Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden

cosinus · 24.04.2014, 21:01

Code:

ATTFilter

Zeit der Fertigstellung: 2014-04-20  15:03:03
ComboFix-quarantined-files.txt  2014-04-20 13:03
ComboFix2.txt  2014-04-20 12:50

So, ich hab jetzt mal nen Tipp bekommen. Du kleiner Schlingel

hast combofix 2x ausgeführt dann aber nur das neue Log gepostet, logischerweise sieht man was cf zuerst gemacht hat dann nicht.

Poste mal das erste Log von Combofix, sollte in C:\Qoobox zu finden sein

mlewelt · 24.04.2014, 21:12

ach du schei*e

hätte nie gedacht das das n unterschied macht^^

da gibt es nur ein winziges problem...

ähh ja also combofix.txt in C: ist die neue, combofix2 in C:/Q... ist die erste ne?

*facepalm*

Hier dann die erste log, die combofix2 heißt... diese logik

[CODE]
Combofix Logfile:

Code:

ATTFilter

ComboFix 14-04-19.01 - Marc 20.04.2014  14:45:38.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16334.13835 [GMT 2:00]
ausgeführt von:: c:\users\Marc\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsSay-16
c:\program files (x86)\LyricsSay-16\44158.xpi
c:\program files (x86)\LyricsSay-16\background.html
c:\program files (x86)\LyricsSay-16\Installer.log
c:\program files (x86)\LyricsSay-16\LyricsSay-16-bg.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-bho64.dll
c:\program files (x86)\LyricsSay-16\LyricsSay-16-buttonutil.dll
c:\program files (x86)\LyricsSay-16\LyricsSay-16-buttonutil.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-buttonutil64.dll
c:\program files (x86)\LyricsSay-16\LyricsSay-16-buttonutil64.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-codedownloader.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-enabler.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-firefoxinstaller.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-helper.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16-updater.exe
c:\program files (x86)\LyricsSay-16\LyricsSay-16.ico
c:\program files (x86)\LyricsSay-16\Uninstall.exe
c:\program files (x86)\LyricsSay-16\utils.exe
c:\users\Marc\AppData\Local\lollipop
c:\users\Marc\AppData\Roaming\mIRC\logs\status.log
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome.manifest
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\asyncDB.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\background.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\browserAction.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\contextMenu.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\dbManager.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\dom_bg.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\fileManager.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\firefox.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\firefoxNotifications.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\firefoxOmnibox.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\message.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\pageAction.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\request.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\tabs.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\webRequest.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\background.html
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\baseObject.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\browser.xul
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\console.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\consts.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\delegate.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\extensionDataStore.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\folderIOWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\httpObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\IDBWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\installer.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\logFile.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\prefs.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\progressListenerObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\registry.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\reloadObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\reports.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\requestObject.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\searchSettings.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\uninstallObserver.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\updateManager.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\utils.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\core\xhr.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\dialog.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\main.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\options.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\options.xul
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\platformVersion.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\chrome\content\search_dialog.xul
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\defaults\preferences\prefs.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\manifest.xml
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins.json
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\1_base.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\17_jQuery.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\182_openUrl.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\207_dbWrapper.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\21_debug.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\22_resources.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\226_set_campaign_id_m.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\246_setup.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\28_initializer.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\47_resources_background.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\64_appApiMessage.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\72_appApiValidation.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\plugins\98_omniCommands.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\userCode\background.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\extensionData\userCode\extension.js
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\install.rdf
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\locale\en-US\translations.dtd
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\button1.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\button2.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\button3.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\button4.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\button5.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\crossrider_statusbar.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\icon128.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\icon16.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\icon24.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\icon48.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\panelarrow-up.png
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\popup.html
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\skin.css
c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\extensions\f7926b91-8f4c-40c2-919d-101d71251081@b6001269-bdb7-41fd-ac74-ffc0e92f20b9.com\skin\update.css
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-20 bis 2014-04-20  ))))))))))))))))))))))))))))))
.
.
2014-04-19 22:29 . 2014-04-19 22:30	--------	d-----w-	C:\FRST
2014-04-19 21:50 . 2014-04-20 10:30	--------	d-----w-	C:\AdwCleaner
2014-04-19 17:29 . 2014-03-06 09:07	570368	----a-w-	c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2014-04-18 09:51 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9FA5922-202C-4D69-83FF-33C8417592D9}\mpengine.dll
2014-04-16 21:47 . 2014-04-16 21:47	--------	d-----w-	C:\Crash
2014-04-16 21:24 . 2014-04-16 21:24	--------	d-----w-	c:\users\Marc\AppData\Local\SCE
2014-04-16 20:04 . 2014-04-16 20:04	--------	d-----w-	c:\users\Marc\AppData\Local\Ubisoft
2014-04-14 13:49 . 2014-04-14 13:49	--------	d-----w-	c:\users\Marc\AppData\Roaming\Guild Wars 2
2014-04-09 17:16 . 2014-04-09 17:16	--------	d-----w-	c:\users\Marc\AppData\Local\Quadriga Games
2014-04-07 20:10 . 2014-04-07 20:10	--------	d-----w-	c:\users\Marc\.jmc
2014-04-07 20:10 . 2014-04-07 20:10	--------	d-----w-	c:\users\Marc\.eclipse
2014-04-07 20:09 . 2014-04-07 20:09	312744	----a-w-	c:\windows\system32\javaws.exe
2014-04-07 20:09 . 2014-04-07 20:09	189352	----a-w-	c:\windows\system32\javaw.exe
2014-04-07 20:09 . 2014-04-07 20:09	189352	----a-w-	c:\windows\system32\java.exe
2014-04-07 20:09 . 2014-04-07 20:09	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-07 20:09 . 2014-04-07 20:09	--------	d-----w-	c:\program files\Java
2014-03-22 13:17 . 2014-03-22 13:17	--------	d-----w-	c:\users\Marc\AppData\Local\Skype
2014-03-22 13:17 . 2014-03-22 13:17	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-03-22 13:17 . 2014-03-22 13:17	--------	d-----r-	c:\program files (x86)\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-17 16:49 . 2012-12-26 15:57	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-04-17 16:40 . 2012-12-26 15:57	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-04-17 16:32 . 2012-12-26 15:57	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-04-17 13:51 . 2012-12-26 15:58	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-04-09 21:23 . 2012-12-25 22:00	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-03-31 07:35 . 2012-12-25 21:53	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-12 18:16 . 2012-12-25 22:26	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 18:16 . 2012-12-25 22:26	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-04 09:17 . 2014-04-09 16:11	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-09 18:16 . 2009-08-18 09:24	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-02-07 01:23 . 2014-03-12 17:16	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-12 17:16	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-12 17:16	624128	----a-w-	c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 17:16	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 17:16	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-12 17:16	484864	----a-w-	c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-12 17:16	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-12 17:16	228864	----a-w-	c:\windows\system32\wwansvc.dll
2013-12-11 20:41 . 2013-12-11 20:41	447	----a-w-	c:\program files\backup.bat
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 14:03	1310040	----a-r-	c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Marc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-04-12 1171000]
"puush"="c:\program files (x86)\puush\puush.exe" [2013-10-30 567880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe" [2011-10-12 286720]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-29 3806544]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-12-20 807696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sapphire TRIXX.lnk - c:\program files (x86)\Sapphire TRIXX\TRIXX.exe [2012-4-19 5479768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-8-29 48200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SaiK075C;SaiK075C;c:\windows\system32\DRIVERS\SaiK075C.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK075C.sys [x]
R3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0CCB.sys [x]
R3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU0CCB.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys;c:\windows\SYSNATIVE\drivers\WsAudioDevice_383S(1).sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
S3 TRIXX;TRIXX;c:\users\Marc\AppData\Local\Temp\TRIXX.sys;c:\users\Marc\AppData\Local\Temp\TRIXX.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-25 18:16]
.
2014-04-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-518990529-3378362674-2877809929-1000Core.job
- c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-14 18:34]
.
2014-04-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-518990529-3378362674-2877809929-1000UA.job
- c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-14 18:34]
.
2014-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-03 17:51]
.
2014-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-03 17:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-11-08 7543912]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-03 2277992]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.us.com/?guid={F683E892-2D4C-456E-B88C-AF8357BA25BF}&serpv=5
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=5f7d1ce9-b232-48f1-9cef-c6178d4d4c15&searchtype=ds&q={searchTerms}&installDate=09/06/2013
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\ev1f3in1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/feed/subscriptions
FF - prefs.js: network.proxy.type - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OMSI Addon Manager.lnk - e:\spiele\OMSI Addon Manager\OMSI Addon Manager.exe -silent
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110411411158} - c:\program files (x86)\LyricsSay-16\LyricsSay-16-bho64.dll
AddRemove-A2BAF Data cache removal - e:\utility\Steam\steamapps\common\Arma 2 Operation Arrowhead\BAF\datacacheremoval.exe
AddRemove-A2PMC Data cache removal - e:\utility\Steam\steamapps\common\Arma 2 Operation Arrowhead\PMC\datacacheremoval.exe
AddRemove-Audacity_is1 - e:\utility\Audacity\unins000.exe
AddRemove-Auto Clicker by Shocker_is1 - e:\utility\AutoClickerbyShocker\unins000.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-BattlEye for A2 - e:\utility\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - e:\utility\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
AddRemove-Cheat Engine 6.2_is1 - e:\utility\Cheat Engine 6.2\unins000.exe
AddRemove-DAEMON Tools Lite - e:\utility\DAEMON Tools Lite\uninst.exe
AddRemove-FormatFactory - e:\utility\FormatFactory\uninst.exe
AddRemove-Fraps - e:\utility\Fraps\uninstall.exe
AddRemove-GeoGebra 4.2 - e:\utility\geogebra\uninstaller.exe
AddRemove-ISOBURN - e:\utility\ISOBURN\Uninst.exe
AddRemove-LAME_is1 - e:\utility\Lame\unins000.exe
AddRemove-LCPD First Response - e:\utility\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LCPD First Response\uninst.exe
AddRemove-LinuxLive USB Creator - e:\utility\LinuxLive USB Creator\Uninstall.exe
AddRemove-LuaEdit 2010_is1 - e:\utility\LuaEdit 2010\unins000.exe
AddRemove-LyricsSay-16 - c:\program files (x86)\LyricsSay-16\Uninstall.exe
AddRemove-Origin - e:\utility\Origin\OriginUninstall.exe
AddRemove-PEVAssetX - e:\utility\AssetX\uninstall.exe
AddRemove-PEVattachmentmaker - e:\utility\attachmentmaker\uninstall.exe
AddRemove-PEVMesh_Viewer2 - e:\utility\Mesh Viewer2\uninstall.exe
AddRemove-PEVpm2im - e:\utility\pm2im\uninstall.exe
AddRemove-PunkBusterSvc - e:\spiele\Origin\Battlefield 4\pbsvc.exe
AddRemove-Quassel - e:\utility\Quassel\uninstall.exe
AddRemove-Steam App 105600 - e:\utility\Steam\steam.exe
AddRemove-Steam App 12210 - e:\utility\Steam\steam.exe
AddRemove-Steam App 12220 - e:\utility\Steam\steam.exe
AddRemove-Steam App 13520 - e:\utility\Steam\steam.exe
AddRemove-Steam App 13580 - e:\utility\Steam\steam.exe
AddRemove-Steam App 19900 - e:\utility\Steam\steam.exe
AddRemove-Steam App 202990 - e:\utility\Steam\steam.exe
AddRemove-Steam App 203160 - e:\utility\Steam\steam.exe
AddRemove-Steam App 209160 - e:\utility\Steam\steam.exe
AddRemove-Steam App 209170 - e:\utility\Steam\steam.exe
AddRemove-Steam App 211820 - e:\utility\Steam\steam.exe
AddRemove-Steam App 218230 - e:\utility\Steam\steam.exe
AddRemove-Steam App 219540 - e:\utility\Steam\steam.exe
AddRemove-Steam App 220160 - e:\utility\Steam\steam.exe
AddRemove-Steam App 220240 - e:\utility\Steam\steam.exe
AddRemove-Steam App 220260 - e:\utility\Steam\steam.exe
AddRemove-Steam App 221100 - e:\utility\Steam\steam.exe
AddRemove-Steam App 22380 - e:\utility\Steam\steam.exe
AddRemove-Steam App 224600 - e:\utility\Steam\steam.exe
AddRemove-Steam App 227300 - e:\utility\Steam\steam.exe
AddRemove-Steam App 230410 - e:\utility\Steam\steam.exe
AddRemove-Steam App 24010 - e:\utility\Steam\steam.exe
AddRemove-Steam App 24670 - e:\utility\Steam\steam.exe
AddRemove-Steam App 247750 - e:\utility\Steam\steam.exe
AddRemove-Steam App 259080 - e:\utility\Steam\steam.exe
AddRemove-Steam App 260930 - e:\utility\Steam\steam.exe
AddRemove-Steam App 264910 - e:\utility\Steam\steam.exe
AddRemove-Steam App 272350 - e:\utility\Steam\steam.exe
AddRemove-Steam App 32450 - e:\utility\Steam\steam.exe
AddRemove-Steam App 33910 - e:\utility\Steam\steam.exe
AddRemove-Steam App 33930 - e:\utility\Steam\steam.exe
AddRemove-Steam App 3590 - e:\utility\Steam\steam.exe
AddRemove-Steam App 42640 - e:\utility\Steam\steam.exe
AddRemove-Steam App 42710 - e:\utility\Steam\steam.exe
AddRemove-Steam App 43110 - e:\utility\Steam\steam.exe
AddRemove-Steam App 43160 - e:\utility\Steam\steam.exe
AddRemove-Steam App 48000 - e:\utility\Steam\steam.exe
AddRemove-Steam App 49520 - e:\utility\Steam\steam.exe
AddRemove-Steam App 50130 - e:\utility\Steam\steam.exe
AddRemove-Steam App 65700 - e:\utility\Steam\steam.exe
AddRemove-Steam App 65720 - e:\utility\Steam\steam.exe
AddRemove-Steam App 70110 - e:\utility\Steam\steam.exe
AddRemove-Steam App 72850 - e:\utility\Steam\steam.exe
AddRemove-Steam App 730 - e:\utility\Steam\steam.exe
AddRemove-Steam App 8190 - e:\utility\Steam\steam.exe
AddRemove-Steam App 8930 - e:\utility\Steam\steam.exe
AddRemove-The Elder Scrolls Online Beta_is1 - e:\spiele\ESOLauncher\unins000.exe
AddRemove-uTorrent - c:\users\Marc\AppData\Roaming\uTorrent\uTorrent.exe
AddRemove-{04B83666-3A62-452B-85D3-70F8117F2329}_is1 - e:\utility\CamStudio 2.7\unins000.exe
AddRemove-{32B08666-1587-435D-988C-7958A04B218A}_is1 - e:\spiele\OMSI Addon Manager\unins000.exe
AddRemove-{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1 - e:\utility\Hex-Editor MX\unins000.exe
AddRemove-{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1 - e:\utility\ClipGrab\unins000.exe
AddRemove-{909F8EBC-EC7F-48FF-0085-475D818F0F31} - e:\spiele\NFS-Underground2\EAUninstall.exe
AddRemove-{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF} - e:\spiele\MW\EAUninstall.exe
AddRemove-{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1 - e:\spiele\Infestation Survivor Stories\unins000.exe
AddRemove-{DDA3C325-47B2-4730-9672-BF3771C08799}_is1 - e:\utility\XMedia Recode\unins000.exe
AddRemove-{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1 - e:\spiele\War Thunder\unins000.exe
AddRemove-RW_Tools V4 - e:\utility\RWtools\Uninstall.exe
AddRemove-XBMC - e:\utility\XBMC\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-518990529-3378362674-2877809929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-518990529-3378362674-2877809929-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-518990529-3378362674-2877809929-1000\Software\SecuROM\License information*]
"datasecu"=hex:bf,c0,fe,38,d4,e1,15,ed,c9,a9,9e,54,8e,48,24,cd,89,c7,ad,72,6e,
   ab,e3,9e,25,77,2b,02,81,5d,62,e2,bc,b8,24,59,3b,f1,fd,fa,de,ee,f7,fa,60,08,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-20  14:50:09
ComboFix-quarantined-files.txt  2014-04-20 12:50
.
Vor Suchlauf: 12 Verzeichnis(se), 15.433.703.424 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 17.826.369.536 Bytes frei
.
- - End Of File - - 65BEDB3642922BD1B40430E2D9DA26BC

--- --- ---

Dazu muss gesagt werden, dass es beim ersten durchlauf kleine komplikationen gab.
Ich hatte gedacht das es reicht den echtzeitscanner von avira zu deaktivieren. als ich dann combofix ausgeführt habe meldete sich avira mit der warnung "verdächtiger zugriff auf registry".
ich habe combofix normal durchlaufen lassen, dann avira ganz deaktiviert und dann halt nochmal durchlaufen lassen.

cosinus · 24.04.2014, 21:17

Ich seh da so nix was auf dein Plattenproblem hinweisen könnte...ich frag gleich nochmal myrti ob sie rüberschauen kann

mlewelt · 24.04.2014, 21:18

oooooo wenn du nicht mehr weiter weißt... dann wird es kritisch

cosinus · 24.04.2014, 22:00

Wann hattest du denn zuletzt direkt auf deine nun verschwundene Platte Zugriff gehabt...während des ersten Laufs hat cf nämlich sehr viele verwaiste Einträge entdeckt die sich alle auf dein abhanden gekommenes E-Laufwerk beziehen. Ich würde sagen du hattest schon vor CF ein kaputtes Laufwerk E:

mlewelt · 24.04.2014, 22:13

Mit 99.99% Sicherheit ging es vorher noch.

Und selbst wenn nicht, vorher habe ich ja auch nur die anderen logger programme nach dem schema benutzt, und davor ging es 100%

da fällt mir was ein... ehm hehe joa also... ich würde nicht verstehen warum oder wieso aber...
Bevor ich die ganzen tools ausgeführt habe, hab ich einen systemwiederherstellungspunkt erstellt... und auf E: gespeichert. Er hatte mich auch iwas gefragt ob ich iwas ändern will (anner platte E

Damit die bootfähig wird oder irgendsowas. das habe ich aber zu 200% mit NEIN bestätigt.

cosinus · 24.04.2014, 22:17

Wie auch immer, eindeutig geht das nicht hervor wer denn nun schuld hat von den Programmen, ändert ja auch nix an der Situation. Wichtig ist, dass wir ziemlich genau wissen, dass es ein GPT-Datenträger ist und Testdisk damit auch Recht hatte.

Wie gesagt, probier dein Glück mit Testdisk oder kauf dir ein Recover-Tool das mit GPT umgehen kann. Wenn dir deine Daten lieb sind musst du ne neue Platte mit mindestens gleich Kapazität kaufen und darauf eine bitgenaue Kopie deiner jetzigen erstellen, denn falls was schiefgeht bei der Restauration sind die Daten endgültig weg.

mlewelt · 24.04.2014, 22:19

so wichtig sind die daten auch nicht^^
ne ich werde mein glück mit testdisk probieren, nur halt son bissl anweisung was ich da wie genau machen muss wäre cool, da die bschreibenen fälle auf dieser tut seite doch anders sind.

cosinus · 24.04.2014, 22:23

Lies mal das => Faq - Datenrettung + TestDisk-Anleitung - ComputerBase Forum

Freeware ist immer mit viel Lesearbeit verbunden. Ansonsten erstmal die Testversion von Datenrettung und Datenwiederherstellung - Kroll Ontrack probieren, wenn es was findet kannst du immer ja noch entscheiden ob dir die Daten die paar EUROs wert sind

mlewelt · 24.04.2014, 22:39

man ist das kompliziert^^

ich bin jetzt im advanced menü von testdisk, und will jetzt den partitonstyp ändern.
momentan ist er "MS Data". Sollte ich da was ändern?

cosinus · 24.04.2014, 22:41

Was kannste denn da auswählen. Ich mach auch nicht jeden Tag testdisk

MS DATA bzw NTFS hört sich vernünftig an, aber warte lieber

mlewelt · 24.04.2014, 22:42

da fällt mir nochwas ein. ganz am anfang habe ich nach der anleitung mit iner softwarte die virtuellen laufwerke deaktiviert. soll ich die mal wieder aktivieren?

cosinus · 24.04.2014, 23:07

Hat mit virtuellen DVD-Laufwerken nix zu tun

mlewelt · 24.04.2014, 23:12

weiß ich, letzte hoffnung und so

also, ich habe n partitons table backup gemacht, und dann einfach mal mit testdisk die partitionstabelle ge"write"d... jetzt erscheint se garnicht mehr (im explorer)
einfach backup laden, aber... wo und wie? welches wählen?

cosinus · 24.04.2014, 23:18

Die MacHFS ergeben da irgendwie keinen Sinn für mich...versuch mal die "P unknown" auf NTFS zu bringen

24.04.2014, 21:17	#48
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden - Standard$ Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden Ich seh da so nix was auf dein Plattenproblem hinweisen könnte...ich frag gleich nochmal myrti ob sie rüberschauen kann __________________ __________________

24.04.2014, 22:41	#56
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden - Standard$ Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden Was kannste denn da auswählen. Ich mach auch nicht jeden Tag testdisk MS DATA bzw NTFS hört sich vernünftig an, aber warte lieber __________________ Logfiles bitte immer in CODE-Tags posten

24.04.2014, 23:07	#58
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden - Standard$ Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden Hat mit virtuellen DVD-Laufwerken nix zu tun __________________ Logfiles bitte immer in CODE-Tags posten

24.04.2014, 23:18	#60
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden - Standard$ Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden Die MacHFS ergeben da irgendwie keinen Sinn für mich...versuch mal die "P unknown" auf NTFS zu bringen __________________ Logfiles bitte immer in CODE-Tags posten

Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden

Plagegeister aller Art und deren Bekämpfung: Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden