|
Log-Analyse und Auswertung: pc langsam, videos ruckeln, verdacht auf virusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.01.2014, 23:14 | #1 |
| pc langsam, videos ruckeln, verdacht auf virus Hallo, ich versuche das Problem mal so ausführlich wie möglich zu beschreiben. Muss dazu sagen, dass ich absoluter Laie bin und mir alle unten aufgeführten Schritte aus dem Internet und in anderen Hilfeforen zusammengetragen habe. Nun hat jedoch nichts davon etwas gebracht. Mein PC (betriebssystem windows 7) wird stetig langsamer (aber bisher keine Abstürze), seit wenigen Tagen können Videos im Internet und vom PC nicht mehr abgespielt werden (unterschiedliche Browser und unterschiedliche Mediaplayer habe ich bereits probiert). Einige Internetseiten können nicht angezeigt werden oder erscheinen "durcheinander" (Grafiken überlagern sich, Bilder über Schrift, Chatprotokolle verschwinden kurzzeitig etc.). Ich habe keine Probleme, meine Programme und Dateien auf dem PC zu öffnen, es dauert nur alles sehr lange. Der Speicher des Netbooks ist bis auf etwa 20% frei. Ich unternahm bisher also Folgendes: - Cookies gelöscht - Cache geleert - Flash Player aktualisiert - Virenscan mit AVG und emsisoft durchgeführt mit dem Ergebnis: exploit --> diesen in Quarantäne verschoben - defragmentiert, Junk Dateien gelöscht, Browser gereinigt etc. mit AVG Tune Up (danach wurde PC kurzzeitig etwas schneller, Videos funktionierten aber trotzdem nicht mehr) - CPU Auslastung ohne offene Programme: < 10% - Internetanbieter kontaktiert zwecks Speedtest (ist nicht optimal, aber ausreichend) - Grafiktreiber aktualisiert - Furmark runtergeladen, um Grafikkarte zu testen, dies funktionierte aber leider nicht (Meldung: "Furmark requires an Open GL2.0 compliant Graphics Controller. Startup failed.") - Systemrücksetzung brachte nicht viel, weil kein älterer Wiederherstellungspunkt vorhanden war FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2014 01 Ran by milky (administrator) on MILKY-PC on 25-01-2014 23:27:14 Running from C:\Users\milky\Downloads Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Dropbox, Inc.) C:\Users\milky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe () C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (OCS) C:\Users\milky\AppData\Local\Temp\OCS\ocs_v71a.exe (Trend Micro Inc.) C:\Users\milky\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe () C:\Users\milky\Downloads\Defogger.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.) HKCU\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION Startup: C:\Users\milky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\milky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKCU - DefaultScope {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1190 SearchScopes: HKCU - {42FAFB27-7570-4097-9DC0-69DA43623700} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.8\PriceGongIE.dll (PriceGong) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171 FireFox: ======== FF ProfilePath: C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default FF user.js: detected! => C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\user.js FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: Google FF Homepage: google.de FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Users\milky\Desktop\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml FF Extension: ColorfulTabs - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2013-12-20] FF Extension: ColorZilla - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-11-25] FF Extension: PriceGong - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-12-20] FF Extension: Yontoo - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\plugin@yontoo.com.xpi [2013-03-14] FF Extension: GMX MailCheck - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\toolbar@gmx.net.xpi [2011-05-15] FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\milky\AppData\Roaming\01014 FF Extension: Java String Helper - C:\Users\milky\AppData\Roaming\01014 [2012-03-13] Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Skype Toolbars) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (PriceGong) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2013-10-30] CHR Extension: (YouTube) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17] CHR Extension: (Adblock Plus) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-16] CHR Extension: (Google-Suche) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17] CHR Extension: (Google Wallet) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Google Mail) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17] CHR HKLM\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files\PriceGong\2.6.8\pricegong.crx [2012-10-21] CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\milky\AppData\Local\Temp\YontooLayers.crx [2012-10-21] ========================== Services (Whitelisted) ================= R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S4 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] () S4 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1741624 2013-12-18] (AVG) ==================== Drivers (Whitelisted) ==================== S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [57944 2013-08-24] (Emsisoft GmbH) R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) S3 cleanhlp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] () S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-25 23:27 - 2014-01-25 23:28 - 00014987 _____ C:\Users\milky\Downloads\FRST.txt 2014-01-25 23:26 - 2014-01-25 23:26 - 00000000 ____D C:\FRST 2014-01-25 23:25 - 2014-01-25 23:25 - 01222144 _____ (Farbar) C:\Users\milky\Downloads\FRST.exe 2014-01-25 23:24 - 2014-01-25 23:24 - 00012935 _____ C:\Users\milky\Downloads\FRST64.exe 2014-01-25 23:23 - 2014-01-25 23:23 - 00000472 _____ C:\Users\milky\Downloads\defogger_disable.log 2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 _____ C:\Users\milky\defogger_reenable 2014-01-25 23:22 - 2014-01-25 23:22 - 00050477 _____ C:\Users\milky\Downloads\Defogger.exe 2014-01-25 22:38 - 2014-01-25 22:38 - 00008538 _____ C:\Users\milky\Desktop\hijackthis.log 2014-01-25 22:35 - 2014-01-25 22:36 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\HijackThis - CHIP-Downloader.exe 2014-01-25 22:24 - 2014-01-25 22:24 - 00001273 _____ C:\Users\milky\Desktop\FurMark.lnk 2014-01-25 22:24 - 2014-01-25 22:24 - 00000000 ____D C:\Program Files\Geeks3D 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup.exe 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup (1).exe 2014-01-25 17:07 - 2014-01-25 17:07 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\UNetbootin - CHIP-Downloader.exe 2014-01-25 00:51 - 2014-01-25 00:51 - 00000000 ____D C:\windows\system32\x64 2014-01-24 17:57 - 2014-01-24 17:59 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (2).exe 2014-01-24 17:54 - 2014-01-24 17:54 - 00002175 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-01-24 17:54 - 2014-01-24 17:54 - 00002151 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-01-24 17:54 - 2013-12-18 09:38 - 00036152 _____ (AVG) C:\windows\system32\TURegOpt.exe 2014-01-24 17:54 - 2013-12-18 09:38 - 00025400 _____ (AVG) C:\windows\system32\authuitu.dll 2014-01-24 17:52 - 2014-01-24 17:52 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG 2014-01-24 17:46 - 2014-01-24 17:58 - 00000000 ____D C:\ProgramData\AVG 2014-01-24 17:44 - 2014-01-24 19:36 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-24 17:41 - 2014-01-24 17:42 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (1).exe 2014-01-24 13:48 - 2014-01-24 13:49 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4.exe 2014-01-24 12:13 - 2014-01-24 12:13 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 12:09 - 2014-01-25 18:29 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2014-01-24 12:09 - 2014-01-24 12:09 - 00000000 ____D C:\Users\milky\Documents\Anti-Malware 2014-01-24 11:36 - 2014-01-24 11:39 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Downloads\EmsisoftAntiMalwareSetup (1).exe 2014-01-24 11:33 - 2014-01-24 11:37 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Desktop\EmsisoftAntiMalwareSetup.exe 2014-01-24 11:30 - 2014-01-24 11:30 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG2014 2014-01-24 11:28 - 2014-01-24 11:28 - 00000000 ____D C:\Users\milky\AppData\Roaming\TuneUp Software 2014-01-24 11:24 - 2014-01-24 11:29 - 00000000 ____D C:\ProgramData\AVG2014 2014-01-24 11:24 - 2014-01-24 11:24 - 00000000 ___HD C:\$AVG 2014-01-24 11:13 - 2014-01-24 11:53 - 00000000 ____D C:\Users\milky\AppData\Local\Avg2014 2014-01-24 11:13 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\MFAData 2014-01-24 11:11 - 2014-01-24 11:12 - 04435768 _____ (AVG Technologies) C:\Users\milky\Desktop\avg_avct_stb_all_2014_4259_cm10.exe 2014-01-24 00:26 - 2014-01-24 00:26 - 00004324 _____ C:\Users\milky\Desktop\filmliste.odt 2014-01-17 11:54 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2014-01-17 11:54 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2014-01-16 13:04 - 2014-01-16 13:07 - 315620326 _____ C:\Users\milky\Downloads\SwMo74.part3.rar 2014-01-16 13:00 - 2014-01-16 13:04 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part2.rar 2014-01-16 12:52 - 2014-01-16 12:58 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part1.rar 2014-01-13 16:06 - 2014-01-13 16:07 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live Writer 2014-01-13 16:06 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Roaming\Windows Live Writer ==================== One Month Modified Files and Folders ======= 2014-01-25 23:28 - 2014-01-25 23:27 - 00014987 _____ C:\Users\milky\Downloads\FRST.txt 2014-01-25 23:26 - 2014-01-25 23:26 - 00000000 ____D C:\FRST 2014-01-25 23:25 - 2014-01-25 23:25 - 01222144 _____ (Farbar) C:\Users\milky\Downloads\FRST.exe 2014-01-25 23:24 - 2014-01-25 23:24 - 00012935 _____ C:\Users\milky\Downloads\FRST64.exe 2014-01-25 23:23 - 2014-01-25 23:23 - 00000472 _____ C:\Users\milky\Downloads\defogger_disable.log 2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 _____ C:\Users\milky\defogger_reenable 2014-01-25 23:23 - 2010-06-29 06:44 - 00000000 ____D C:\Users\milky 2014-01-25 23:22 - 2014-01-25 23:22 - 00050477 _____ C:\Users\milky\Downloads\Defogger.exe 2014-01-25 23:20 - 2013-05-01 18:13 - 00000000 ____D C:\Users\milky\AppData\Roaming\Dropbox 2014-01-25 23:07 - 2009-12-09 02:09 - 01546070 _____ C:\windows\WindowsUpdate.log 2014-01-25 22:59 - 2010-06-30 12:54 - 00001096 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-25 22:38 - 2014-01-25 22:38 - 00008538 _____ C:\Users\milky\Desktop\hijackthis.log 2014-01-25 22:36 - 2014-01-25 22:35 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\HijackThis - CHIP-Downloader.exe 2014-01-25 22:34 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-25 22:34 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-25 22:25 - 2010-06-29 06:44 - 00000000 ____D C:\Users\milky\AppData\Local\VirtualStore 2014-01-25 22:24 - 2014-01-25 22:24 - 00001273 _____ C:\Users\milky\Desktop\FurMark.lnk 2014-01-25 22:24 - 2014-01-25 22:24 - 00000000 ____D C:\Program Files\Geeks3D 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup.exe 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup (1).exe 2014-01-25 22:02 - 2009-07-14 05:39 - 00178409 _____ C:\windows\setupact.log 2014-01-25 21:48 - 2010-10-26 10:58 - 00000000 ____D C:\Users\milky\AppData\Roaming\vlc 2014-01-25 20:27 - 2012-05-20 11:22 - 00000000 ____D C:\ProgramData\MFAData 2014-01-25 18:33 - 2013-05-03 11:15 - 00000000 ___RD C:\Users\milky\Dropbox 2014-01-25 18:31 - 2010-06-30 12:54 - 00001092 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-25 18:31 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2014-01-25 18:30 - 2009-12-09 03:03 - 00757084 _____ C:\windows\PFRO.log 2014-01-25 18:29 - 2014-01-24 12:09 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2014-01-25 17:07 - 2014-01-25 17:07 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\UNetbootin - CHIP-Downloader.exe 2014-01-25 16:58 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI 2014-01-25 13:20 - 2012-09-05 16:39 - 00000000 ____D C:\Users\milky\Desktop\dokumente 2014-01-25 09:01 - 2013-11-13 11:50 - 00306878 _____ C:\windows\IE11_main.log 2014-01-25 01:02 - 2012-03-13 12:53 - 00000000 ___RD C:\Users\milky\Desktop\programme 2014-01-25 00:51 - 2014-01-25 00:51 - 00000000 ____D C:\windows\system32\x64 2014-01-24 22:07 - 2011-02-03 21:49 - 00000000 ____D C:\Users\milky\AppData\Roaming\dvdcss 2014-01-24 19:36 - 2014-01-24 17:44 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-24 19:36 - 2010-06-29 07:05 - 00000000 ____D C:\Users\milky\AppData\Local\Microsoft Help 2014-01-24 17:59 - 2014-01-24 17:57 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (2).exe 2014-01-24 17:58 - 2014-01-24 17:46 - 00000000 ____D C:\ProgramData\AVG 2014-01-24 17:54 - 2014-01-24 17:54 - 00002175 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-01-24 17:54 - 2014-01-24 17:54 - 00002151 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-01-24 17:52 - 2014-01-24 17:52 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG 2014-01-24 17:51 - 2012-05-20 11:26 - 00000000 ____D C:\Program Files\AVG 2014-01-24 17:42 - 2014-01-24 17:41 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (1).exe 2014-01-24 13:49 - 2014-01-24 13:48 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4.exe 2014-01-24 12:13 - 2014-01-24 12:13 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 12:09 - 2014-01-24 12:09 - 00000000 ____D C:\Users\milky\Documents\Anti-Malware 2014-01-24 11:53 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\Avg2014 2014-01-24 11:39 - 2014-01-24 11:36 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Downloads\EmsisoftAntiMalwareSetup (1).exe 2014-01-24 11:37 - 2014-01-24 11:33 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Desktop\EmsisoftAntiMalwareSetup.exe 2014-01-24 11:30 - 2014-01-24 11:30 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG2014 2014-01-24 11:29 - 2014-01-24 11:24 - 00000000 ____D C:\ProgramData\AVG2014 2014-01-24 11:28 - 2014-01-24 11:28 - 00000000 ____D C:\Users\milky\AppData\Roaming\TuneUp Software 2014-01-24 11:24 - 2014-01-24 11:24 - 00000000 ___HD C:\$AVG 2014-01-24 11:13 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\MFAData 2014-01-24 11:12 - 2014-01-24 11:11 - 04435768 _____ (AVG Technologies) C:\Users\milky\Desktop\avg_avct_stb_all_2014_4259_cm10.exe 2014-01-24 00:26 - 2014-01-24 00:26 - 00004324 _____ C:\Users\milky\Desktop\filmliste.odt 2014-01-23 18:47 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\wfp 2014-01-23 18:44 - 2013-11-09 22:53 - 00000000 ____D C:\Users\milky\Desktop\VLC 2014-01-23 18:44 - 2009-12-09 02:20 - 00000000 ____D C:\ProgramData\WinClon 2014-01-23 18:44 - 2009-12-09 02:12 - 00000000 ____D C:\Program Files\Atheros Client Installation Program 2014-01-23 18:44 - 2009-12-09 02:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-23 18:44 - 2009-07-14 03:37 - 00000000 ____D C:\windows\registration 2014-01-23 18:28 - 2013-12-02 16:57 - 00000000 ____D C:\Users\milky\Desktop\fotos 2014-01-23 18:28 - 2012-09-05 16:41 - 00000000 ____D C:\Users\milky\Desktop\musik 2014-01-22 13:15 - 2009-07-14 05:33 - 00369928 _____ C:\windows\system32\FNTCACHE.DAT 2014-01-22 00:15 - 2010-06-29 06:54 - 00000000 ____D C:\Program Files\Samsung Casual Games 2014-01-19 01:20 - 2013-12-13 22:31 - 00006765 _____ C:\Users\milky\Desktop\nuschel..odt 2014-01-16 13:21 - 2013-05-01 18:14 - 00000000 ____D C:\Users\milky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-16 13:07 - 2014-01-16 13:04 - 315620326 _____ C:\Users\milky\Downloads\SwMo74.part3.rar 2014-01-16 13:04 - 2014-01-16 13:00 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part2.rar 2014-01-16 12:58 - 2014-01-16 12:52 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part1.rar 2014-01-13 16:07 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live Writer 2014-01-13 16:06 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Roaming\Windows Live Writer 2014-01-13 16:03 - 2013-08-29 12:27 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live 2014-01-02 12:04 - 2013-12-20 13:39 - 00005292 _____ C:\Users\milky\Desktop\Bastelideen.odt Some content of TEMP: ==================== C:\Users\milky\AppData\Local\Temp\7za.exe C:\Users\milky\AppData\Local\Temp\GoogleChromeInstaller.exe C:\Users\milky\AppData\Local\Temp\install_flashplayer11x32_mssa_aih.exe C:\Users\milky\AppData\Local\Temp\YontooIEClient.dll C:\Users\milky\AppData\Local\Temp\YontooSetup-Silent.exe C:\Users\milky\AppData\Local\Temp\{83665D45-7903-4111-A5C4-E7DAF8F1691D}-chrome_updater.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-30 10:54 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-01-2014 01 Ran by milky at 2014-01-25 23:32:58 Running from C:\Users\milky\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== 7-Zip 9.20 (Version: - ) Adobe Flash Player 11 ActiveX (Version: 11.0.1.152 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (Version: 11.5.502.110 - Adobe Systems Incorporated) Adobe Reader 9.1 - Deutsch (Version: 9.1.0 - Adobe Systems Incorporated) Apple Software Update (Version: 2.1.3.127 - Apple Inc.) Atheros Client Installation Program (Version: 1.0.1.0805 - Atheros) AVG 2014 (Version: 14.0.3681 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden AVG 2014 (Version: 2014.0.4259 - AVG Technologies) AVG PC TuneUp 2014 (de-DE) (Version: 14.0.1001.295 - AVG) Hidden AVG PC TuneUp 2014 (Version: 14.0.1001.295 - AVG) AVG PC TuneUp 2014 (Version: 14.0.1001.295 - AVG) Hidden BatteryLifeExtender (Version: 1.0.1 - Samsung) Canon MX860 series MP Drivers (Version: - ) ChargeableUSB (Version: 1.0.0.0 - SAMSUNG) Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000 - Microsoft Corporation) <==== ATTENTION CyberLink YouCam (Version: 2.0.3304 - CyberLink Corp.) CyberLink YouCam (Version: 2.0.3304 - CyberLink Corp.) Hidden D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dairy Dash (Version: - Oberon Media) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION DivX-Setup (Version: 2.0.4.2 - DivX, Inc. ) DriverTuner 3.1.0.0 (Version: 3.1.0.0 - LionSea SoftWare) Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.) Easy Display Manager (Version: 3.0 - Samsung Electronics Co., Ltd.) Easy Network Manager (Version: 4.2.4 - Samsung) Easy Resolution Manager (Version: 1.0.0 - Samsung) Easy SpeedUp Manager (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.) EasyBatteryManager (Version: 4.0.0.3 - Samsung) Emsisoft Anti-Malware (Version: 8.1 - Emsisoft GmbH) Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Free YouTube to MP3 Converter version 3.12.2.422 (Version: 3.12.2.422 - DVDVideoSoft Ltd.) Game Pack (Version: 5.3.0.10 - Oberon Media, Inc.) Geeks3D FurMark 1.12.0 (Version: - Geeks3D) Go-Go Gourmet (Version: - Oberon Media) Google Chrome (Version: 32.0.1700.76 - Google Inc.) Google Toolbar for Internet Explorer (Version: - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2230 - Intel Corporation) <==== ATTENTION Intel® Matrix Storage Manager (Version: - Intel Corporation) IrfanView (remove only) (Version: 4.35 - Irfan Skiljan) JDownloader 0.9 (Version: 0.9 - AppWork GmbH) Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Marvell Miniport Driver (Version: 11.22.3.3 - Marvell) McAfee Security Scan Plus (Version: 3.0.318.3 - McAfee, Inc.) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) <==== ATTENTION Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000 - Microsoft Corporation) <==== ATTENTION Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft Office Suite Activation Assistant (Version: 2.9 - Microsoft Corporation) <==== ATTENTION Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden <==== ATTENTION Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (Version: 9.7.0621 - Microsoft Corporation) MonkeyJam 3_050529 (Version: - GiantScreamingRobotMonkeys) Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 4.0.1 (x86 de) (Version: 4.0.1 - Mozilla) MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) neroxml (Version: 1.0.0 - Nero AG) Hidden Oceanis Change Background Windows 7 (Version: 1.0 - Oceanis) <==== ATTENTION Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PriceGong 2.6.8 (Version: 2.6.8 - PriceGong) <==== ATTENTION QuickTime (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (Version: 6.0.1.5983 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Software (Version: 1.01.0088 - REALTEK Semiconductor Corp.) Samsung Recovery Solution 4 (Version: 4.0.0.42 - Samsung) Samsung Support Center (Version: 1.0.21 - Samsung) <==== ATTENTION Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden <==== ATTENTION Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated) <==== ATTENTION Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft) <==== ATTENTION Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version: - Microsoft) User Guide (Version: 1.0 - ) VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.0 (Version: 2.1.0 - VideoLAN) WIDCOMM Bluetooth Software (Version: 6.2.1.800 - Broadcom Corporation) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Messenger (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden <==== ATTENTION WinZip 14.5 (Version: 14.5.9095 - WinZip Computing, S.L. ) XP Codec Pack (Version: - ) Yontoo Layers Runtime 1.10.01 (Version: 1.10.01 - Yontoo LLC) <==== ATTENTION ==================== Restore Points ========================= 24-01-2014 18:58:30 Removed Apple Software Update 24-01-2014 19:00:47 Removed Apple Software Update 25-01-2014 07:58:23 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {01CF4747-62C6-4AD2-A377-2AE2F6B0D461} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {20599042-5088-4751-9555-DC527CA06DAB} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-10-26] (SAMSUNG Electronics) Task: {452597BB-0719-4A5B-B500-906B30A421CB} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2009-11-20] (SEC) Task: {4FE53408-4FE1-4E21-ACCC-BD1454E9A79B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-30] (Google Inc.) Task: {587AC2F1-0C92-4403-A9E0-8BA64B96E119} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2009-07-24] () Task: {791CEE36-0AD0-49D9-ABDC-A7DC7E1CF623} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.) Task: {B0397B4F-BD3A-4E26-B8A4-BD66127CB79F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2013-12-18] (AVG) Task: {BA5182E8-7DC1-403E-B050-1898C6DA0956} - System32\Tasks\{5F5FC005-089A-4170-8A98-4B7E0BB69FE6} => C:\Program Files\Skype\Phone\Skype.exe Task: {C106F74F-3812-4829-AFB7-9C8929F73AAB} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.) Task: {CE58A76B-F6C3-4437-B099-ADCC4040A35E} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.) Task: {E0E6C7D3-17C0-4112-AE88-9676590156B8} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.) Task: {F0512792-B5D0-4D58-87D8-8611F7B4CFCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-30] (Google Inc.) Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-12-09 02:18 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll 2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\milky\AppData\Roaming\Dropbox\bin\libcef.dll 2009-12-09 02:15 - 2009-05-13 09:51 - 00155648 _____ () C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll 2014-01-16 22:15 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libglesv2.dll 2014-01-16 22:15 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libegl.dll 2014-01-16 22:15 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll 2014-01-16 22:15 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll 2014-01-16 22:14 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 AlternateDataStreams: C:\ProgramData\Temp:A42A9F39 AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== Faulty Device Manager Devices ============= Name: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device Description: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Broadcom Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WebCam SCB-0340N Description: USB-Videogerät Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Canon MX860 ser Network Description: Canon MX860 ser Network Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Canon Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (01/25/2014 10:29:38 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 06:36:12 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 05:22:23 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 05:11:12 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 03:31:50 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 03:12:21 PM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 01:01:12 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.76, Zeitstempel: 0x52d0feb8 Name des fehlerhaften Moduls: chrome_child.dll, Version: 32.0.1700.76, Zeitstempel: 0x52d0fe6b Ausnahmecode: 0x80000003 Fehleroffset: 0x00d015cd ID des fehlerhaften Prozesses: 0x268 Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Error: (01/25/2014 00:58:38 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.76, Zeitstempel: 0x52d0feb8 Name des fehlerhaften Moduls: chrome_child.dll, Version: 32.0.1700.76, Zeitstempel: 0x52d0fe6b Ausnahmecode: 0x80000003 Fehleroffset: 0x00d015cd ID des fehlerhaften Prozesses: 0x10c8 Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Error: (01/25/2014 00:46:53 PM) (Source: Application Hang) (User: ) Description: Programm OneClick.exe, Version 14.0.1001.295 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 258 Startzeit: 01cf19a5165c8d81 Endzeit: 6247 Anwendungspfad: C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe Berichts-ID: 3a082719-85b6-11e3-a631-002454700bbe Error: (01/25/2014 09:09:41 AM) (Source: Software Protection Platform Service) (User: ) Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80049F2F. C:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms System errors: ============= Error: (01/25/2014 08:33:57 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 08:33:56 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 08:33:54 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 08:33:41 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 07:43:14 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 07:43:12 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 07:43:08 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 07:43:05 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 07:42:58 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x800703e6 Error: (01/25/2014 06:35:08 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Microsoft Office Sessions: ========================= Error: (01/25/2014 10:29:38 PM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 06:36:12 PM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 05:22:23 PM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 05:11:12 PM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 03:31:50 PM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 03:12:21 PM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms Error: (01/25/2014 01:01:12 PM) (Source: Application Error)(User: ) Description: chrome.exe32.0.1700.7652d0feb8chrome_child.dll32.0.1700.7652d0fe6b8000000300d015cd26801cf19c51df07cc4C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\32.0.1700.76\chrome_child.dll61d792b6-85b8-11e3-a631-002454700bbe Error: (01/25/2014 00:58:38 PM) (Source: Application Error)(User: ) Description: chrome.exe32.0.1700.7652d0feb8chrome_child.dll32.0.1700.7652d0fe6b8000000300d015cd10c801cf19c4b94eab1dC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\32.0.1700.76\chrome_child.dll06071dad-85b8-11e3-a631-002454700bbe Error: (01/25/2014 00:46:53 PM) (Source: Application Hang)(User: ) Description: OneClick.exe14.0.1001.29525801cf19a5165c8d816247C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe3a082719-85b6-11e3-a631-002454700bbe Error: (01/25/2014 09:09:41 AM) (Source: Software Protection Platform Service)(User: ) Description: 0x80049F2FC:\windows\system32\spp\tokens\ppdlic\wmpplayer-ppdlic.xrm-ms ==================== Memory info =========================== Percentage of memory in use: 89% Total physical RAM: 1013.3 MB Available physical RAM: 106.17 MB Total Pagefile: 2037.3 MB Available Pagefile: 449.14 MB Total Virtual: 2047.88 MB Available Virtual: 1898.28 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:108.89 GB) (Free:60.01 GB) NTFS Drive d: () (Fixed) (Total:108.89 GB) (Free:108.79 GB) NTFS Drive g: () (Removable) (Total:0.96 GB) (Free:0.24 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 233 GB) (Disk ID: DBD6377A) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=109 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=109 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 980 MB) (Disk ID: 91F72D24) Partition 1: (Active) - (Size=980 MB) - (Type=06) ==================== End Of Log ============================ Bitte um Hilfe! LG, PennyPopcorn Geändert von PennyPopcorn (25.01.2014 um 23:45 Uhr) |
26.01.2014, 06:12 | #2 |
/// the machine /// TB-Ausbilder | pc langsam, videos ruckeln, verdacht auf virus hi,
__________________Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
26.01.2014, 15:46 | #3 |
| pc langsam, videos ruckeln, verdacht auf virusCode:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 26/01/2014 um 13:51:03 # Aktualisiert 12/01/2014 von Xplode # Betriebssystem : Windows 7 Starter Service Pack 1 (32 bits) # Benutzername : milky - MILKY-PC # Gestartet von : C:\Users\milky\Downloads\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Partner Ordner Gelöscht : C:\ProgramData\Tarma Installer Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong Ordner Gelöscht : C:\Program Files\PriceGong Ordner Gelöscht : C:\Users\milky\AppData\Local\Temp\OCS Ordner Gelöscht : C:\Users\milky\AppData\Local\Temp\TempDir Ordner Gelöscht : C:\Users\milky\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829} Ordner Gelöscht : C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Datei Gelöscht : C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\plugin@yontoo.com.xpi Datei Gelöscht : C:\Program Files\Mozilla Firefox\.autoreg Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml Datei Gelöscht : C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\user.js ***** [ Verknüpfungen ] ***** Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.0 (01.07.2014:1) OS: Windows 7 Starter x86 Ran by milky on 26.01.2014 at 14:10:37,60 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 26.01.2014 at 14:22:51,55 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---------------------------------------------------------------------------------------- FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2014 01 Ran by milky (administrator) on MILKY-PC on 26-01-2014 15:38:26 Running from C:\Users\milky\Downloads Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Dropbox, Inc.) C:\Users\milky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.) HKCU\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION Startup: C:\Users\milky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\milky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKCU - {42FAFB27-7570-4097-9DC0-69DA43623700} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171 FireFox: ======== FF ProfilePath: C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: Google FF Homepage: google.de FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Users\milky\Desktop\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml FF Extension: ColorfulTabs - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2013-12-20] FF Extension: ColorZilla - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-11-25] FF Extension: GMX MailCheck - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\toolbar@gmx.net.xpi [2011-05-15] Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Skype Toolbars) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (YouTube) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17] CHR Extension: (Adblock Plus) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-16] CHR Extension: (Google-Suche) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17] CHR Extension: (Google Wallet) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Google Mail) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17] ========================== Services (Whitelisted) ================= R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S4 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] () S4 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1741624 2013-12-18] (AVG) ==================== Drivers (Whitelisted) ==================== S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [57944 2013-08-24] (Emsisoft GmbH) R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) S3 cleanhlp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] () S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-26 14:22 - 2014-01-26 14:22 - 00000775 _____ C:\Users\milky\Desktop\JRT.txt 2014-01-26 14:10 - 2014-01-26 14:10 - 00000000 ____D C:\windows\ERUNT 2014-01-26 14:09 - 2014-01-26 14:09 - 00008285 _____ C:\Users\milky\Desktop\AdwCleaner[S0].txt 2014-01-26 14:05 - 2014-01-26 14:07 - 01037068 _____ (Thisisu) C:\Users\milky\Downloads\JRT.exe 2014-01-26 13:43 - 2014-01-26 13:52 - 00000000 ____D C:\AdwCleaner 2014-01-26 13:42 - 2014-01-26 13:42 - 01236282 _____ C:\Users\milky\Desktop\adwcleaner.exe 2014-01-25 23:32 - 2014-01-25 23:34 - 00025758 _____ C:\Users\milky\Downloads\Addition.txt 2014-01-25 23:27 - 2014-01-26 15:38 - 00012760 _____ C:\Users\milky\Downloads\FRST.txt 2014-01-25 23:26 - 2014-01-25 23:26 - 00000000 ____D C:\FRST 2014-01-25 23:25 - 2014-01-25 23:25 - 01222144 _____ (Farbar) C:\Users\milky\Downloads\FRST.exe 2014-01-25 23:24 - 2014-01-25 23:24 - 00012935 _____ C:\Users\milky\Downloads\FRST64.exe 2014-01-25 23:23 - 2014-01-25 23:23 - 00000472 _____ C:\Users\milky\Downloads\defogger_disable.log 2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 _____ C:\Users\milky\defogger_reenable 2014-01-25 23:22 - 2014-01-25 23:22 - 00050477 _____ C:\Users\milky\Downloads\Defogger.exe 2014-01-25 22:38 - 2014-01-25 22:38 - 00008538 _____ C:\Users\milky\Desktop\hijackthis.log 2014-01-25 22:35 - 2014-01-25 22:36 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\HijackThis - CHIP-Downloader.exe 2014-01-25 22:24 - 2014-01-25 22:24 - 00001273 _____ C:\Users\milky\Desktop\FurMark.lnk 2014-01-25 22:24 - 2014-01-25 22:24 - 00000000 ____D C:\Program Files\Geeks3D 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup.exe 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup (1).exe 2014-01-25 17:07 - 2014-01-25 17:07 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\UNetbootin - CHIP-Downloader.exe 2014-01-25 00:51 - 2014-01-25 00:51 - 00000000 ____D C:\windows\system32\x64 2014-01-24 17:57 - 2014-01-24 17:59 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (2).exe 2014-01-24 17:54 - 2014-01-24 17:54 - 00002175 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-01-24 17:54 - 2014-01-24 17:54 - 00002151 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-01-24 17:54 - 2013-12-18 09:38 - 00036152 _____ (AVG) C:\windows\system32\TURegOpt.exe 2014-01-24 17:54 - 2013-12-18 09:38 - 00025400 _____ (AVG) C:\windows\system32\authuitu.dll 2014-01-24 17:52 - 2014-01-24 17:52 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG 2014-01-24 17:46 - 2014-01-24 17:58 - 00000000 ____D C:\ProgramData\AVG 2014-01-24 17:44 - 2014-01-24 19:36 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-24 17:41 - 2014-01-24 17:42 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (1).exe 2014-01-24 13:48 - 2014-01-24 13:49 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4.exe 2014-01-24 12:13 - 2014-01-24 12:13 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 12:09 - 2014-01-26 13:53 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2014-01-24 12:09 - 2014-01-24 12:09 - 00000000 ____D C:\Users\milky\Documents\Anti-Malware 2014-01-24 11:36 - 2014-01-24 11:39 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Downloads\EmsisoftAntiMalwareSetup (1).exe 2014-01-24 11:33 - 2014-01-24 11:37 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Desktop\EmsisoftAntiMalwareSetup.exe 2014-01-24 11:30 - 2014-01-24 11:30 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG2014 2014-01-24 11:28 - 2014-01-24 11:28 - 00000000 ____D C:\Users\milky\AppData\Roaming\TuneUp Software 2014-01-24 11:24 - 2014-01-24 11:29 - 00000000 ____D C:\ProgramData\AVG2014 2014-01-24 11:24 - 2014-01-24 11:24 - 00000000 ___HD C:\$AVG 2014-01-24 11:13 - 2014-01-24 11:53 - 00000000 ____D C:\Users\milky\AppData\Local\Avg2014 2014-01-24 11:13 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\MFAData 2014-01-24 11:11 - 2014-01-24 11:12 - 04435768 _____ (AVG Technologies) C:\Users\milky\Desktop\avg_avct_stb_all_2014_4259_cm10.exe 2014-01-24 00:26 - 2014-01-24 00:26 - 00004324 _____ C:\Users\milky\Desktop\filmliste.odt 2014-01-17 11:54 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2014-01-17 11:54 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2014-01-16 13:04 - 2014-01-16 13:07 - 315620326 _____ C:\Users\milky\Downloads\SwMo74.part3.rar 2014-01-16 13:00 - 2014-01-16 13:04 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part2.rar 2014-01-16 12:52 - 2014-01-16 12:58 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part1.rar 2014-01-13 16:06 - 2014-01-13 16:07 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live Writer 2014-01-13 16:06 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Roaming\Windows Live Writer ==================== One Month Modified Files and Folders ======= 2014-01-26 15:39 - 2014-01-25 23:27 - 00012760 _____ C:\Users\milky\Downloads\FRST.txt 2014-01-26 15:37 - 2010-06-30 12:54 - 00001096 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-26 15:35 - 2013-05-01 18:13 - 00000000 ____D C:\Users\milky\AppData\Roaming\Dropbox 2014-01-26 14:27 - 2009-12-09 02:09 - 01628154 _____ C:\windows\WindowsUpdate.log 2014-01-26 14:22 - 2014-01-26 14:22 - 00000775 _____ C:\Users\milky\Desktop\JRT.txt 2014-01-26 14:10 - 2014-01-26 14:10 - 00000000 ____D C:\windows\ERUNT 2014-01-26 14:09 - 2014-01-26 14:09 - 00008285 _____ C:\Users\milky\Desktop\AdwCleaner[S0].txt 2014-01-26 14:08 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-26 14:08 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-26 14:07 - 2014-01-26 14:05 - 01037068 _____ (Thisisu) C:\Users\milky\Downloads\JRT.exe 2014-01-26 13:59 - 2013-05-03 11:15 - 00000000 ___RD C:\Users\milky\Dropbox 2014-01-26 13:58 - 2010-06-30 12:54 - 00001092 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-26 13:56 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2014-01-26 13:56 - 2009-07-14 05:39 - 00178521 _____ C:\windows\setupact.log 2014-01-26 13:53 - 2014-01-24 12:09 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2014-01-26 13:52 - 2014-01-26 13:43 - 00000000 ____D C:\AdwCleaner 2014-01-26 13:51 - 2010-07-01 21:24 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-26 13:42 - 2014-01-26 13:42 - 01236282 _____ C:\Users\milky\Desktop\adwcleaner.exe 2014-01-26 12:27 - 2012-05-20 11:22 - 00000000 ____D C:\ProgramData\MFAData 2014-01-26 09:44 - 2013-11-13 11:50 - 00313269 _____ C:\windows\IE11_main.log 2014-01-26 01:27 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI 2014-01-25 23:34 - 2014-01-25 23:32 - 00025758 _____ C:\Users\milky\Downloads\Addition.txt 2014-01-25 23:26 - 2014-01-25 23:26 - 00000000 ____D C:\FRST 2014-01-25 23:25 - 2014-01-25 23:25 - 01222144 _____ (Farbar) C:\Users\milky\Downloads\FRST.exe 2014-01-25 23:24 - 2014-01-25 23:24 - 00012935 _____ C:\Users\milky\Downloads\FRST64.exe 2014-01-25 23:23 - 2014-01-25 23:23 - 00000472 _____ C:\Users\milky\Downloads\defogger_disable.log 2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 _____ C:\Users\milky\defogger_reenable 2014-01-25 23:23 - 2010-06-29 06:44 - 00000000 ____D C:\Users\milky 2014-01-25 23:22 - 2014-01-25 23:22 - 00050477 _____ C:\Users\milky\Downloads\Defogger.exe 2014-01-25 22:38 - 2014-01-25 22:38 - 00008538 _____ C:\Users\milky\Desktop\hijackthis.log 2014-01-25 22:36 - 2014-01-25 22:35 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\HijackThis - CHIP-Downloader.exe 2014-01-25 22:25 - 2010-06-29 06:44 - 00000000 ____D C:\Users\milky\AppData\Local\VirtualStore 2014-01-25 22:24 - 2014-01-25 22:24 - 00001273 _____ C:\Users\milky\Desktop\FurMark.lnk 2014-01-25 22:24 - 2014-01-25 22:24 - 00000000 ____D C:\Program Files\Geeks3D 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup.exe 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup (1).exe 2014-01-25 21:48 - 2010-10-26 10:58 - 00000000 ____D C:\Users\milky\AppData\Roaming\vlc 2014-01-25 18:30 - 2009-12-09 03:03 - 00757084 _____ C:\windows\PFRO.log 2014-01-25 17:07 - 2014-01-25 17:07 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\UNetbootin - CHIP-Downloader.exe 2014-01-25 13:20 - 2012-09-05 16:39 - 00000000 ____D C:\Users\milky\Desktop\dokumente 2014-01-25 01:02 - 2012-03-13 12:53 - 00000000 ___RD C:\Users\milky\Desktop\programme 2014-01-25 00:51 - 2014-01-25 00:51 - 00000000 ____D C:\windows\system32\x64 2014-01-24 22:07 - 2011-02-03 21:49 - 00000000 ____D C:\Users\milky\AppData\Roaming\dvdcss 2014-01-24 19:36 - 2014-01-24 17:44 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-24 19:36 - 2010-06-29 07:05 - 00000000 ____D C:\Users\milky\AppData\Local\Microsoft Help 2014-01-24 17:59 - 2014-01-24 17:57 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (2).exe 2014-01-24 17:58 - 2014-01-24 17:46 - 00000000 ____D C:\ProgramData\AVG 2014-01-24 17:54 - 2014-01-24 17:54 - 00002175 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-01-24 17:54 - 2014-01-24 17:54 - 00002151 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-01-24 17:52 - 2014-01-24 17:52 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG 2014-01-24 17:51 - 2012-05-20 11:26 - 00000000 ____D C:\Program Files\AVG 2014-01-24 17:42 - 2014-01-24 17:41 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (1).exe 2014-01-24 13:49 - 2014-01-24 13:48 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4.exe 2014-01-24 12:13 - 2014-01-24 12:13 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 12:09 - 2014-01-24 12:09 - 00000000 ____D C:\Users\milky\Documents\Anti-Malware 2014-01-24 11:53 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\Avg2014 2014-01-24 11:39 - 2014-01-24 11:36 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Downloads\EmsisoftAntiMalwareSetup (1).exe 2014-01-24 11:37 - 2014-01-24 11:33 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Desktop\EmsisoftAntiMalwareSetup.exe 2014-01-24 11:30 - 2014-01-24 11:30 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG2014 2014-01-24 11:29 - 2014-01-24 11:24 - 00000000 ____D C:\ProgramData\AVG2014 2014-01-24 11:28 - 2014-01-24 11:28 - 00000000 ____D C:\Users\milky\AppData\Roaming\TuneUp Software 2014-01-24 11:24 - 2014-01-24 11:24 - 00000000 ___HD C:\$AVG 2014-01-24 11:13 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\MFAData 2014-01-24 11:12 - 2014-01-24 11:11 - 04435768 _____ (AVG Technologies) C:\Users\milky\Desktop\avg_avct_stb_all_2014_4259_cm10.exe 2014-01-24 00:26 - 2014-01-24 00:26 - 00004324 _____ C:\Users\milky\Desktop\filmliste.odt 2014-01-23 18:47 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\wfp 2014-01-23 18:44 - 2013-11-09 22:53 - 00000000 ____D C:\Users\milky\Desktop\VLC 2014-01-23 18:44 - 2009-12-09 02:20 - 00000000 ____D C:\ProgramData\WinClon 2014-01-23 18:44 - 2009-12-09 02:12 - 00000000 ____D C:\Program Files\Atheros Client Installation Program 2014-01-23 18:44 - 2009-12-09 02:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-23 18:44 - 2009-07-14 03:37 - 00000000 ____D C:\windows\registration 2014-01-23 18:28 - 2013-12-02 16:57 - 00000000 ____D C:\Users\milky\Desktop\fotos 2014-01-23 18:28 - 2012-09-05 16:41 - 00000000 ____D C:\Users\milky\Desktop\musik 2014-01-22 13:15 - 2009-07-14 05:33 - 00369928 _____ C:\windows\system32\FNTCACHE.DAT 2014-01-22 00:15 - 2010-06-29 06:54 - 00000000 ____D C:\Program Files\Samsung Casual Games 2014-01-19 01:20 - 2013-12-13 22:31 - 00006765 _____ C:\Users\milky\Desktop\nuschel..odt 2014-01-16 13:21 - 2013-05-01 18:14 - 00000000 ____D C:\Users\milky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-16 13:07 - 2014-01-16 13:04 - 315620326 _____ C:\Users\milky\Downloads\SwMo74.part3.rar 2014-01-16 13:04 - 2014-01-16 13:00 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part2.rar 2014-01-16 12:58 - 2014-01-16 12:52 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part1.rar 2014-01-13 16:07 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live Writer 2014-01-13 16:06 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Roaming\Windows Live Writer 2014-01-13 16:03 - 2013-08-29 12:27 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live 2014-01-02 12:04 - 2013-12-20 13:39 - 00005292 _____ C:\Users\milky\Desktop\Bastelideen.odt Some content of TEMP: ==================== C:\Users\milky\AppData\Local\Temp\7za.exe C:\Users\milky\AppData\Local\Temp\GoogleChromeInstaller.exe C:\Users\milky\AppData\Local\Temp\install_flashplayer11x32_mssa_aih.exe C:\Users\milky\AppData\Local\Temp\Quarantine.exe C:\Users\milky\AppData\Local\Temp\YontooIEClient.dll C:\Users\milky\AppData\Local\Temp\YontooSetup-Silent.exe C:\Users\milky\AppData\Local\Temp\{83665D45-7903-4111-A5C4-E7DAF8F1691D}-chrome_updater.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-30 10:54 ==================== End Of Log ============================ --- --- --- --- --- --- Geändert von PennyPopcorn (26.01.2014 um 15:52 Uhr) |
27.01.2014, 10:17 | #4 |
/// the machine /// TB-Ausbilder | pc langsam, videos ruckeln, verdacht auf virusESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
27.01.2014, 19:53 | #5 |
| pc langsam, videos ruckeln, verdacht auf virusCode:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=619833bdeb379a41b8b705ce0bb87f53 # engine=16808 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-01-27 04:57:47 # local_time=2014-01-27 05:57:47 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 533093 142473058 0 0 # scanned=136479 # found=7 # cleaned=0 # scan_time=19976 sh=4E87476DC084C0FD24240ED0540A5A2B77551FF3 ft=1 fh=d730a63e5b652eb9 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir" sh=48EF8B4E06E0F1D3C06C4D6E1EA2B6CE48AA5231 ft=1 fh=ac26df35aa8ade69 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll.vir" sh=F40832FD1F22C65DBD4E4B4D3DA024A029D55E02 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\plugin@yontoo.com.xpi.vir" sh=F180DEFA96A16DA39C7989A35BF5631B59C3DBBB ft=1 fh=bf6c06fa3ebb6603 vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\milky\AppData\Local\Temp\YontooIEClient.dll" sh=48CB2EBFF1265B8A0FF062B028687819E7E293FB ft=1 fh=fdf0030b74fb0e4c vn="Win32/Adware.Yontoo application" ac=I fn="C:\Users\milky\AppData\Local\Temp\YontooSetup-Silent.exe" sh=383852026F51E73D3BDBC46702E7762AAD1FB173 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\Users\milky\AppData\Local\Temp\YontooLayers\yl.js" sh=6A4F558B7157DE07CAC08311D842C26754AC38BD ft=1 fh=639c288a0bd481d5 vn="multiple threats" ac=I fn="C:\Users\milky\Desktop\programme\PageRage-SilentInstaller.exe" Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED! FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014 01 Ran by milky (administrator) on MILKY-PC on 27-01-2014 19:42:22 Running from C:\Users\milky\Downloads Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Dropbox, Inc.) C:\Users\milky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe () C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.) HKCU\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION Startup: C:\Users\milky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\milky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKCU - {42FAFB27-7570-4097-9DC0-69DA43623700} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171 FireFox: ======== FF ProfilePath: C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: Google FF Homepage: google.de FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Users\milky\Desktop\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml FF Extension: ColorfulTabs - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2013-12-20] FF Extension: ColorZilla - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-11-25] FF Extension: GMX MailCheck - C:\Users\milky\AppData\Roaming\Mozilla\Firefox\Profiles\qtjoywgi.default\Extensions\toolbar@gmx.net.xpi [2011-05-15] Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Skype Toolbars) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (YouTube) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17] CHR Extension: (Adblock Plus) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-16] CHR Extension: (Google-Suche) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17] CHR Extension: (Google Wallet) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Google Mail) - C:\Users\milky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17] ========================== Services (Whitelisted) ================= R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S4 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] () S4 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1741624 2013-12-18] (AVG) ==================== Drivers (Whitelisted) ==================== S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [57944 2013-08-24] (Emsisoft GmbH) R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH) R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) S3 cleanhlp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software) R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] () S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-27 19:38 - 2014-01-27 19:38 - 00000000 ____D C:\Users\milky\Downloads\FRST-OlderVersion 2014-01-27 18:05 - 2014-01-27 18:05 - 00987425 _____ C:\Users\milky\Downloads\SecurityCheck.exe 2014-01-27 12:20 - 2014-01-27 12:20 - 02347384 _____ (ESET) C:\Users\milky\Downloads\esetsmartinstaller_enu.exe 2014-01-27 12:20 - 2014-01-27 12:20 - 00000000 ____D C:\Program Files\ESET 2014-01-26 14:22 - 2014-01-26 14:22 - 00000775 _____ C:\Users\milky\Desktop\JRT.txt 2014-01-26 14:10 - 2014-01-26 14:10 - 00000000 ____D C:\windows\ERUNT 2014-01-26 14:09 - 2014-01-26 14:09 - 00008285 _____ C:\Users\milky\Desktop\AdwCleaner[S0].txt 2014-01-26 14:05 - 2014-01-26 14:07 - 01037068 _____ (Thisisu) C:\Users\milky\Downloads\JRT.exe 2014-01-26 13:43 - 2014-01-26 13:52 - 00000000 ____D C:\AdwCleaner 2014-01-26 13:42 - 2014-01-26 13:42 - 01236282 _____ C:\Users\milky\Desktop\adwcleaner.exe 2014-01-25 23:32 - 2014-01-25 23:34 - 00025758 _____ C:\Users\milky\Downloads\Addition.txt 2014-01-25 23:27 - 2014-01-27 19:42 - 00012698 _____ C:\Users\milky\Downloads\FRST.txt 2014-01-25 23:26 - 2014-01-27 19:38 - 00000000 ____D C:\FRST 2014-01-25 23:25 - 2014-01-27 19:38 - 01223168 _____ (Farbar) C:\Users\milky\Downloads\FRST.exe 2014-01-25 23:23 - 2014-01-25 23:23 - 00000472 _____ C:\Users\milky\Downloads\defogger_disable.log 2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 _____ C:\Users\milky\defogger_reenable 2014-01-25 23:22 - 2014-01-25 23:22 - 00050477 _____ C:\Users\milky\Downloads\Defogger.exe 2014-01-25 22:38 - 2014-01-25 22:38 - 00008538 _____ C:\Users\milky\Desktop\hijackthis.log 2014-01-25 22:35 - 2014-01-25 22:36 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\HijackThis - CHIP-Downloader.exe 2014-01-25 22:24 - 2014-01-25 22:24 - 00001273 _____ C:\Users\milky\Desktop\FurMark.lnk 2014-01-25 22:24 - 2014-01-25 22:24 - 00000000 ____D C:\Program Files\Geeks3D 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup.exe 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup (1).exe 2014-01-25 17:07 - 2014-01-25 17:07 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\UNetbootin - CHIP-Downloader.exe 2014-01-25 00:51 - 2014-01-25 00:51 - 00000000 ____D C:\windows\system32\x64 2014-01-24 17:57 - 2014-01-24 17:59 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (2).exe 2014-01-24 17:54 - 2014-01-24 17:54 - 00002175 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-01-24 17:54 - 2014-01-24 17:54 - 00002151 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-01-24 17:54 - 2013-12-18 09:38 - 00036152 _____ (AVG) C:\windows\system32\TURegOpt.exe 2014-01-24 17:54 - 2013-12-18 09:38 - 00025400 _____ (AVG) C:\windows\system32\authuitu.dll 2014-01-24 17:52 - 2014-01-24 17:52 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG 2014-01-24 17:46 - 2014-01-24 17:58 - 00000000 ____D C:\ProgramData\AVG 2014-01-24 17:44 - 2014-01-24 19:36 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-24 17:41 - 2014-01-24 17:42 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (1).exe 2014-01-24 13:48 - 2014-01-24 13:49 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4.exe 2014-01-24 12:13 - 2014-01-24 12:13 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 12:09 - 2014-01-26 13:53 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2014-01-24 12:09 - 2014-01-24 12:09 - 00000000 ____D C:\Users\milky\Documents\Anti-Malware 2014-01-24 11:36 - 2014-01-24 11:39 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Downloads\EmsisoftAntiMalwareSetup (1).exe 2014-01-24 11:33 - 2014-01-24 11:37 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Desktop\EmsisoftAntiMalwareSetup.exe 2014-01-24 11:30 - 2014-01-24 11:30 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG2014 2014-01-24 11:28 - 2014-01-24 11:28 - 00000000 ____D C:\Users\milky\AppData\Roaming\TuneUp Software 2014-01-24 11:24 - 2014-01-24 11:29 - 00000000 ____D C:\ProgramData\AVG2014 2014-01-24 11:24 - 2014-01-24 11:24 - 00000000 ___HD C:\$AVG 2014-01-24 11:13 - 2014-01-24 11:53 - 00000000 ____D C:\Users\milky\AppData\Local\Avg2014 2014-01-24 11:13 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\MFAData 2014-01-24 11:11 - 2014-01-24 11:12 - 04435768 _____ (AVG Technologies) C:\Users\milky\Desktop\avg_avct_stb_all_2014_4259_cm10.exe 2014-01-24 00:26 - 2014-01-27 04:10 - 00004412 _____ C:\Users\milky\Desktop\filmliste.odt 2014-01-17 11:54 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2014-01-17 11:54 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2014-01-16 13:04 - 2014-01-16 13:07 - 315620326 _____ C:\Users\milky\Downloads\SwMo74.part3.rar 2014-01-16 13:00 - 2014-01-16 13:04 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part2.rar 2014-01-16 12:52 - 2014-01-16 12:58 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part1.rar 2014-01-13 16:06 - 2014-01-13 16:07 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live Writer 2014-01-13 16:06 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Roaming\Windows Live Writer ==================== One Month Modified Files and Folders ======= 2014-01-27 19:43 - 2014-01-25 23:27 - 00012698 _____ C:\Users\milky\Downloads\FRST.txt 2014-01-27 19:40 - 2013-05-01 18:13 - 00000000 ____D C:\Users\milky\AppData\Roaming\Dropbox 2014-01-27 19:38 - 2014-01-27 19:38 - 00000000 ____D C:\Users\milky\Downloads\FRST-OlderVersion 2014-01-27 19:38 - 2014-01-25 23:26 - 00000000 ____D C:\FRST 2014-01-27 19:38 - 2014-01-25 23:25 - 01223168 _____ (Farbar) C:\Users\milky\Downloads\FRST.exe 2014-01-27 18:59 - 2010-06-30 12:54 - 00001096 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-27 18:23 - 2009-12-09 02:09 - 01257899 _____ C:\windows\WindowsUpdate.log 2014-01-27 18:05 - 2014-01-27 18:05 - 00987425 _____ C:\Users\milky\Downloads\SecurityCheck.exe 2014-01-27 16:26 - 2012-05-20 11:22 - 00000000 ____D C:\ProgramData\MFAData 2014-01-27 12:20 - 2014-01-27 12:20 - 02347384 _____ (ESET) C:\Users\milky\Downloads\esetsmartinstaller_enu.exe 2014-01-27 12:20 - 2014-01-27 12:20 - 00000000 ____D C:\Program Files\ESET 2014-01-27 12:20 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI 2014-01-27 10:47 - 2013-12-02 16:57 - 00000000 ____D C:\Users\milky\Desktop\fotos 2014-01-27 10:46 - 2010-06-30 12:54 - 00001092 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-27 04:41 - 2009-07-14 05:39 - 00178689 _____ C:\windows\setupact.log 2014-01-27 04:10 - 2014-01-24 00:26 - 00004412 _____ C:\Users\milky\Desktop\filmliste.odt 2014-01-27 03:05 - 2013-11-13 11:50 - 00319660 _____ C:\windows\IE11_main.log 2014-01-26 14:22 - 2014-01-26 14:22 - 00000775 _____ C:\Users\milky\Desktop\JRT.txt 2014-01-26 14:10 - 2014-01-26 14:10 - 00000000 ____D C:\windows\ERUNT 2014-01-26 14:09 - 2014-01-26 14:09 - 00008285 _____ C:\Users\milky\Desktop\AdwCleaner[S0].txt 2014-01-26 14:08 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-26 14:08 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-26 14:07 - 2014-01-26 14:05 - 01037068 _____ (Thisisu) C:\Users\milky\Downloads\JRT.exe 2014-01-26 13:59 - 2013-05-03 11:15 - 00000000 ___RD C:\Users\milky\Dropbox 2014-01-26 13:56 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2014-01-26 13:53 - 2014-01-24 12:09 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware 2014-01-26 13:52 - 2014-01-26 13:43 - 00000000 ____D C:\AdwCleaner 2014-01-26 13:51 - 2010-07-01 21:24 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-26 13:42 - 2014-01-26 13:42 - 01236282 _____ C:\Users\milky\Desktop\adwcleaner.exe 2014-01-25 23:34 - 2014-01-25 23:32 - 00025758 _____ C:\Users\milky\Downloads\Addition.txt 2014-01-25 23:23 - 2014-01-25 23:23 - 00000472 _____ C:\Users\milky\Downloads\defogger_disable.log 2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 _____ C:\Users\milky\defogger_reenable 2014-01-25 23:23 - 2010-06-29 06:44 - 00000000 ____D C:\Users\milky 2014-01-25 23:22 - 2014-01-25 23:22 - 00050477 _____ C:\Users\milky\Downloads\Defogger.exe 2014-01-25 22:38 - 2014-01-25 22:38 - 00008538 _____ C:\Users\milky\Desktop\hijackthis.log 2014-01-25 22:36 - 2014-01-25 22:35 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\HijackThis - CHIP-Downloader.exe 2014-01-25 22:25 - 2010-06-29 06:44 - 00000000 ____D C:\Users\milky\AppData\Local\VirtualStore 2014-01-25 22:24 - 2014-01-25 22:24 - 00001273 _____ C:\Users\milky\Desktop\FurMark.lnk 2014-01-25 22:24 - 2014-01-25 22:24 - 00000000 ____D C:\Program Files\Geeks3D 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup.exe 2014-01-25 22:21 - 2014-01-25 22:21 - 05032470 _____ (Geeks3D ) C:\Users\milky\Downloads\FurMark_1.12.0_Setup (1).exe 2014-01-25 21:48 - 2010-10-26 10:58 - 00000000 ____D C:\Users\milky\AppData\Roaming\vlc 2014-01-25 18:30 - 2009-12-09 03:03 - 00757084 _____ C:\windows\PFRO.log 2014-01-25 17:07 - 2014-01-25 17:07 - 00614784 _____ (Chip Digital GmbH) C:\Users\milky\Downloads\UNetbootin - CHIP-Downloader.exe 2014-01-25 13:20 - 2012-09-05 16:39 - 00000000 ____D C:\Users\milky\Desktop\dokumente 2014-01-25 01:02 - 2012-03-13 12:53 - 00000000 ___RD C:\Users\milky\Desktop\programme 2014-01-25 00:51 - 2014-01-25 00:51 - 00000000 ____D C:\windows\system32\x64 2014-01-24 22:07 - 2011-02-03 21:49 - 00000000 ____D C:\Users\milky\AppData\Roaming\dvdcss 2014-01-24 19:36 - 2014-01-24 17:44 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-24 19:36 - 2010-06-29 07:05 - 00000000 ____D C:\Users\milky\AppData\Local\Microsoft Help 2014-01-24 17:59 - 2014-01-24 17:57 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (2).exe 2014-01-24 17:58 - 2014-01-24 17:46 - 00000000 ____D C:\ProgramData\AVG 2014-01-24 17:54 - 2014-01-24 17:54 - 00002175 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2014-01-24 17:54 - 2014-01-24 17:54 - 00002151 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-01-24 17:52 - 2014-01-24 17:52 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG 2014-01-24 17:51 - 2012-05-20 11:26 - 00000000 ____D C:\Program Files\AVG 2014-01-24 17:42 - 2014-01-24 17:41 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4 (1).exe 2014-01-24 13:49 - 2014-01-24 13:48 - 78353832 _____ (AVG) C:\Users\milky\Downloads\avg_tuh_stf_all_2014_295_24c4.exe 2014-01-24 12:13 - 2014-01-24 12:13 - 00001053 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 12:09 - 2014-01-24 12:09 - 00000000 ____D C:\Users\milky\Documents\Anti-Malware 2014-01-24 11:53 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\Avg2014 2014-01-24 11:39 - 2014-01-24 11:36 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Downloads\EmsisoftAntiMalwareSetup (1).exe 2014-01-24 11:37 - 2014-01-24 11:33 - 238782168 _____ (Emsisoft GmbH ) C:\Users\milky\Desktop\EmsisoftAntiMalwareSetup.exe 2014-01-24 11:30 - 2014-01-24 11:30 - 00000000 ____D C:\Users\milky\AppData\Roaming\AVG2014 2014-01-24 11:29 - 2014-01-24 11:24 - 00000000 ____D C:\ProgramData\AVG2014 2014-01-24 11:28 - 2014-01-24 11:28 - 00000000 ____D C:\Users\milky\AppData\Roaming\TuneUp Software 2014-01-24 11:24 - 2014-01-24 11:24 - 00000000 ___HD C:\$AVG 2014-01-24 11:13 - 2014-01-24 11:13 - 00000000 ____D C:\Users\milky\AppData\Local\MFAData 2014-01-24 11:12 - 2014-01-24 11:11 - 04435768 _____ (AVG Technologies) C:\Users\milky\Desktop\avg_avct_stb_all_2014_4259_cm10.exe 2014-01-23 18:47 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\wfp 2014-01-23 18:44 - 2013-11-09 22:53 - 00000000 ____D C:\Users\milky\Desktop\VLC 2014-01-23 18:44 - 2009-12-09 02:20 - 00000000 ____D C:\ProgramData\WinClon 2014-01-23 18:44 - 2009-12-09 02:12 - 00000000 ____D C:\Program Files\Atheros Client Installation Program 2014-01-23 18:44 - 2009-12-09 02:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-23 18:44 - 2009-07-14 03:37 - 00000000 ____D C:\windows\registration 2014-01-23 18:28 - 2012-09-05 16:41 - 00000000 ____D C:\Users\milky\Desktop\musik 2014-01-22 13:15 - 2009-07-14 05:33 - 00369928 _____ C:\windows\system32\FNTCACHE.DAT 2014-01-22 00:15 - 2010-06-29 06:54 - 00000000 ____D C:\Program Files\Samsung Casual Games 2014-01-19 01:20 - 2013-12-13 22:31 - 00006765 _____ C:\Users\milky\Desktop\nuschel..odt 2014-01-16 13:21 - 2013-05-01 18:14 - 00000000 ____D C:\Users\milky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-16 13:07 - 2014-01-16 13:04 - 315620326 _____ C:\Users\milky\Downloads\SwMo74.part3.rar 2014-01-16 13:04 - 2014-01-16 13:00 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part2.rar 2014-01-16 12:58 - 2014-01-16 12:52 - 524288000 _____ C:\Users\milky\Downloads\SwMo74.part1.rar 2014-01-13 16:07 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live Writer 2014-01-13 16:06 - 2014-01-13 16:06 - 00000000 ____D C:\Users\milky\AppData\Roaming\Windows Live Writer 2014-01-13 16:03 - 2013-08-29 12:27 - 00000000 ____D C:\Users\milky\AppData\Local\Windows Live 2014-01-02 12:04 - 2013-12-20 13:39 - 00005292 _____ C:\Users\milky\Desktop\Bastelideen.odt Some content of TEMP: ==================== C:\Users\milky\AppData\Local\Temp\7za.exe C:\Users\milky\AppData\Local\Temp\GoogleChromeInstaller.exe C:\Users\milky\AppData\Local\Temp\install_flashplayer11x32_mssa_aih.exe C:\Users\milky\AppData\Local\Temp\Quarantine.exe C:\Users\milky\AppData\Local\Temp\YontooIEClient.dll C:\Users\milky\AppData\Local\Temp\YontooSetup-Silent.exe C:\Users\milky\AppData\Local\Temp\{83665D45-7903-4111-A5C4-E7DAF8F1691D}-chrome_updater.exe ==================== Bamital & volsnap Check ================= C:\windows\explorer.exe => MD5 is legit C:\windows\system32\winlogon.exe => MD5 is legit C:\windows\system32\wininit.exe => MD5 is legit C:\windows\system32\svchost.exe => MD5 is legit C:\windows\system32\services.exe => MD5 is legit C:\windows\system32\User32.dll => MD5 is legit C:\windows\system32\userinit.exe => MD5 is legit C:\windows\system32\rpcss.dll => MD5 is legit C:\windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-30 10:54 ==================== End Of Log ============================ vielen dank für die hilfe. der techniker hat heute die internetgeschwindigkeit gemessen und vorsichtshalber eine neue buxe eingebaut. dort ist jetzt alles im grünen bereich. pc ist jedoch nach wie vor langsam, videos ruckeln immer noch. gerade gesehen, dass der arbeitsspeicher ohne offene programme über die hälfte ausgelastet ist... |
28.01.2014, 15:14 | #6 |
/// the machine /// TB-Ausbilder | pc langsam, videos ruckeln, verdacht auf virus Hi, und welcher prozess zieht den RAM? In welchem Browser ist das Ruckeln?
__________________ --> pc langsam, videos ruckeln, verdacht auf virus |
29.01.2014, 15:35 | #7 |
| pc langsam, videos ruckeln, verdacht auf virus wenn ich im taskmanager > prozesse die einzelnen prozese zusammenrechne (wie jetzt, wo ich nur chrome offen habe) komme ich auf etwa 350-400mb, im taskmanager > leistung werden 900mb angezeigt. keine ahnung, ob das jetzt was zu bedeuten hat. kurzzeitig dachte ich, ein fehlgeschlagenes sicherheitsupdate von windows könnte der grund sein. ich las im internet, dass so etwas die leistung beeinträchtigen kann. tatsächlich fand ich im updateverlauf haufenweise fehlgeschlagener updates in den letzten tagen. ich versuchte also das letzte installierte windows update zu löschen (sicherheitsupdate), was aber nicht funktionierte. nachdem ich den temp ordner geleert hatte, trat eine leichte verbesserung ein. ich bin gerade echt am verzweifeln... vllt. windows einfach neu aufsetzen? |
30.01.2014, 14:27 | #8 |
/// the machine /// TB-Ausbilder | pc langsam, videos ruckeln, verdacht auf virus Windows neu aufsetzen hilft immer. Du müsstest aber mal meine Fragen richtig beantworten . Siehst Du die Auslastung nur im Taskmanager, oder spürst Du auch wirklich irgend ein Problem im Moment? ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu pc langsam, videos ruckeln, verdacht auf virus |
adblock, adobe, auslastung, avg, avg antivirus, betriebssystem windows 7, bho, cpu, dateien gelöscht, device driver, dvdvideosoft ltd., emsisoft, explorer, flash player, google, grafikkarte, hijackthis, internet, internet explorer, js/adware.yontoo.a, langsam, logfile, newtab, programme, scan, seiten, software, speedtest, virus, win32/adware.yontoo, win32/adware.yontoo.a, win32/adware.yontoo.b, windows |