Pop-up Plage bei Firefox

Rattle07 · 09.04.2014, 22:29

Liebe Community,

auf dem betroffenen Privat-PC names "vera" scheint sich diverse malware zu tummeln, welche symptomatisch den Browser mit Pop-ups bombardiert. Ich hoffe, die Scans geben Aufschluss und ihr könnt helfen. Besten Dank

.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by vera (administrator) on VERA-PC on 09-04-2014 23:26:14
Running from C:\Users\vera\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Absolute Software Corp.) C:\Windows\system32\rpcnet.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
() C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
(Microsoft) C:\Program Files\Yontoo\Y2Desktop.Updater.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [497024 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [SAOB Monitor] - C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2570688 2010-11-16] (Acronis)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5578920 2010-11-23] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [391240 2010-11-23] (Acronis)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/?l=dis&o=APN10462&gct=hp&apn_ptnrs=^AKM&apn_dtid=^zzz002^YY^AT&p2=^AKM^zzz002^YY^AT&tpid=ATU4&apn_dbr=ff_17.0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB0E5C05352FDCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} -  No File
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=805
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=805
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {6B409211-D885-43D8-82F3-5E4F85A29934} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {B269483F-1C9A-40B7-8D39-8BEF16C97E72} URL = hxxp://asksearch.ask.com/redirect?client=ie&src=kw&tb=ATU4&itbv=11.5.0.798&o=APN10462&locale=de_US&apn_uid=198937CC-A2EF-494D-986A-20F95F0B21D4&apn_ptnrs=^AKM&apn_dtid=^zzz002^YY^AT&apn_dbr=ff_17.0&doi=2012-12-14&q={searchTerms}&
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default
FF user.js: detected! => C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\user.js
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\searchplugins\benefind.xml
FF SearchPlugin: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yontoo - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\plugin@yontoo.com [2013-03-14]
FF Extension: Ask Toolbar - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\toolbar@ask.com [2012-04-11]
FF Extension: Movie2kDownloader - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF Extension: Ask Toolbar - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\toolbar_ATU4@apn.ask.com.xpi [2013-03-05]
FF Extension: Adblock Plus - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-09]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-29]
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [805032 2010-11-23] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2012-02-26] (Acronis)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [58288 2012-11-22] (Absolute Software Corp.)
R2 Yontoo Desktop Updater; "C:\Program Files\Yontoo\Y2Desktop.Updater.exe" "C:\Users\vera\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-08] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-04-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-08] ()
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [87040 2009-07-29] (ELAN Microelectronic Corp.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [107736 2014-04-09] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
U0 rfexo; C:\Windows\System32\drivers\otwdunef.sys [52440 2014-04-09] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-06] ()
S1 ivjnazus; \??\C:\Windows\system32\drivers\ivjnazus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-09 23:26 - 2014-04-09 23:26 - 00014679 _____ () C:\Users\vera\Desktop\FRST.txt
2014-04-09 23:26 - 2014-04-09 23:26 - 00000000 ____D () C:\FRST
2014-04-09 23:25 - 2014-04-09 23:25 - 01145856 _____ (Farbar) C:\Users\vera\Desktop\FRST.exe
2014-04-09 23:25 - 2014-04-09 23:25 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\otwdunef.sys
2014-04-09 22:08 - 2014-04-09 22:09 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 22:08 - 2014-04-09 22:08 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-09 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-09 10:26 - 2014-04-09 10:26 - 00000000 ____D () C:\SUPERDelete
2014-04-09 00:01 - 2014-04-09 23:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-08 23:42 - 2014-04-08 23:42 - 00000000 ____D () C:\Users\vera\AppData\Roaming\AVAST Software
2014-04-08 23:42 - 2014-04-08 23:41 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-08 23:42 - 2014-04-08 23:41 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-08 23:41 - 2014-04-08 23:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-08 23:41 - 2014-04-08 23:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-08 23:39 - 2014-04-08 23:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 23:31 - 2014-04-08 23:31 - 00000000 ____D () C:\Windows\pss
2014-04-08 23:28 - 2014-02-23 15:57 - 00000426 _____ () C:\AVScanner.ini
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 23:27 - 2014-04-08 23:26 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 23:26 - 2014-04-08 23:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-08 23:26 - 2014-04-08 23:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-08 23:10 - 2014-04-08 23:10 - 00000000 ____D () C:\Users\vera\AppData\Roaming\SUPERAntiSpyware.com
2014-04-08 23:09 - 2014-04-08 23:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-08 23:09 - 2014-04-08 23:09 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-04-08 23:09 - 2014-04-08 23:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-29 12:35 - 2014-03-29 12:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-19 00:47 - 2014-03-19 00:47 - 00000000 ____D () C:\c56d08af38be7df8785080855f55
2014-03-13 13:53 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 13:53 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 13:53 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 13:53 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 13:53 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 13:53 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 13:53 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 13:53 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 13:53 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 13:53 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 13:53 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 13:53 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 13:53 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 13:53 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 13:53 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 13:53 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 13:53 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 13:53 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 13:53 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 13:53 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 13:53 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 13:53 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 13:53 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 13:53 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 13:53 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 13:53 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 13:53 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

==================== One Month Modified Files and Folders =======

2014-04-09 23:26 - 2014-04-09 23:26 - 00014679 _____ () C:\Users\vera\Desktop\FRST.txt
2014-04-09 23:26 - 2014-04-09 23:26 - 00000000 ____D () C:\FRST
2014-04-09 23:26 - 2014-04-09 00:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 23:25 - 2014-04-09 23:25 - 01145856 _____ (Farbar) C:\Users\vera\Desktop\FRST.exe
2014-04-09 23:25 - 2014-04-09 23:25 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\otwdunef.sys
2014-04-09 23:24 - 2012-02-26 21:56 - 01294839 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 22:13 - 2009-07-14 06:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 22:13 - 2009-07-14 06:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 22:09 - 2014-04-09 22:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 22:08 - 2014-04-09 22:08 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 22:06 - 2012-02-26 22:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-09 22:06 - 2012-02-26 22:06 - 00058288 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-04-09 22:06 - 2012-02-26 21:53 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe
2014-04-09 22:06 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 22:06 - 2009-07-14 06:39 - 00057761 _____ () C:\Windows\setupact.log
2014-04-09 22:05 - 2012-02-26 21:59 - 00091038 _____ () C:\Windows\PFRO.log
2014-04-09 12:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-09 10:26 - 2014-04-09 10:26 - 00000000 ____D () C:\SUPERDelete
2014-04-09 00:01 - 2013-03-20 01:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-09 00:01 - 2012-02-26 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-08 23:45 - 2013-06-13 00:08 - 00000000 ____D () C:\Users\vera\AppData\Roaming\File Scout
2014-04-08 23:42 - 2014-04-08 23:42 - 00000000 ____D () C:\Users\vera\AppData\Roaming\AVAST Software
2014-04-08 23:41 - 2014-04-08 23:42 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-08 23:41 - 2014-04-08 23:42 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-08 23:41 - 2014-04-08 23:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-08 23:41 - 2014-04-08 23:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-08 23:40 - 2014-04-08 23:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 23:32 - 2012-02-26 23:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-08 23:31 - 2014-04-08 23:31 - 00000000 ____D () C:\Windows\pss
2014-04-08 23:31 - 2012-04-23 14:17 - 00000000 ___RD () C:\Users\vera\Dropbox
2014-04-08 23:30 - 2012-02-26 23:55 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Skype
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 23:26 - 2014-04-08 23:27 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 23:26 - 2014-04-08 23:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-08 23:26 - 2014-04-08 23:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-08 23:26 - 2012-02-26 23:53 - 00000000 ____D () C:\Program Files\Java
2014-04-08 23:19 - 2012-04-23 14:14 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Dropbox
2014-04-08 23:15 - 2013-03-14 21:13 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Yontoo
2014-04-08 23:13 - 2013-03-14 21:13 - 00000000 ____D () C:\Program Files\Yontoo
2014-04-08 23:10 - 2014-04-08 23:10 - 00000000 ____D () C:\Users\vera\AppData\Roaming\SUPERAntiSpyware.com
2014-04-08 23:10 - 2014-04-08 23:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-08 23:09 - 2014-04-08 23:09 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-04-08 23:09 - 2014-04-08 23:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-08 14:08 - 2012-06-02 23:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-04 07:52 - 2012-02-26 22:09 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 09:51 - 2014-04-09 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-09 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-09 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 12:35 - 2014-03-29 12:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-19 00:47 - 2014-03-19 00:47 - 00000000 ____D () C:\c56d08af38be7df8785080855f55
2014-03-19 00:47 - 2013-09-04 09:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 00:47 - 2010-06-24 10:43 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-14 19:22 - 2009-07-14 06:33 - 00408696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 19:21 - 2012-12-14 11:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 18:53 - 2012-02-26 23:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 18:28 - 2012-02-26 23:54 - 00000000 ___RD () C:\Program Files\Skype

Some content of TEMP:
====================
C:\Users\vera\AppData\Local\Temp\APNSetup.exe
C:\Users\vera\AppData\Local\Temp\InstallNorton.exe
C:\Users\vera\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\vera\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\vera\AppData\Local\Temp\SkypeSetup.exe
C:\Users\vera\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\vera\AppData\Local\Temp\TubeBox_Setup.exe
C:\Users\vera\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 12:06

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by vera at 2014-04-09 23:27:06
Running from C:\Users\vera\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Acronis*True*Image*Home 2011 (HKLM\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6574 - Acronis)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.12.2.0 - Ask.com) <==== ATTENTION
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2016 - Avast Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
ControlDeck (HKLM\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
DriverBoost (HKLM\...\{044E78D2-8F54-4F6F-AD2B-A122F8111EDB}) (Version: 8.1 - DriverBoost)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ETDWare PS/2-x86 7.0.5.7_WHQL (HKLM\...\Elantech) (Version:  - )
HappyFoto-Designer 4.5 (HKLM\...\HappyFoto-Designer_is1) (Version:  - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Movie2KDownloader (HKLM\...\1ClickDownload) (Version: 2.1 Build 26473 - Movie2KDownloader.com)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA 3D Vision Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 295.73 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.73 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0209 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0209 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0209 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9573 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 295.73 (Version: 295.73 - NVIDIA Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TubeBox! (HKLM\...\{A78A5C61-2397-407E-A41F-0A0FFAD2572F}) (Version: 3.4.9 - Jens Lorek)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
Yontoo 2.05 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.05 - Yontoo LLC) <==== ATTENTION

==================== Restore Points  =========================

24-03-2014 08:01:31 Windows Update
28-03-2014 19:27:06 Windows Update
02-04-2014 14:39:38 Windows Update
05-04-2014 18:20:10 Windows Update
08-04-2014 21:22:55 Removed Java(TM) 6 Update 35
08-04-2014 21:25:40 Installed Java 7 Update 51
08-04-2014 21:40:45 avast! antivirus system restore point
08-04-2014 21:56:45 Windows Defender Checkpoint

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0763411B-3642-4ED2-9F90-0359143863DA} - System32\Tasks\ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {0B01B8C8-59B7-4C4F-A6B7-91390CB2F599} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-08] (AVAST Software)
Task: {14B73B1A-B00E-47AE-A26B-9EDF1F97E74F} - System32\Tasks\{B9C5BFBA-BFBD-4ABF-9165-BABDF4712363} => C:\Program Files\asus\VirtualCamera\VirCam.exe [2009-04-20] ()
Task: {3CD9160D-70A9-47FE-BFC7-0D857EEF0C28} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {5DF9972A-B30B-42B8-B487-859EE0503FE8} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe [2012-10-12] (PC Drivers Headquarters)
Task: {81B86144-09D1-4B01-9708-4EA86B55750B} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {81D417D6-7625-4FF4-9423-FE59AB8808D9} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe [2012-10-12] (PC Drivers Headquarters)
Task: {894C0A1F-1AB8-43D8-BF1C-D4CAE0576BB9} - System32\Tasks\{7DAF8F45-B1EE-4143-9612-8C782D05A1B6} => C:\Program Files\asus\VirtualCamera\VirCam.exe [2009-04-20] ()
Task: {8D4373F1-3823-48F4-8F6E-53931D4E0139} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated)
Task: {93BD8D91-C39C-45F8-948C-31B96EFDA3CE} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {948F288A-335D-44AD-B70A-CB274238EBE7} - System32\Tasks\ASUSControlDeck => C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-03] ()
Task: {99CA6247-421A-404D-AA4F-7B2BB588D0C9} - \AdobeFlashPlayerUpdate No Task File
Task: {A7321127-AD4D-4743-AD40-99925C194994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {A8867F9A-1F8A-47FF-BC00-D75C8976C9CE} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe [2012-10-12] (PC Drivers Headquarters)
Task: {BD8900CB-FB90-4E1F-BC93-6D1360769B01} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CBB5958F-CF7D-4BA6-A6AB-DBFEF832AE01} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2011-05-17] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-09 18:52 - 2014-04-09 18:52 - 02192384 _____ () C:\Program Files\AVAST Software\Avast\defs\14040902\algo.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2008-10-01 00:02 - 2008-10-01 00:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2009-09-03 11:33 - 2009-09-03 11:33 - 00054400 _____ () C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
2012-02-26 22:48 - 2007-11-30 12:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2010-11-23 09:18 - 2010-11-23 09:18 - 11183072 _____ () C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll
2014-04-08 23:41 - 2014-04-08 23:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-29 12:35 - 2014-03-29 12:35 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-02-09 21:05 - 2012-02-09 21:05 - 00360768 _____ () C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-04-09 00:01 - 2014-04-09 00:01 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^vera^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: DriverBoost => C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe /applicationMode:systemTray /showWelcome:false
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2014 03:21:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 496645

Error: (04/09/2014 03:21:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 496645

Error: (04/09/2014 03:21:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 03:21:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 494820

Error: (04/09/2014 03:21:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 494820

Error: (04/09/2014 03:21:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 10:54:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xul.dll, Version: 28.0.0.5186, Zeitstempel: 0x53240e04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00184729
ID des fehlerhaften Prozesses: 0x7f8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (04/08/2014 11:56:44 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {cd6da309-980f-4212-89a1-169eb7ca6f54}

Error: (04/08/2014 11:40:50 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary dpzzapfg.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (04/08/2014 11:40:36 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8eb8509d-3f81-4e69-913f-79a76d575d35}


System errors:
=============
Error: (04/09/2014 08:00:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Yontoo Desktop Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/09/2014 08:00:00 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Yontoo Desktop Updater erreicht.

Error: (04/08/2014 10:57:30 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎08.‎04.‎2014 um 21:25:55 unerwartet heruntergefahren.

Error: (04/08/2014 07:15:02 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (04/07/2014 09:07:47 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (04/04/2014 07:49:50 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (04/04/2014 07:49:45 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (03/29/2014 11:31:11 AM) (Source: DCOM) (User: )
Description: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}

Error: (03/27/2014 06:56:00 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (03/26/2014 00:46:37 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎25.‎03.‎2014 um 12:10:17 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (04/09/2014 03:21:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 496645

Error: (04/09/2014 03:21:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 496645

Error: (04/09/2014 03:21:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 03:21:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 494820

Error: (04/09/2014 03:21:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 494820

Error: (04/09/2014 03:21:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 10:54:31 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c0000005001847297f801cf53d10c739f40C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll904b8b20-bfc4-11e3-84aa-90e6ba1d76d4

Error: (04/08/2014 11:56:44 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {cd6da309-980f-4212-89a1-169eb7ca6f54}

Error: (04/08/2014 11:40:50 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary dpzzapfg.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (04/08/2014 11:40:36 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8eb8509d-3f81-4e69-913f-79a76d575d35}


CodeIntegrity Errors:
===================================
  Date: 2013-11-08 21:43:42.197
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.188
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.166
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.385
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3583.27 MB
Available physical RAM: 1997.69 MB
Total Pagefile: 7164.83 MB
Available Pagefile: 5499.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.44 GB) (Free:68.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:104.73 GB) (Free:59.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus · 09.04.2014, 23:12

Hi,

Zitat:

System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe

Stammt dein Office aus ner legalen Quelle?
Wird der Rechner gewerblich genutzt? Du hast nämlich neben einem Ultimate Windows 7 auch ein Professional Office 2010 drauf.

Rattle07 · 10.04.2014, 07:48

Nein, der PC wird ausschließlich privat genutzt.

Der Rechner wurde von einem Freund für den Einsatz "fit gemacht", d.h. von ihm auch Office darauf installiert. Ich vertraue darauf, dass es sich um eine legale Quelle handelt!

cosinus · 10.04.2014, 12:25

Frag mal den Freund was das für eine Quelle war. Falls gecrackt, ist das nämlich erstens illegal und zweitens ein großes Sicherheitsrisiko. Gecrackte Software ist eine der Hauptursachen für kompromittierte Systeme (damit mein ich jetzt keinen 0815-Adware-Toolbar Befall)

Rattle07 · 10.04.2014, 17:48

Zitat:

Zitat von cosinus

Frag mal den Freund was das für eine Quelle war. Falls gecrackt, ist das nämlich erstens illegal und zweitens ein großes Sicherheitsrisiko. Gecrackte Software ist eine der Hauptursachen für kompromittierte Systeme (damit mein ich jetzt keinen 0815-Adware-Toolbar Befall)

Ja, die Software sei über die Universität legal bezogen worden. Es bestünde sogar die Möglichkeit, das neue Office zu bekommen.

cosinus · 10.04.2014, 23:09

Okay, ich fände es natürlich besser wenn man mehr OSS Software verwendet

danke für deine Recherche, es geht sofort weiter

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Rattle07 · 11.04.2014, 14:59

Ja, das verstehe ich!
Hier nun die Scans

Code:

ATTFilter

# AdwCleaner v3.023 - Bericht erstellt am 11/04/2014 um 15:32:14
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : vera - VERA-PC
# Gestartet von : C:\Users\vera\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [5241 octets] - [10/04/2014 12:47:44]
AdwCleaner[R1].txt - [915 octets] - [11/04/2014 15:31:10]
AdwCleaner[S0].txt - [5080 octets] - [10/04/2014 12:50:52]
AdwCleaner[S1].txt - [837 octets] - [11/04/2014 15:32:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [896 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by vera on 11.04.2014 at 15:37:01,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3813260914-1044053413-4074163082-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B269483F-1C9A-40B7-8D39-8BEF16C97E72}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\vera\AppData\Roaming\mozilla\firefox\profiles\ya58hpm6.default\minidumps [142 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.04.2014 at 15:42:09,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by vera (administrator) on VERA-PC on 11-04-2014 15:54:35
Running from C:\Users\vera\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Absolute Software Corp.) C:\Windows\system32\rpcnet.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [497024 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [SAOB Monitor] - C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2570688 2010-11-16] (Acronis)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5578920 2010-11-23] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [391240 2010-11-23] (Acronis)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB0E5C05352FDCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=805
SearchScopes: HKCU - {6B409211-D885-43D8-82F3-5E4F85A29934} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\searchplugins\benefind.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ask Toolbar - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\toolbar_ATU4@apn.ask.com.xpi [2013-03-05]
FF Extension: Adblock Plus - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-09]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-29]
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [805032 2010-11-23] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2012-02-26] (Acronis)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [58288 2012-11-22] (Absolute Software Corp.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-08] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-04-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-08] ()
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [87040 2009-07-29] (ELAN Microelectronic Corp.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-06] ()
S1 ivjnazus; \??\C:\Windows\system32\drivers\ivjnazus.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-11 15:54 - 2014-04-11 15:55 - 00011315 _____ () C:\Users\vera\Desktop\FRST.txt
2014-04-11 15:53 - 2014-04-11 15:53 - 01145856 _____ (Farbar) C:\Users\vera\Desktop\FRST.exe
2014-04-11 15:42 - 2014-04-11 15:42 - 00001188 _____ () C:\Users\vera\Desktop\JRT.txt
2014-04-11 15:36 - 2014-04-11 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 15:35 - 2014-04-11 15:35 - 01016261 _____ (Thisisu) C:\Users\vera\Desktop\JRT.exe
2014-04-11 15:34 - 2014-04-11 15:34 - 00000975 _____ () C:\Users\vera\Desktop\AdwCleaner[S1].txt
2014-04-11 15:33 - 2014-04-11 15:44 - 00000112 _____ () C:\Windows\setupact.log
2014-04-11 15:33 - 2014-04-11 15:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-11 15:30 - 2014-04-11 15:30 - 01426178 _____ () C:\Users\vera\Desktop\adwcleaner.exe
2014-04-11 08:38 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 08:38 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 08:37 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 08:37 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 08:37 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 08:37 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 08:37 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 08:37 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 08:37 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 08:37 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 08:37 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 08:37 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 08:37 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 08:37 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 08:37 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 08:37 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 08:37 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 08:37 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 08:37 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 08:37 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 08:37 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 08:37 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 08:37 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 08:37 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 08:37 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 08:37 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 12:47 - 2014-04-11 15:32 - 00000000 ____D () C:\AdwCleaner
2014-04-10 12:33 - 2014-04-10 12:34 - 00224646 _____ () C:\Users\vera\Documents\cc_20140410_123354.reg
2014-04-09 23:26 - 2014-04-11 15:54 - 00000000 ____D () C:\FRST
2014-04-09 22:08 - 2014-04-10 19:45 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 22:08 - 2014-04-09 22:08 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-09 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-09 10:26 - 2014-04-09 10:26 - 00000000 ____D () C:\SUPERDelete
2014-04-09 08:20 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:20 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:20 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:20 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:20 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:20 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 00:01 - 2014-04-11 15:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-08 23:42 - 2014-04-08 23:42 - 00000000 ____D () C:\Users\vera\AppData\Roaming\AVAST Software
2014-04-08 23:42 - 2014-04-08 23:41 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-08 23:42 - 2014-04-08 23:41 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-08 23:41 - 2014-04-08 23:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-08 23:41 - 2014-04-08 23:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-08 23:39 - 2014-04-08 23:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 23:31 - 2014-04-08 23:31 - 00000000 ____D () C:\Windows\pss
2014-04-08 23:28 - 2014-02-23 15:57 - 00000426 _____ () C:\AVScanner.ini
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 23:27 - 2014-04-08 23:26 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 23:26 - 2014-04-08 23:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-08 23:26 - 2014-04-08 23:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-08 23:10 - 2014-04-08 23:10 - 00000000 ____D () C:\Users\vera\AppData\Roaming\SUPERAntiSpyware.com
2014-04-08 23:09 - 2014-04-08 23:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-08 23:09 - 2014-04-08 23:09 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-04-08 23:09 - 2014-04-08 23:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-29 12:35 - 2014-03-29 12:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-19 00:47 - 2014-03-19 00:47 - 00000000 ____D () C:\c56d08af38be7df8785080855f55
2014-03-13 13:53 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 13:53 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 13:53 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 13:53 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 13:53 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

==================== One Month Modified Files and Folders =======

2014-04-11 15:55 - 2014-04-11 15:54 - 00011315 _____ () C:\Users\vera\Desktop\FRST.txt
2014-04-11 15:54 - 2014-04-09 23:26 - 00000000 ____D () C:\FRST
2014-04-11 15:53 - 2014-04-11 15:53 - 01145856 _____ (Farbar) C:\Users\vera\Desktop\FRST.exe
2014-04-11 15:51 - 2009-07-14 06:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 15:51 - 2009-07-14 06:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 15:47 - 2012-02-26 21:56 - 01815449 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 15:44 - 2014-04-11 15:33 - 00000112 _____ () C:\Windows\setupact.log
2014-04-11 15:44 - 2012-02-26 22:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-11 15:44 - 2012-02-26 22:06 - 00058288 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-04-11 15:44 - 2012-02-26 21:53 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe
2014-04-11 15:44 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 15:42 - 2014-04-11 15:42 - 00001188 _____ () C:\Users\vera\Desktop\JRT.txt
2014-04-11 15:36 - 2014-04-11 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 15:35 - 2014-04-11 15:35 - 01016261 _____ (Thisisu) C:\Users\vera\Desktop\JRT.exe
2014-04-11 15:34 - 2014-04-11 15:34 - 00000975 _____ () C:\Users\vera\Desktop\AdwCleaner[S1].txt
2014-04-11 15:33 - 2014-04-11 15:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-11 15:32 - 2014-04-10 12:47 - 00000000 ____D () C:\AdwCleaner
2014-04-11 15:30 - 2014-04-11 15:30 - 01426178 _____ () C:\Users\vera\Desktop\adwcleaner.exe
2014-04-11 15:26 - 2014-04-09 00:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 08:59 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-10 19:45 - 2014-04-09 22:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 18:54 - 2012-02-26 23:55 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Skype
2014-04-10 12:34 - 2014-04-10 12:33 - 00224646 _____ () C:\Users\vera\Documents\cc_20140410_123354.reg
2014-04-10 12:31 - 2012-02-26 21:53 - 00000000 ____D () C:\Windows\Panther
2014-04-10 12:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-10 12:22 - 2012-04-11 17:13 - 00000000 ____D () C:\Program Files\DsNET Corp
2014-04-10 09:39 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-04-10 08:44 - 2013-09-04 09:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 23:37 - 2012-02-26 23:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 23:33 - 2010-06-24 10:43 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 22:08 - 2014-04-09 22:08 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 12:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-09 10:26 - 2014-04-09 10:26 - 00000000 ____D () C:\SUPERDelete
2014-04-09 00:01 - 2013-03-20 01:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-09 00:01 - 2012-02-26 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-08 23:42 - 2014-04-08 23:42 - 00000000 ____D () C:\Users\vera\AppData\Roaming\AVAST Software
2014-04-08 23:41 - 2014-04-08 23:42 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-08 23:41 - 2014-04-08 23:42 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-08 23:41 - 2014-04-08 23:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-08 23:41 - 2014-04-08 23:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-08 23:40 - 2014-04-08 23:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 23:32 - 2012-02-26 23:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-08 23:31 - 2014-04-08 23:31 - 00000000 ____D () C:\Windows\pss
2014-04-08 23:31 - 2012-04-23 14:17 - 00000000 ___RD () C:\Users\vera\Dropbox
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 23:26 - 2014-04-08 23:27 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 23:26 - 2014-04-08 23:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-08 23:26 - 2014-04-08 23:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-08 23:26 - 2012-02-26 23:53 - 00000000 ____D () C:\Program Files\Java
2014-04-08 23:19 - 2012-04-23 14:14 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Dropbox
2014-04-08 23:10 - 2014-04-08 23:10 - 00000000 ____D () C:\Users\vera\AppData\Roaming\SUPERAntiSpyware.com
2014-04-08 23:10 - 2014-04-08 23:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-08 23:09 - 2014-04-08 23:09 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-04-08 23:09 - 2014-04-08 23:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-08 14:08 - 2012-06-02 23:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-04 07:52 - 2012-02-26 22:09 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 09:51 - 2014-04-09 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-09 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-09 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 12:35 - 2014-03-29 12:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-19 00:47 - 2014-03-19 00:47 - 00000000 ____D () C:\c56d08af38be7df8785080855f55
2014-03-14 19:22 - 2009-07-14 06:33 - 00408696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 19:21 - 2012-12-14 11:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\vera\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 12:06

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by vera at 2014-04-11 15:55:55
Running from C:\Users\vera\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Acronis*True*Image*Home 2011 (HKLM\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6574 - Acronis)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2016 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
ControlDeck (HKLM\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ETDWare PS/2-x86 7.0.5.7_WHQL (HKLM\...\Elantech) (Version:  - )
HappyFoto-Designer 4.5 (HKLM\...\HappyFoto-Designer_is1) (Version:  - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA 3D Vision Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 295.73 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.73 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0209 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0209 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0209 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9573 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 295.73 (Version: 295.73 - NVIDIA Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )

==================== Restore Points  =========================

08-04-2014 21:25:40 Installed Java 7 Update 51
08-04-2014 21:40:45 avast! antivirus system restore point
08-04-2014 21:56:45 Windows Defender Checkpoint
09-04-2014 21:32:25 Windows Update
10-04-2014 10:22:50 Removed Bonjour
10-04-2014 10:23:47 Removed DriverBoost.
10-04-2014 10:25:14 TubeBox! wird entfernt
11-04-2014 06:35:37 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0763411B-3642-4ED2-9F90-0359143863DA} - System32\Tasks\ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {0B01B8C8-59B7-4C4F-A6B7-91390CB2F599} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-08] (AVAST Software)
Task: {14B73B1A-B00E-47AE-A26B-9EDF1F97E74F} - System32\Tasks\{B9C5BFBA-BFBD-4ABF-9165-BABDF4712363} => C:\Program Files\asus\VirtualCamera\VirCam.exe [2009-04-20] ()
Task: {3CD9160D-70A9-47FE-BFC7-0D857EEF0C28} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {81B86144-09D1-4B01-9708-4EA86B55750B} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {894C0A1F-1AB8-43D8-BF1C-D4CAE0576BB9} - System32\Tasks\{7DAF8F45-B1EE-4143-9612-8C782D05A1B6} => C:\Program Files\asus\VirtualCamera\VirCam.exe [2009-04-20] ()
Task: {8D4373F1-3823-48F4-8F6E-53931D4E0139} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated)
Task: {93BD8D91-C39C-45F8-948C-31B96EFDA3CE} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {948F288A-335D-44AD-B70A-CB274238EBE7} - System32\Tasks\ASUSControlDeck => C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-03] ()
Task: {99CA6247-421A-404D-AA4F-7B2BB588D0C9} - \AdobeFlashPlayerUpdate No Task File
Task: {A7321127-AD4D-4743-AD40-99925C194994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {BD8900CB-FB90-4E1F-BC93-6D1360769B01} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-11 15:23 - 2014-04-11 15:23 - 02209792 _____ () C:\Program Files\AVAST Software\Avast\defs\14041100\algo.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-02-26 22:48 - 2007-11-30 12:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2009-09-03 11:33 - 2009-09-03 11:33 - 00054400 _____ () C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
2008-10-01 00:02 - 2008-10-01 00:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2010-11-23 09:18 - 2010-11-23 09:18 - 11183072 _____ () C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll
2014-04-08 23:41 - 2014-04-08 23:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^vera^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DriverBoost => C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe /applicationMode:systemTray /showWelcome:false
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-11-08 21:43:42.197
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.188
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.166
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.385
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 3583.27 MB
Available physical RAM: 2600 MB
Total Pagefile: 7164.83 MB
Available Pagefile: 6125.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.44 GB) (Free:72.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:104.73 GB) (Free:59.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus · 11.04.2014, 15:22

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Extension: Ask Toolbar - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\toolbar_ATU4@apn.ask.com.xpi [2013-03-05]
S1 ivjnazus; \??\C:\Windows\system32\drivers\ivjnazus.sys [X]
C:\Windows\system32\drivers\ivjnazus.sys

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Rattle07 · 11.04.2014, 16:28

et voilà

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by vera at 2014-04-11 17:27:50 Run:1
Running from C:\Users\vera\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Extension: Ask Toolbar - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\toolbar_ATU4@apn.ask.com.xpi [2013-03-05]
S1 ivjnazus; \??\C:\Windows\system32\drivers\ivjnazus.sys [X]
C:\Windows\system32\drivers\ivjnazus.sys
         
*****************

Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\toolbar_ATU4@apn.ask.com.xpi => Moved successfully.
ivjnazus => Service deleted successfully.
"C:\Windows\system32\drivers\ivjnazus.sys" => File/Directory not found.

==== End of Fixlog ====

cosinus · 11.04.2014, 17:02

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

Rattle07 · 11.04.2014, 17:20

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by vera (administrator) on VERA-PC on 11-04-2014 18:18:56
Running from C:\Users\vera\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Absolute Software Corp.) C:\Windows\system32\rpcnet.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [497024 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [SAOB Monitor] - C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2570688 2010-11-16] (Acronis)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5578920 2010-11-23] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [391240 2010-11-23] (Acronis)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB0E5C05352FDCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=805
SearchScopes: HKCU - {6B409211-D885-43D8-82F3-5E4F85A29934} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {41545534-0076-A76A-76A7-7A786E7484D7} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\searchplugins\benefind.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\vera\AppData\Roaming\Mozilla\Firefox\Profiles\ya58hpm6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-09]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-29]
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [805032 2010-11-23] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2012-02-26] (Acronis)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [58288 2012-11-22] (Absolute Software Corp.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-08] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-04-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-08] ()
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [87040 2009-07-29] (ELAN Microelectronic Corp.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-06] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-11 18:18 - 2014-04-11 18:19 - 00011423 _____ () C:\Users\vera\Desktop\FRST.txt
2014-04-11 17:22 - 2014-04-11 17:22 - 01145856 _____ (Farbar) C:\Users\vera\Desktop\FRST.exe
2014-04-11 16:03 - 2014-04-11 16:03 - 00001867 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-04-11 16:03 - 2014-04-11 16:03 - 00000000 ____D () C:\Program Files\Defraggler
2014-04-11 15:36 - 2014-04-11 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 15:33 - 2014-04-11 15:44 - 00000112 _____ () C:\Windows\setupact.log
2014-04-11 15:33 - 2014-04-11 15:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-11 08:38 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 08:38 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 08:37 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 08:37 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 08:37 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 08:37 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 08:37 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 08:37 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 08:37 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 08:37 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 08:37 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 08:37 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 08:37 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 08:37 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 08:37 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 08:37 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 08:37 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 08:37 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 08:37 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 08:37 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 08:37 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 08:37 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 08:37 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 08:37 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 08:37 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 08:37 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 12:47 - 2014-04-11 15:32 - 00000000 ____D () C:\AdwCleaner
2014-04-10 12:33 - 2014-04-10 12:34 - 00224646 _____ () C:\Users\vera\Documents\cc_20140410_123354.reg
2014-04-09 23:26 - 2014-04-11 18:18 - 00000000 ____D () C:\FRST
2014-04-09 22:08 - 2014-04-10 19:45 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 22:08 - 2014-04-09 22:08 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-09 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-09 10:26 - 2014-04-09 10:26 - 00000000 ____D () C:\SUPERDelete
2014-04-09 08:20 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:20 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:20 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:20 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:20 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:20 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 00:01 - 2014-04-11 17:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-08 23:42 - 2014-04-08 23:42 - 00000000 ____D () C:\Users\vera\AppData\Roaming\AVAST Software
2014-04-08 23:42 - 2014-04-08 23:41 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-08 23:42 - 2014-04-08 23:41 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-08 23:42 - 2014-04-08 23:41 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-08 23:41 - 2014-04-08 23:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-08 23:41 - 2014-04-08 23:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-08 23:39 - 2014-04-08 23:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 23:31 - 2014-04-08 23:31 - 00000000 ____D () C:\Windows\pss
2014-04-08 23:28 - 2014-02-23 15:57 - 00000426 _____ () C:\AVScanner.ini
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 23:27 - 2014-04-08 23:26 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 23:26 - 2014-04-08 23:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-08 23:26 - 2014-04-08 23:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-08 23:10 - 2014-04-08 23:10 - 00000000 ____D () C:\Users\vera\AppData\Roaming\SUPERAntiSpyware.com
2014-04-08 23:09 - 2014-04-08 23:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-08 23:09 - 2014-04-08 23:09 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-04-08 23:09 - 2014-04-08 23:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-29 12:35 - 2014-03-29 12:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-19 00:47 - 2014-03-19 00:47 - 00000000 ____D () C:\c56d08af38be7df8785080855f55
2014-03-13 13:53 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 13:53 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 13:53 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 13:53 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 13:53 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

==================== One Month Modified Files and Folders =======

2014-04-11 18:19 - 2014-04-11 18:18 - 00011423 _____ () C:\Users\vera\Desktop\FRST.txt
2014-04-11 18:18 - 2014-04-09 23:26 - 00000000 ____D () C:\FRST
2014-04-11 18:18 - 2012-02-26 21:56 - 01815725 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 18:18 - 2012-02-26 21:53 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe
2014-04-11 17:26 - 2014-04-09 00:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 17:22 - 2014-04-11 17:22 - 01145856 _____ (Farbar) C:\Users\vera\Desktop\FRST.exe
2014-04-11 16:35 - 2012-02-26 23:55 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Skype
2014-04-11 16:03 - 2014-04-11 16:03 - 00001867 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-04-11 16:03 - 2014-04-11 16:03 - 00000000 ____D () C:\Program Files\Defraggler
2014-04-11 15:51 - 2009-07-14 06:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 15:51 - 2009-07-14 06:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 15:44 - 2014-04-11 15:33 - 00000112 _____ () C:\Windows\setupact.log
2014-04-11 15:44 - 2012-02-26 22:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-11 15:44 - 2012-02-26 22:06 - 00058288 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-04-11 15:44 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 15:36 - 2014-04-11 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 15:33 - 2014-04-11 15:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-11 15:32 - 2014-04-10 12:47 - 00000000 ____D () C:\AdwCleaner
2014-04-11 08:59 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-10 19:45 - 2014-04-09 22:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 12:34 - 2014-04-10 12:33 - 00224646 _____ () C:\Users\vera\Documents\cc_20140410_123354.reg
2014-04-10 12:31 - 2012-02-26 21:53 - 00000000 ____D () C:\Windows\Panther
2014-04-10 12:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-10 12:22 - 2012-04-11 17:13 - 00000000 ____D () C:\Program Files\DsNET Corp
2014-04-10 09:39 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-04-10 08:44 - 2013-09-04 09:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 23:37 - 2012-02-26 23:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 23:33 - 2010-06-24 10:43 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 22:08 - 2014-04-09 22:08 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:08 - 2014-04-09 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 12:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-09 10:26 - 2014-04-09 10:26 - 00000000 ____D () C:\SUPERDelete
2014-04-09 00:01 - 2013-03-20 01:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-09 00:01 - 2012-02-26 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-08 23:42 - 2014-04-08 23:42 - 00000000 ____D () C:\Users\vera\AppData\Roaming\AVAST Software
2014-04-08 23:41 - 2014-04-08 23:42 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-08 23:41 - 2014-04-08 23:42 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-08 23:41 - 2014-04-08 23:42 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-08 23:41 - 2014-04-08 23:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-08 23:41 - 2014-04-08 23:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-08 23:40 - 2014-04-08 23:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 23:32 - 2012-02-26 23:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-08 23:31 - 2014-04-08 23:31 - 00000000 ____D () C:\Windows\pss
2014-04-08 23:31 - 2012-04-23 14:17 - 00000000 ___RD () C:\Users\vera\Dropbox
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 23:27 - 2014-04-08 23:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 23:26 - 2014-04-08 23:27 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 23:26 - 2014-04-08 23:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 23:26 - 2014-04-08 23:26 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-08 23:26 - 2014-04-08 23:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-08 23:26 - 2012-02-26 23:53 - 00000000 ____D () C:\Program Files\Java
2014-04-08 23:19 - 2012-04-23 14:14 - 00000000 ____D () C:\Users\vera\AppData\Roaming\Dropbox
2014-04-08 23:10 - 2014-04-08 23:10 - 00000000 ____D () C:\Users\vera\AppData\Roaming\SUPERAntiSpyware.com
2014-04-08 23:10 - 2014-04-08 23:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-08 23:09 - 2014-04-08 23:09 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-04-08 23:09 - 2014-04-08 23:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-08 14:08 - 2012-06-02 23:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-04 07:52 - 2012-02-26 22:09 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 09:51 - 2014-04-09 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-09 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-09 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 12:35 - 2014-03-29 12:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-19 00:47 - 2014-03-19 00:47 - 00000000 ____D () C:\c56d08af38be7df8785080855f55
2014-03-14 19:22 - 2009-07-14 06:33 - 00408696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 19:21 - 2012-12-14 11:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\vera\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 12:06

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by vera at 2014-04-11 18:19:36
Running from C:\Users\vera\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Acronis*True*Image*Home 2011 (HKLM\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6574 - Acronis)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2016 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
ControlDeck (HKLM\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ETDWare PS/2-x86 7.0.5.7_WHQL (HKLM\...\Elantech) (Version:  - )
HappyFoto-Designer 4.5 (HKLM\...\HappyFoto-Designer_is1) (Version:  - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA 3D Vision Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 295.73 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.73 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0209 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0209 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0209 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9573 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 295.73 (Version: 295.73 - NVIDIA Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )

==================== Restore Points  =========================

08-04-2014 21:25:40 Installed Java 7 Update 51
08-04-2014 21:40:45 avast! antivirus system restore point
08-04-2014 21:56:45 Windows Defender Checkpoint
09-04-2014 21:32:25 Windows Update
10-04-2014 10:22:50 Removed Bonjour
10-04-2014 10:23:47 Removed DriverBoost.
10-04-2014 10:25:14 TubeBox! wird entfernt
11-04-2014 06:35:37 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0763411B-3642-4ED2-9F90-0359143863DA} - System32\Tasks\ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {0B01B8C8-59B7-4C4F-A6B7-91390CB2F599} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-08] (AVAST Software)
Task: {14B73B1A-B00E-47AE-A26B-9EDF1F97E74F} - System32\Tasks\{B9C5BFBA-BFBD-4ABF-9165-BABDF4712363} => C:\Program Files\asus\VirtualCamera\VirCam.exe [2009-04-20] ()
Task: {3CD9160D-70A9-47FE-BFC7-0D857EEF0C28} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {81B86144-09D1-4B01-9708-4EA86B55750B} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {894C0A1F-1AB8-43D8-BF1C-D4CAE0576BB9} - System32\Tasks\{7DAF8F45-B1EE-4143-9612-8C782D05A1B6} => C:\Program Files\asus\VirtualCamera\VirCam.exe [2009-04-20] ()
Task: {8D4373F1-3823-48F4-8F6E-53931D4E0139} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated)
Task: {93BD8D91-C39C-45F8-948C-31B96EFDA3CE} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {948F288A-335D-44AD-B70A-CB274238EBE7} - System32\Tasks\ASUSControlDeck => C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-03] ()
Task: {99CA6247-421A-404D-AA4F-7B2BB588D0C9} - \AdobeFlashPlayerUpdate No Task File
Task: {A7321127-AD4D-4743-AD40-99925C194994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {BD8900CB-FB90-4E1F-BC93-6D1360769B01} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-11 15:23 - 2014-04-11 15:23 - 02209792 _____ () C:\Program Files\AVAST Software\Avast\defs\14041100\algo.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-02-26 22:48 - 2007-11-30 12:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2009-09-03 11:33 - 2009-09-03 11:33 - 00054400 _____ () C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
2008-10-01 00:02 - 2008-10-01 00:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2010-11-23 09:18 - 2010-11-23 09:18 - 11183072 _____ () C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll
2014-04-08 23:41 - 2014-04-08 23:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-29 12:35 - 2014-03-29 12:35 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-02-09 21:05 - 2012-02-09 21:05 - 00360768 _____ () C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-04-09 00:01 - 2014-04-09 00:01 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^vera^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DriverBoost => C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe /applicationMode:systemTray /showWelcome:false
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-11-08 21:43:42.197
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.188
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.166
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 21:43:42.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.385
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-29 19:41:46.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 3583.27 MB
Available physical RAM: 1807.95 MB
Total Pagefile: 7164.83 MB
Available Pagefile: 5453.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.44 GB) (Free:70.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:104.73 GB) (Free:59.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus · 11.04.2014, 19:58

Okay, dann bitte Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Rattle07 · 12.04.2014, 17:17

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.04.2014
Suchlauf-Zeit: 21:20:54
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.11.11
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: vera

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 227933
Verstrichene Zeit: 15 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

ESET folgt, aufgrund der antizipierten Länge des Scans, später

.

Nachtrag: Hier dann endlich ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a0bdab984b8771439027cb7dd7190326
# engine=17853
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-11 10:29:30
# local_time=2014-04-12 12:29:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 74 262036 262067 0 0
# compatibility_mode=5893 16776574 100 94 56775 148886561 0 0
# scanned=13971
# found=1
# cleaned=0
# scan_time=10459
sh=6B9B28A251F0FF53AECFC82E178D80062B9FEEA5 ft=1 fh=0e378a434f5f8afc vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a0bdab984b8771439027cb7dd7190326
# engine=17859
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-12 03:52:11
# local_time=2014-04-12 05:52:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 74 324597 324628 0 0
# compatibility_mode=5893 16776573 100 94 21563 148949122 0 0
# scanned=132045
# found=1
# cleaned=0
# scan_time=21054
sh=6B9B28A251F0FF53AECFC82E178D80062B9FEEA5 ft=1 fh=0e378a434f5f8afc vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"

cosinus · 13.04.2014, 12:45

Nur ein schon längst isoliertes Objekt wurde von ESET gefunden

TFC - Temp File Cleaner

Lade dir

TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.

Öffne die TFC.exe.
Vista und Win 7 User mit Rechtsklick "als Administrator starten".
Schließe alle anderen Programme.
Drücke auf den Button Start.
Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Rattle07 · 14.04.2014, 12:44

Super, alles sauber, vielen Dank

10.04.2014, 12:25	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Pop-up Plage bei Firefox Frag mal den Freund was das für eine Quelle war. Falls gecrackt, ist das nämlich erstens illegal und zweitens ein großes Sicherheitsrisiko. Gecrackte Software ist eine der Hauptursachen für kompromittierte Systeme (damit mein ich jetzt keinen 0815-Adware-Toolbar Befall) __________________ Logfiles bitte immer in CODE-Tags posten

11.04.2014, 17:02	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Pop-up Plage bei Firefox Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

Pop-up Plage bei Firefox

Plagegeister aller Art und deren Bekämpfung: Pop-up Plage bei Firefox