Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
aartemis virus

aartemis virus


Log-Analyse und Auswertung: aartemis virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 27.12.2013, 17:42   #1
Daniel94
 
aartemis virus - Standard

aartemis virus


part 2
Code:
ATTFilter
==================== One Month Modified Files and Folders =======

2013-12-26 19:42 - 2013-12-26 19:13 - 00005882 _____ C:\Users\Daniel\Desktop\FRST.txt
2013-12-26 19:40 - 2013-12-26 19:40 - 00001423 _____ C:\Users\Daniel\Desktop\JRT.txt
2013-12-26 19:40 - 2011-04-12 08:43 - 00698688 _____ C:\Windows\system32\perfh007.dat
2013-12-26 19:40 - 2011-04-12 08:43 - 00148828 _____ C:\Windows\system32\perfc007.dat
2013-12-26 19:40 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-26 19:37 - 2013-12-21 17:01 - 01626354 _____ C:\Windows\WindowsUpdate.log
2013-12-26 19:35 - 2013-12-26 19:35 - 00000000 ____D C:\Windows\ERUNT
2013-12-26 19:34 - 2013-12-26 19:24 - 00000112 _____ C:\Windows\setupact.log
2013-12-26 19:34 - 2013-12-22 22:51 - 00000000 ____D C:\Users\Daniel\AppData\Local\Overwolf
2013-12-26 19:34 - 2013-12-22 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-26 19:34 - 2013-12-22 11:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-26 19:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-26 19:33 - 2013-12-26 19:32 - 00000000 ____D C:\AdwCleaner
2013-12-26 19:33 - 2013-12-22 15:08 - 00001049 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-26 19:33 - 2013-12-21 17:01 - 00000997 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-26 19:33 - 2009-07-14 05:45 - 00016656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 19:33 - 2009-07-14 05:45 - 00016656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 19:24 - 2013-12-26 19:24 - 00000694 _____ C:\Windows\PFRO.log
2013-12-26 19:24 - 2013-12-26 19:24 - 00000000 _____ C:\Windows\setuperr.log
2013-12-26 19:17 - 2013-12-26 19:17 - 00001127 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 19:17 - 2013-12-26 19:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
2013-12-26 19:17 - 2013-12-26 19:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 19:16 - 2013-12-26 19:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Daniel\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-26 19:16 - 2013-12-26 18:50 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2013-12-26 19:15 - 2013-12-26 18:50 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-26 19:13 - 2013-12-26 19:13 - 01034531 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2013-12-26 19:12 - 2013-12-26 19:12 - 01233962 _____ C:\Users\Daniel\Desktop\adwcleaner.exe
2013-12-26 19:10 - 2013-12-24 11:45 - 00000000 ____D C:\Windows\Minidump
2013-12-26 19:10 - 2013-12-22 22:51 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2013-12-26 19:10 - 2013-12-21 16:57 - 00000000 ____D C:\Windows\Panther
2013-12-26 19:09 - 2013-12-26 19:09 - 01928716 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2013-12-26 19:09 - 2013-12-26 19:09 - 00000000 ____D C:\FRST
2013-12-26 19:08 - 2013-12-26 19:08 - 03571656 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup409_slim.exe
2013-12-26 19:08 - 2013-12-26 19:08 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-26 19:08 - 2013-12-26 19:08 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-26 19:08 - 2013-12-26 19:08 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 19:01 - 2013-12-26 18:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-26 18:52 - 2013-12-26 18:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 18:50 - 2013-12-26 18:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1008.exe
2013-12-26 18:49 - 2013-12-22 15:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-26 18:26 - 2013-12-21 17:01 - 00000000 ____D C:\Users\Daniel
2013-12-26 18:25 - 2013-12-26 16:45 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2013-12-26 18:25 - 2013-12-26 11:40 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-26 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-26 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-26 18:03 - 2013-12-26 18:03 - 00000000 ____D C:\Users\Daniel\.appwork
2013-12-26 16:44 - 2013-12-26 16:44 - 00077976 _____ (AppWork GmbH) C:\Users\Daniel\Downloads\WebInstallerJD2.exe
2013-12-26 16:19 - 2013-12-22 17:01 - 00000000 ____D C:\Users\Daniel\AppData\Local\PMB Files
2013-12-26 16:19 - 2013-12-22 17:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-26 15:07 - 2013-12-26 15:07 - 00000211 _____ C:\Users\Daniel\Desktop\Arma 2 Operation Arrowhead.url
2013-12-26 15:06 - 2013-12-26 15:06 - 00000211 _____ C:\Users\Daniel\Desktop\Arma 2.url
2013-12-26 11:52 - 2013-12-26 11:52 - 00000730 _____ C:\Users\Daniel\Desktop\Play EterniFUN!.lnk
2013-12-26 11:40 - 2013-12-26 11:40 - 00000209 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2013-12-26 11:35 - 2013-12-26 11:35 - 00000630 _____ C:\Users\Public\Desktop\Steam.lnk
2013-12-26 11:24 - 2013-12-26 11:24 - 00000000 ____D C:\Users\Daniel\Desktop\AHCI_w7
2013-12-26 11:17 - 2013-12-26 11:17 - 00000000 ____D C:\ProgramData\AMD
2013-12-26 11:17 - 2013-12-26 11:17 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-26 11:17 - 2013-12-26 11:17 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-12-26 11:17 - 2013-12-26 11:16 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-26 11:16 - 2013-12-26 11:16 - 00000000 ____D C:\Program Files\ATI
2013-12-26 11:15 - 2013-12-26 11:14 - 00000000 ____D C:\Users\Daniel\Desktop\chipset-win7
2013-12-26 10:50 - 2013-12-26 10:50 - 01133552 _____ C:\Users\Daniel\Downloads\SteamSetup.exe
2013-12-26 10:09 - 2013-12-26 09:37 - 1508648109 _____ (EterniaGames                                                ) C:\Users\Daniel\Downloads\EterniaLC-Fun-100813.exe
2013-12-25 00:32 - 2013-12-25 00:32 - 00001014 _____ C:\Users\Public\Desktop\SSD Fresh.lnk
2013-12-25 00:32 - 2013-12-25 00:32 - 00000000 ____D C:\Users\Daniel\AppData\Local\Abelssoft
2013-12-25 00:32 - 2013-12-25 00:32 - 00000000 ____D C:\Program Files (x86)\SSD Fresh
2013-12-25 00:31 - 2013-12-25 00:31 - 02880000 _____ (Abelssoft                                                   ) C:\Users\Daniel\Downloads\ssdfresh_2014.exe
2013-12-24 11:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-24 10:05 - 2013-12-24 10:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-12-22 22:52 - 2013-12-22 22:52 - 00001969 _____ C:\Users\Public\Desktop\Overwolf.lnk
2013-12-22 22:52 - 2013-12-22 22:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2013-12-22 22:52 - 2013-12-22 22:52 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-12-22 22:51 - 2013-12-22 22:51 - 00058016 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-22 22:51 - 2013-12-22 22:51 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-12-22 22:51 - 2013-12-22 22:51 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-12-22 22:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-22 22:50 - 2013-12-22 22:50 - 32520760 _____ (TeamSpeak Systems GmbH) C:\Users\Daniel\Downloads\TeamSpeak3-Client-win64-3.0.13.1.exe
2013-12-22 22:30 - 2013-12-22 22:30 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\LolClient
2013-12-22 17:03 - 2013-12-22 17:03 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-22 17:03 - 2013-12-22 17:03 - 00000000 ____D C:\Riot Games
2013-12-22 17:01 - 2013-12-22 17:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Riot Games
2013-12-22 17:01 - 2013-12-22 17:01 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-22 16:59 - 2013-12-22 16:59 - 34888568 _____ (Riot Games) C:\Users\Daniel\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-22 15:17 - 2013-12-22 15:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Macromedia
2013-12-22 15:17 - 2013-12-22 15:17 - 00000000 ____D C:\Users\Daniel\AppData\Local\Macromedia
2013-12-22 15:16 - 2013-12-22 15:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-22 15:16 - 2013-12-22 15:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-22 15:16 - 2013-12-22 15:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-22 15:16 - 2013-12-22 15:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-12-22 15:16 - 2013-12-22 15:16 - 00000000 ____D C:\Windows\system32\Macromed
2013-12-22 15:16 - 2013-12-22 15:15 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2013-12-22 15:08 - 2013-12-22 15:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mozilla
2013-12-22 15:08 - 2013-12-22 15:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Mozilla
2013-12-22 15:08 - 2013-12-22 15:08 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-22 15:08 - 2013-12-22 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-22 15:08 - 2013-12-22 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-22 15:03 - 2013-12-22 14:54 - 01591896 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-22 14:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-22 14:48 - 2013-12-22 14:48 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-22 14:48 - 2013-12-22 14:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-22 14:48 - 2013-12-22 14:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-22 14:48 - 2013-12-22 14:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-22 14:48 - 2013-12-22 14:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-22 14:48 - 2013-12-22 14:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-22 14:48 - 2013-12-22 14:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-22 14:48 - 2013-12-22 14:48 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-22 14:48 - 2013-12-22 14:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-22 13:46 - 2013-12-22 13:46 - 00003540 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-12-22 13:46 - 2013-12-22 13:46 - 00001750 _____ C:\Users\Public\Desktop\Browserwahl.lnk
2013-12-22 13:46 - 2013-12-22 13:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-12-22 13:46 - 2013-12-22 13:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2013-12-22 13:46 - 2013-12-21 17:01 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-22 13:46 - 2013-12-21 17:01 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-22 13:33 - 2013-12-22 11:28 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-22 13:28 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-22 13:26 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-22 13:26 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-22 13:26 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-22 13:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-12-22 13:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-12-22 13:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-12-22 13:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-12-22 13:26 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-22 13:03 - 2013-12-22 13:03 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-22 13:03 - 2013-12-22 13:03 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-22 13:03 - 2013-12-22 13:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-22 13:03 - 2013-12-22 13:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-22 13:03 - 2013-12-22 13:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-22 13:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2013-12-22 11:42 - 2013-12-22 11:41 - 00000000 ____D C:\Windows\system32\MRT
2013-12-22 11:28 - 2013-12-22 11:25 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-22 11:28 - 2013-12-22 11:25 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-22 11:28 - 2013-12-22 11:22 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-22 11:28 - 2013-12-22 11:22 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-22 11:28 - 2013-12-22 11:22 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-22 11:28 - 2013-12-22 11:22 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-22 11:28 - 2013-12-22 11:22 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-22 11:28 - 2013-12-22 11:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-22 11:28 - 2013-12-22 11:22 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-22 11:25 - 2013-12-22 11:22 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-22 11:25 - 2013-12-22 11:22 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-22 11:22 - 2013-12-22 11:22 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-22 11:18 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-22 11:16 - 2013-12-22 11:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-22 11:16 - 2013-12-22 11:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-22 11:16 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\restore
2013-12-21 17:01 - 2013-12-21 17:01 - 00000020 ___SH C:\Users\Daniel\ntuser.ini
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Vorlagen
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Startmenü
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Netzwerkumgebung
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Lokale Einstellungen
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Eigene Dateien
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Druckumgebung
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Documents\Eigene Musik
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Documents\Eigene Bilder
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\AppData\Local\Verlauf
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\AppData\Local\Anwendungsdaten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Users\Daniel\Anwendungsdaten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Programme
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 __SHD C:\Recovery
2013-12-21 17:01 - 2013-12-21 17:01 - 00000000 ____D C:\Users\Daniel\AppData\Local\VirtualStore
2013-12-21 17:01 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-21 17:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2013-12-21 16:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-12-21 16:58 - 2013-12-21 16:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-12-21 16:58 - 2011-04-12 08:55 - 00000000 ____D C:\Windows\CSC
2013-12-21 16:57 - 2009-07-14 06:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-12-21 16:57 - 2009-07-14 06:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-12-19 14:11 - 2013-12-22 11:22 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-09 12:08 - 2013-12-09 12:08 - 00768848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-12-09 11:59 - 2013-12-09 11:59 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2013-12-01 14:42 - 2013-12-22 11:41 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-26 12:54 - 2013-12-22 15:03 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 12:25 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-26 11:19 - 2013-12-22 15:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-22 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-22 15:03 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-22 15:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-22 15:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-22 15:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-22 15:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-22 15:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-22 15:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-22 15:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-22 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-22 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-22 15:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-22 15:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-22 15:03 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-22 15:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-22 15:03 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-22 15:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-22 15:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-22 15:03 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-22 15:03 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-22 15:03 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-22 15:03 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-22 15:03 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-22 15:03 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-22 15:03 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-22 15:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-22 15:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-22 15:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-22 15:03 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\i4jdel0.exe
C:\Users\Daniel\AppData\Local\Temp\JDownloaderSetup_jdownloader.org.exe
C:\Users\Daniel\AppData\Local\Temp\proxy_vole2243516962137192897.dll
C:\Users\Daniel\AppData\Local\Temp\proxy_vole5215863126056733089.dll
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 14:15

==================== End Of Log ============================
Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2013
Ran by Daniel at 2013-12-26 19:42:25
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Fuel (Version: 2012.0806.1213.19931)
Arma 2 (x32)
Arma 2: Operation Arrowhead (x32)
avast! Free Antivirus (x32 Version: 9.0.2011)
Catalyst Control Center (x32 Version: 2012.0806.1213.19931)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931)
CCC Help Czech (x32 Version: 2012.0806.1212.19931)
CCC Help Danish (x32 Version: 2012.0806.1212.19931)
CCC Help Dutch (x32 Version: 2012.0806.1212.19931)
CCC Help English (x32 Version: 2012.0806.1212.19931)
CCC Help Finnish (x32 Version: 2012.0806.1212.19931)
CCC Help French (x32 Version: 2012.0806.1212.19931)
CCC Help German (x32 Version: 2012.0806.1212.19931)
CCC Help Greek (x32 Version: 2012.0806.1212.19931)
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931)
CCC Help Italian (x32 Version: 2012.0806.1212.19931)
CCC Help Japanese (x32 Version: 2012.0806.1212.19931)
CCC Help Korean (x32 Version: 2012.0806.1212.19931)
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931)
CCC Help Polish (x32 Version: 2012.0806.1212.19931)
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931)
CCC Help Russian (x32 Version: 2012.0806.1212.19931)
CCC Help Spanish (x32 Version: 2012.0806.1212.19931)
CCC Help Swedish (x32 Version: 2012.0806.1212.19931)
CCC Help Thai (x32 Version: 2012.0806.1212.19931)
CCC Help Turkish (x32 Version: 2012.0806.1212.19931)
ccc-utility64 (Version: 2012.0806.1213.19931)
CCleaner (Version: 4.09)
EterniaFunLC 1.00 (x32 Version: 1.00)
JDownloader 2 (Version: 2.0)
League of Legends (x32 Version: 3.0.1)
Left 4 Dead 2 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 1.15.2 (Version: 1.15.2)
NVIDIA Update Components (Version: 1.15.2)
Overwolf (x32 Version: 0.47.284)
Overwolf.Setup.VC100CRTx64.Dist (Version: 1.0.0)
Pando Media Booster (x32 Version: 2.6.0.7)
Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011)
SSD Fresh (x32 Version: 2014)
Steam (x32)
TeamSpeak 3 Client (Version: 3.0.13)

==================== Restore Points  =========================

22-12-2013 10:19:59 Windows Update
22-12-2013 10:22:01 avast! Free Antivirus Setup
22-12-2013 10:25:24 avast! antivirus system restore point
22-12-2013 10:38:55 Windows Update
22-12-2013 13:47:03 Windows Update
22-12-2013 14:02:27 Windows Update
22-12-2013 16:02:07 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
22-12-2013 16:02:35 Microsoft Visual C++ 2005 Redistributable wird installiert
22-12-2013 16:03:04 Installed League of Legends
22-12-2013 16:03:44 DirectX wurde installiert
26-12-2013 10:24:27 Installed AMD SATA AHCI Driver
26-12-2013 15:46:43 Windows Defender Checkpoint
26-12-2013 17:24:32 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {46463CBD-6C54-4C03-85A8-0AB9F0AD9E6D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-22] (AVAST Software)
Task: {7F1BBA8F-7FFA-4FC6-9B55-094C32C48284} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-22] (Adobe Systems Incorporated)
Task: {991B065C-815C-4C34-9840-58FD70E4DED0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-09 12:08 - 2013-12-09 12:08 - 00045608 _____ () C:\Program Files (x86)\Overwolf\x64\OWExplorer-20125.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00039464 _____ () C:\Program Files (x86)\Overwolf\x64\OWLog.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00721960 _____ () C:\Program Files (x86)\Overwolf\x64\OWExplorerLauncher.dll
2013-12-26 18:47 - 2013-12-26 17:53 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\13122601\algo.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00015288 _____ () C:\Program Files (x86)\Overwolf\ODK.AddIns.V2.HostView.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00134696 _____ () C:\Program Files (x86)\Overwolf\OWService.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00970792 _____ () C:\Program Files (x86)\Overwolf\OWServer.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00038440 _____ () C:\Program Files (x86)\Overwolf\OWLog.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00079400 _____ () C:\Program Files (x86)\Overwolf\OWExplorer-20125.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00839720 _____ () C:\Program Files (x86)\Overwolf\OWAgent.dll
2013-12-22 11:28 - 2013-12-22 11:28 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00029224 _____ () C:\Program Files (x86)\Overwolf\OWExplorerLauncher.dll
2013-12-22 15:08 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 8173.19 MB
Available physical RAM: 6821.93 MB
Total Pagefile: 16344.56 MB
Available Pagefile: 14849.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.28 GB) (Free:75.87 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:903.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117 GB) (Disk ID: 87F86F60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 24296CB3)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
so.. na dann ^^

achso, was ich noch geränzen wollte... der Windows-defender hat gestern auch noch i.was gefunden, aber mir werden leider keine logs angezeigt

Antwort

Themen zu aartemis virus
.dll, administrator, adobe flash player, antivirus, ccsetup, firefox, flash player, iexplore.exe, malwarebytes, pup.optional.aartemis, pup.optional.aartemis.a, pup.optional.installcore.a, pup.optional.qone8, pup.optional.wpmanager.a, registry, scan, software, system, system32, teamspeak


« Windows 7: GPU-Auslatung immer bei 98% | static.icmapp.com, WIN 8 (64 bit) »


Ähnliche Themen: aartemis virus


  1. Mobogenie, Aartemis, Advances System Protector, RegCleanPro, MYPC Backup
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (20)
  2. McAfee findet Aartemis! Trojaner
    Log-Analyse und Auswertung - 23.01.2014 (14)
  3. Virus-Befall: Aartemis
    Log-Analyse und Auswertung - 09.01.2014 (9)
  4. Aartemis Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 05.01.2014 (13)
  5. aartemis.com Startseite - krieg ich nicht mehr los!
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (5)
  6. AARTEMIS virus
    Log-Analyse und Auswertung - 27.12.2013 (86)
  7. aartemis.com Startseite - krieg ich nicht mehr los!
    Alles rund um Windows - 26.12.2013 (1)
  8. Aartemis Trojaner
    Antiviren-, Firewall- und andere Schutzprogramme - 25.12.2013 (2)
  9. Aartemis.com erscheint jedes Mal als Startseite beim Start des Browsers
    Log-Analyse und Auswertung - 30.11.2013 (11)
  10. Pc hängt, Startseite aufeinmal "aartemis"
    Log-Analyse und Auswertung - 23.11.2013 (7)
  11. aartemis.com entfernen
    Anleitungen, FAQs & Links - 02.11.2013 (2)
  12. Virus versenden; virus angriff; virus schützen; rache;
    Log-Analyse und Auswertung - 06.12.2010 (10)
  13. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema aartemis virus - part 2 Code: Alles auswählen Aufklappen ATTFilter ==================== One Month Modified Files and Folders ======= 2013-12-26 19:42 - 2013-12-26 19:13 - 00005882 _____ C:\Users\Daniel\Desktop\FRST.txt 2013-12-26 19:40 - 2013-12-26 19:40 - - aartemis virus...
Archiv
Du betrachtest: aartemis virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131