC-4D97-8554-712499C31969} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {2EE22968-DAB5-41B0-8901-2035142E57DC} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {33B6B4C5-37B0-44DB-9DB1-B1B3F4878512} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: <Company name>)
Task: {453BD732-105F-48EE-98D0-4E87B27FBA28} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {4AB4AAF9-1C65-4861-8BA2-9184573F92A4} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon3\Bin\MxUp.exe [2013-03-28] (Maxthon International ltd.)
Task: {6D6ED1C0-2F8E-4722-87CF-5CC0A714C728} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {76BA284C-24C9-4860-B039-CCC6ECC845FC} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {AD863AB9-4524-4CEA-B8CC-9C8832E07F1F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {B598E683-E890-4FAB-B2CC-8AB117971A73} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {D3A090C5-3C1A-4810-A4B5-EE7048956A69} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {DD823B93-B25A-4406-861D-184DC6CA5EA1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {EAD0D98E-09F8-4713-89F9-ADAF72BE7ACB} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {F6FE2CB4-E3DA-4ABD-BFB0-9BFB99F81537} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-08-29] (ATK)
Task: {F7EAE9DF-B0A2-438F-B99F-D47566B90FE6} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] ()

==================== Loaded Modules (whitelisted) =============

2009-08-29 00:00 - 2009-08-29 00:00 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-08-28 20:43 - 2009-08-28 20:43 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2009-11-21 01:00 - 2007-03-10 03:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 00140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll
2009-11-21 00:44 - 2009-11-21 00:44 - 00029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
2009-11-21 00:44 - 2009-11-21 00:44 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 00095504 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSWorker.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 00083216 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSBroker.dll
2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () D:\Adobe\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () D:\Adobe\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () D:\Adobe\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () D:\Adobe\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () D:\Adobe\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () D:\Adobe\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () D:\Adobe\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () D:\Adobe\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-01-26 21:17 - 2006-01-12 21:20 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.deu
2013-01-26 21:17 - 2006-01-12 21:13 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
2008-08-28 01:32 - 2008-08-28 01:32 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 18:55 - 2008-06-09 18:55 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-02-17 16:06 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2013-01-22 00:44 - 2013-11-17 16:57 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2013-03-26 17:52 - 2013-03-26 17:52 - 13416256 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:15024E60

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Atheros AR9285 Wireless Network Adapter
Description: Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2013 11:30:23 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = TuneUp Utilities 2013 wird installiert; Fehler = 0x80070422).

Error: (11/18/2013 11:30:23 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = TuneUp Utilities 2013 wird installiert; Fehler = 0x80070422).

Error: (11/18/2013 10:15:42 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveUpdt.exe, Version: 2.0.0.0, Zeitstempel: 0x4a6d7c8e
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0xf60
Startzeit der fehlerhaften Anwendung: 0xLiveUpdt.exe0
Pfad der fehlerhaften Anwendung: LiveUpdt.exe1
Pfad des fehlerhaften Moduls: LiveUpdt.exe2
Berichtskennung: LiveUpdt.exe3

Error: (11/18/2013 10:06:11 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (11/18/2013 10:06:10 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (11/18/2013 10:06:06 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 107.2.168.192.in-addr.arpa. PTR Lappi-PC.local.

Error: (11/18/2013 10:06:06 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.107:5353   18 107.2.168.192.in-addr.arpa. PTR Lappi-PC-2.local.

Error: (11/18/2013 10:05:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/18/2013 10:05:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 00:10:53 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]


System errors:
=============
Error: (11/18/2013 10:06:39 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (11/18/2013 10:05:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "G Data Backup Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/18/2013 10:05:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Backup Service erreicht.

Error: (11/17/2013 05:21:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (11/17/2013 00:11:53 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (11/17/2013 00:08:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (11/17/2013 10:26:02 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (11/15/2013 11:32:37 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (11/15/2013 08:25:53 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/15/2013 05:27:43 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin


=========================
Error: (11/18/2013 11:30:23 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VTuneUp Utilities 2013 wird installiert0x80070422

Error: (11/18/2013 11:30:23 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VTuneUp Utilities 2013 wird installiert0x80070422

Error: (11/18/2013 10:15:42 PM) (Source: Application Error)(User: )
Description: LiveUpdt.exe2.0.0.04a6d7c8entdll.dll6.1.7601.18247521ea8e7c00000050002e3bef6001cee4a34b4aab70C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exeC:\Windows\SysWOW64\ntdll.dll940e04b0-5096-11e3-a910-e0cb4e087490

Error: (11/18/2013 10:06:11 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (11/18/2013 10:06:10 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (11/18/2013 10:06:06 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 107.2.168.192.in-addr.arpa. PTR Lappi-PC.local.

Error: (11/18/2013 10:06:06 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.107:5353   18 107.2.168.192.in-addr.arpa. PTR Lappi-PC-2.local.

Error: (11/18/2013 10:05:07 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\P4G\MFC80U.DLL

Error: (11/18/2013 10:05:07 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\P4G\MFC80U.DLL

Error: (11/17/2013 00:10:53 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]


CodeIntegrity Errors:
===================================
  Date: 2013-10-05 23:05:37.371
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 23:04:31.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 22:57:26.520
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 22:56:10.790
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 22:00:57.663
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 21:52:35.389
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 21:49:29.180
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 21:37:23.437
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-05 21:35:48.846
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvapo64v.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 67%
Total physical RAM: 4095.27 MB
Available physical RAM: 1347.42 MB
Total Pagefile: 8188.72 MB
Available Pagefile: 4584.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:14.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:96.24 GB) NTFS
Drive e: (CARRIERS) (CDROM) (Total:4.72 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=15 GB) - (Type=1C)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209 GB) - (Type=OF Extended)

==================== End Of Log ============================
Gruß
divemann68
__________________
Alt 19.11.2013, 01:04   #4
aharonov
/// TB-Ausbilder
 
GMX Account gehackt - Standard

GMX Account gehackt


Da ist nicht viel zu sehen..
Hast du schon mit einem der Tools, die du laufen lassen hast, etwas gefunden und entfernt?



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
cheers,
Leo

Alt 21.11.2013, 22:50   #5
divemann68
 
GMX Account gehackt - Standard

GMX Account gehackt


Hallo ich habe in den letzten Tagen viel gearbeitet daher erst jetzt das Log File.
Mit den Tools habe ich noch nichts gemacht.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15937
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 12:27:08
# local_time=2013-11-19 01:27:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11015344 136450678 0 0
# scanned=3124
# found=0
# cleaned=0
# scan_time=947
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15937
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 01:00:02
# local_time=2013-11-19 02:00:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11017318 136452652 0 0
# scanned=3124
# found=0
# cleaned=0
# scan_time=1027
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15949
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 11:08:40
# local_time=2013-11-20 12:08:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11097036 136532370 0 0
# scanned=3125
# found=0
# cleaned=0
# scan_time=1351
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15952
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 11:16:58
# local_time=2013-11-20 12:16:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11097534 136532868 0 0
# scanned=142
# found=0
# cleaned=0
# scan_time=151
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15952
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 11:24:37
# local_time=2013-11-20 12:24:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11097993 136533327 0 0
# scanned=160
# found=0
# cleaned=0
# scan_time=394
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15952
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 11:28:57
# local_time=2013-11-20 12:28:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11098253 136533587 0 0
# scanned=239
# found=0
# cleaned=0
# scan_time=93
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15952
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-20 01:03:59
# local_time=2013-11-20 02:03:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11103955 136539289 0 0
# scanned=38838
# found=0
# cleaned=0
# scan_time=4705
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d630e0e68f8e4647a79392dff95ffcb0
# engine=15961
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-21 01:40:49
# local_time=2013-11-21 02:40:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 11192565 136627899 0 0
# scanned=216623
# found=0
# cleaned=0
# scan_time=27653
Gruß
divemann68


Alt 21.11.2013, 23:38   #6
aharonov
/// TB-Ausbilder
 
GMX Account gehackt - Standard

GMX Account gehackt


Da sind keine Indizien für Malwarebefall zu sehen.
Läuft der Rechner denn normal?
__________________
--> GMX Account gehackt

Alt 21.11.2013, 23:45   #7
divemann68
 
GMX Account gehackt - Standard

GMX Account gehackt


Hallo aharonov,

danke für die schnelle bearbeitung.

Der Rechner läuft soweit normal, nur beim Ansehen von Youtube Videdos kommt es seit einer Woche zu Tonaussetzern und Ruckelnden Bilder.

Ich benutze auch noch ein Samsung S3 mit McAfee geschützt und ein ipad.

Gruß
divemann68

Alt 21.11.2013, 23:48   #8
aharonov
/// TB-Ausbilder
 
GMX Account gehackt - Standard

GMX Account gehackt


Ich seh im Moment keinen weiteren Handlungsbedarf. Behalte die Situation in der nächsten Zeit etwas im Auge (z.B. Logins im GMX-Account kontrollieren).
__________________
cheers,
Leo

Alt 21.11.2013, 23:55   #9
divemann68
 
GMX Account gehackt - Standard

GMX Account gehackt


Vielen dank für Deine Unterstützung.

divemann68

Alt 07.01.2014, 15:07   #10
aharonov
/// TB-Ausbilder
 
GMX Account gehackt - Standard

GMX Account gehackt


Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu GMX Account gehackt
account, ahnung, daemon, data, daten, gehackt, gmx, hallo zusammen, hotline, kennwort, kontaktiert, login, mailer, nachrichten, postfach, problem, protection, rechner, samstag, sofort, sonntag, total, versucht, zugang, zusammen


« GVU-Trojaner auf Windows XP-Rechner, abgesicherter Modus nicht möglich | Windows 7 - Browser Links (Google) werden umgeleitet - TR/Pirminay.amuj »


Ähnliche Themen: GMX Account gehackt


  1. FB Account gehackt.
    Smartphone, Tablet & Handy Security - 20.10.2015 (8)
  2. Spam Mail vom eigenen Yahoo Account erhalten - Account gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (8)
  3. WoW Account gehackt
    Log-Analyse und Auswertung - 08.10.2014 (5)
  4. E-Mail Account gehackt - unauthorisierte Mails von meinem Account werden verschickt
    Log-Analyse und Auswertung - 19.04.2014 (5)
  5. E-Mail-Account auf Mac gehackt ?
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (5)
  6. GMX Account gehackt!
    Log-Analyse und Auswertung - 08.08.2012 (0)
  7. GMX-Account gehackt ?
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  8. Account gehackt!
    Log-Analyse und Auswertung - 08.08.2011 (19)
  9. WoW Account gehackt Analyse
    Log-Analyse und Auswertung - 27.07.2011 (1)
  10. Account gehackt
    Log-Analyse und Auswertung - 30.03.2010 (13)
  11. WoW Account 2 mal gehackt
    Log-Analyse und Auswertung - 05.02.2010 (0)
  12. Account wurde gehackt
    Log-Analyse und Auswertung - 25.01.2010 (23)
  13. wow-account gehackt
    Log-Analyse und Auswertung - 14.12.2009 (5)
  14. WoW - Account gehackt und nun
    Log-Analyse und Auswertung - 01.09.2009 (27)
  15. MSN account gehackt
    Plagegeister aller Art und deren Bekämpfung - 01.02.2009 (4)
  16. Account gehackt
    Log-Analyse und Auswertung - 24.06.2008 (1)
  17. Amazon Account gehackt + E-mail gehackt !
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GMX Account gehackt - Hallo zusammen, ich habe am Samstag mehrer mailer daemon Nachrichten in meinem Postfach gefunden. Ich habe sofort die GMX Hotline kontaktiert dort wurde mir gesagt, dass jemand mein Account gehackt - GMX Account gehackt...
Archiv
Du betrachtest: GMX Account gehackt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131