Facebook - Script antwortet nicht mehr

Daline · 24.06.2014, 19:26

Hallo , ich habe seit Sonntag dieses Problem bei Facebook und zwar ging es um ein update was ich machen sollte , ich habs getan und dann gesehen das das was völlig anderes war und habe das alles wieder deinstalliert , es kann durchaus sein das dabei etwas mit weggekommen ist was ich noch brauche. Da ich weder im englischen noch im PC technischen bewandert bin weiss ich nicht weiter. Ich habe Windows7 Ultimate , habe logs gemacht wie es hier in der anleitung stand , kann aber nicht versprechen ob das alles richtig ist.

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:04 on 24/06/2014 (luna)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by luna (administrator) on LUNA-PC on 24-06-2014 19:06:58
Running from C:\Users\luna\Downloads
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Realtek) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
() C:\Program Files\Mega Browse\updateMegaBrowse.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
() C:\Program Files\Browsersafeguard\BrowserSafeguard.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Ashampoo GmbH & Co. KG ) C:\Users\luna\Downloads\ashampoo_winoptimizer_2014_1.0.0_15399.exe
() C:\Users\luna\AppData\Local\Temp\is-88QTT.tmp\ashampoo_winoptimizer_2014_1.0.0_15399.tmp
(Ashampoo GmbH & Co. KG ) C:\Users\luna\Downloads\ashampoo_winoptimizer_2014_1.0.0_15399.exe
() C:\Users\luna\AppData\Local\Temp\is-EJ35J.tmp\ashampoo_winoptimizer_2014_1.0.0_15399.tmp
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-26] (Check Point Software Technologies LTD)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [BrowserSafeguard] => C:\Program Files\Browsersafeguard\BrowserSafeguard.exe [363008 2014-06-22] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1244560251-4054863525-2374536600-1001\...\Run: [Facebook Update] => C:\Users\luna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-28] (Facebook Inc.)
HKU\S-1-5-21-1244560251-4054863525-2374536600-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk *
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49295;https=127.0.0.1:49295
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAW6xtTWEWOQRDzYDFbD41leb4qjvKu0jXxOuEW27NVKnhUDs2pl8uCcwIyfZqtPq0aAA8Pqp1bfrEK39LomWmh5OK kAQrKO9kRhM27zX4xpWiG_Deo5UAOLSAmgWpZjA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA57F7C0D0AAACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAW6xtTWEWOQRDzYDFbD41leb4qjvKu0jXxOuEW27NVKnhUDs2pl8uCcwIyfZqtPq0aAA8Pqp1bfrEK39LomWmh5OK kAQrKO9kRhM27zX4xpWiG_Deo5UAOLSAmgWpZjA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna0yekHYbpITWaBZDs-3X_Ihhua-8r6E2t0LFMS6m-cZ9QTGTlQqddVaAI9VbyV2OzcuHB_nCNiY15M_uP5OGqfjaSMCzzgRwRNyjIZiVhvGx0BCiFlGmL2Rpm5gXAjnVg,,&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAW6xtTWEWOQRDzYDFbD41leb4qjvKu0jXxOuEW27NVKnhUDs2pl8uCcwIyfZqtPq0aAA8Pqp1bfrEK39LomWmh5OK kAQrKO9kRhM27zX4xpWiG_Deo5UAOLSAmgWpZjA,,&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=20D30025229A3157&affID=127690&tsp=5186
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403458490&from=adks&uid=395049983_1052515_20D3FB32&q={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: sweet-page
FF Homepage: about:home
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ff-21&tbrId=v1_abb-channel-23_24e47b777a1f4256a673316dfbc01e20_39_1006_20140622_DE_ff_ab_sbinstall3&query=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\luna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\faststartff@gmail.com [2014-06-22]
FF Extension: WOT - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Ghostery - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: GMX MailCheck - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\toolbar@gmx.net.xpi [2013-03-21]
FF Extension: ImTranslator - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-11-01]
FF Extension: Adblock Plus - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-17]
FF Extension: QuickJava - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-01-17]
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-11-24]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\extensions\faststartff@gmail.com [2014-06-22]

Chrome:
=======
CHR HomePage: hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=20D30025229A3157&affID=127690&tsp=5186
CHR StartupUrls: "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrId=20D30025229A3157&affID=127690&tsp=5186", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna0yekHYbpITWaBZDs-3X_Ihhua-8r6E2t0LFMS6m-cZ9QTGTlQqddVaAI9VbyV2OzciX4Oi8baVn1UlJfFnUMJ1PQi47ufGehsUFtJyHujYIOPa0N-FLel9qzjAIE72rg,,"
CHR Extension: (Buenosearch Toolbar) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfoobbgoakpihljnfedbcfaipcdlfhk [2014-03-14]
CHR Extension: (Google Docs) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-21]
CHR Extension: (Google Drive) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-21]
CHR Extension: (YouTube) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-21]
CHR Extension: (Google-Suche) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-21]
CHR Extension: (Google Mail) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 Realtek11nSU; C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
R2 Update Mega Browse; C:\Program Files\Mega Browse\updateMegaBrowse.exe [112416 2014-03-14] ()
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-26] (Check Point Software Technologies LTD)
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2013-01-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [14080 2013-10-24] (<Glarysoft Ltd>)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2012-11-15] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [589144 2013-02-21] (Kaspersky Lab)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-01-17] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-11-02] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [458776 2013-10-23] (Check Point Software Technologies LTD)
U3 DfSdkS;
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [75608 2013-02-21] (Kaspersky Lab)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-24 19:06 - 2014-06-24 19:08 - 00018460 _____ () C:\Users\luna\Downloads\FRST.txt
2014-06-24 19:06 - 2014-06-24 19:07 - 00000000 ____D () C:\FRST
2014-06-24 19:06 - 2014-06-24 19:06 - 01073152 _____ (Farbar) C:\Users\luna\Downloads\FRST.exe
2014-06-24 19:04 - 2014-06-24 19:04 - 00000470 _____ () C:\Users\luna\Downloads\defogger_disable.log
2014-06-24 19:04 - 2014-06-24 19:04 - 00000000 _____ () C:\Users\luna\defogger_reenable
2014-06-24 18:57 - 2014-06-24 18:57 - 00050477 _____ () C:\Users\luna\Downloads\Defogger.exe
2014-06-24 18:25 - 2014-06-24 18:25 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-24 18:24 - 2014-06-24 18:24 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\Program Files\Java
2014-06-24 18:20 - 2014-06-24 18:20 - 00918952 _____ (Oracle Corporation) C:\Users\luna\Downloads\jxpiinstall.exe
2014-06-24 17:41 - 2014-06-24 17:41 - 00002232 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00001214 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 2014.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00000396 _____ () C:\Windows\Tasks\One-Click Optimizer.job
2014-06-24 17:41 - 2014-06-24 17:41 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-06-24 17:41 - 2009-08-24 21:08 - 00028160 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe
2014-06-24 17:37 - 2014-06-24 17:37 - 27662792 _____ (Ashampoo GmbH & Co. KG ) C:\Users\luna\Downloads\ashampoo_winoptimizer_2014_1.0.0_15399.exe
2014-06-23 12:35 - 2010-08-12 11:46 - 00758784 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2014-06-23 12:35 - 2010-08-09 22:33 - 00011164 _____ () C:\Windows\system32\Drivers\nvphy.bin
2014-06-23 07:37 - 2014-06-23 07:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-23 07:37 - 2014-06-23 07:37 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-23 07:35 - 2014-06-23 07:36 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-22 19:38 - 2014-06-22 20:12 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-06-22 19:37 - 2014-06-22 21:32 - 00000000 ____D () C:\Users\luna\AppData\Roaming\systweak
2014-06-22 19:37 - 2013-12-13 17:53 - 00017496 _____ (System Speedup) C:\Windows\system32\roboot.exe
2014-06-22 19:36 - 2014-06-22 19:36 - 00000000 ____D () C:\Program Files\003
2014-06-22 19:35 - 2014-06-23 12:16 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-22 19:35 - 2014-06-23 12:16 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-22 19:35 - 2014-06-23 12:16 - 00000000 ____D () C:\Program Files\SupTab
2014-06-22 19:35 - 2014-06-23 12:16 - 00000000 ____D () C:\Program Files\Browsersafeguard
2014-06-22 19:35 - 2014-06-22 19:35 - 00000000 ____D () C:\Users\luna\AppData\Roaming\SupTab
2014-06-19 06:09 - 2014-06-19 06:09 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-18 11:42 - 2014-06-18 11:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-11 23:22 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 23:22 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 23:22 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 23:22 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 23:22 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 23:22 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 23:22 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 23:22 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 23:22 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 23:22 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 23:22 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 23:22 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 23:22 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 23:22 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 23:22 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 23:22 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 23:22 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 23:22 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 23:22 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 23:22 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 23:22 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 23:22 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 23:22 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 23:22 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 23:22 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 23:22 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 23:22 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 23:22 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 23:21 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 23:21 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 23:21 - 2014-05-08 11:06 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 23:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 23:21 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 23:21 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 23:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 23:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 23:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 23:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-06-24 19:08 - 2014-06-24 19:06 - 00018460 _____ () C:\Users\luna\Downloads\FRST.txt
2014-06-24 19:07 - 2014-06-24 19:06 - 00000000 ____D () C:\FRST
2014-06-24 19:06 - 2014-06-24 19:06 - 01073152 _____ (Farbar) C:\Users\luna\Downloads\FRST.exe
2014-06-24 19:04 - 2014-06-24 19:04 - 00000470 _____ () C:\Users\luna\Downloads\defogger_disable.log
2014-06-24 19:04 - 2014-06-24 19:04 - 00000000 _____ () C:\Users\luna\defogger_reenable
2014-06-24 19:04 - 2012-10-14 14:17 - 00000000 ____D () C:\Users\luna
2014-06-24 18:57 - 2014-06-24 18:57 - 00050477 _____ () C:\Users\luna\Downloads\Defogger.exe
2014-06-24 18:55 - 2013-04-02 21:42 - 00000000 ____D () C:\Users\luna\AppData\Roaming\Skype
2014-06-24 18:25 - 2014-06-24 18:25 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-24 18:25 - 2014-03-14 08:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-24 18:24 - 2014-06-24 18:24 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\Program Files\Java
2014-06-24 18:20 - 2014-06-24 18:20 - 00918952 _____ (Oracle Corporation) C:\Users\luna\Downloads\jxpiinstall.exe
2014-06-24 18:17 - 2013-01-10 23:41 - 00000000 ____D () C:\Program Files\JDownloader
2014-06-24 18:10 - 2013-11-04 14:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-24 17:45 - 2012-10-14 14:51 - 00000000 ____D () C:\Windows\Panther
2014-06-24 17:41 - 2014-06-24 17:41 - 00002232 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00001214 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 2014.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00000396 _____ () C:\Windows\Tasks\One-Click Optimizer.job
2014-06-24 17:41 - 2014-06-24 17:41 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-06-24 17:41 - 2013-04-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-06-24 17:41 - 2013-04-15 15:40 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-06-24 17:41 - 2013-04-15 15:40 - 00000000 ____D () C:\Program Files\Ashampoo
2014-06-24 17:40 - 2013-11-28 00:35 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001UA.job
2014-06-24 17:37 - 2014-06-24 17:37 - 27662792 _____ (Ashampoo GmbH & Co. KG ) C:\Users\luna\Downloads\ashampoo_winoptimizer_2014_1.0.0_15399.exe
2014-06-24 16:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-06-24 11:56 - 2013-01-17 18:22 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-24 10:39 - 2012-10-14 13:54 - 01680882 _____ () C:\Windows\WindowsUpdate.log
2014-06-24 05:55 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 05:55 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-24 05:54 - 2013-10-30 07:45 - 00000320 _____ () C:\Windows\Tasks\GlaryInitialize 3.job
2014-06-24 05:54 - 2013-01-17 18:03 - 00000312 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-24 05:48 - 2013-03-19 14:03 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-24 05:48 - 2012-11-13 17:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-24 05:48 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-23 12:16 - 2014-06-22 19:35 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-23 12:16 - 2014-06-22 19:35 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-23 12:16 - 2014-06-22 19:35 - 00000000 ____D () C:\Program Files\SupTab
2014-06-23 12:16 - 2014-06-22 19:35 - 00000000 ____D () C:\Program Files\Browsersafeguard
2014-06-23 12:16 - 2013-01-17 18:03 - 00000000 ____D () C:\Program Files\Glary Utilities
2014-06-23 12:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-06-23 10:41 - 2012-10-14 14:23 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 07:37 - 2014-06-23 07:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-23 07:37 - 2014-06-23 07:37 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-23 07:36 - 2014-06-23 07:35 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-23 07:36 - 2012-12-30 12:51 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-23 07:36 - 2012-12-30 12:51 - 00000000 ____D () C:\Program Files\Adobe
2014-06-22 21:32 - 2014-06-22 19:37 - 00000000 ____D () C:\Users\luna\AppData\Roaming\systweak
2014-06-22 20:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-22 20:12 - 2014-06-22 19:38 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-06-22 20:10 - 2013-12-31 22:46 - 00000000 ____D () C:\Users\luna\Desktop\stundenspiele
2014-06-22 19:36 - 2014-06-22 19:36 - 00000000 ____D () C:\Program Files\003
2014-06-22 19:35 - 2014-06-22 19:35 - 00000000 ____D () C:\Users\luna\AppData\Roaming\SupTab
2014-06-21 23:40 - 2013-11-28 00:35 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001Core.job
2014-06-19 06:09 - 2014-06-19 06:09 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-19 06:09 - 2014-03-22 13:07 - 00000000 ___RD () C:\Program Files\Skype
2014-06-19 06:09 - 2013-04-02 21:41 - 00000000 ____D () C:\ProgramData\Skype
2014-06-19 06:05 - 2012-10-14 15:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 11:42 - 2014-06-18 11:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-14 15:46 - 2013-01-12 13:41 - 00000000 ____D () C:\Windows\rescache
2014-06-13 08:16 - 2013-11-04 14:59 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-13 08:16 - 2013-11-04 14:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-12 09:34 - 2014-05-07 00:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 00:13 - 2013-08-14 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 00:11 - 2012-10-17 16:00 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-11 23:21 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-11 23:21 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 11:18 - 2014-06-11 23:22 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:02 - 2014-06-11 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 11:02 - 2014-06-11 23:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 10:44 - 2014-06-11 23:22 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 10:43 - 2014-06-11 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 10:42 - 2014-06-11 23:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 23:22 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 10:34 - 2014-06-11 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 23:22 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 10:30 - 2014-06-11 23:22 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 10:28 - 2014-06-11 23:22 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 10:28 - 2014-06-11 23:22 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 10:27 - 2014-06-11 23:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 10:21 - 2014-06-11 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 10:16 - 2014-06-11 23:22 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 23:22 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:04 - 2014-06-11 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 23:22 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 09:57 - 2014-06-11 23:22 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-06-11 23:22 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 09:54 - 2014-06-11 23:22 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 23:22 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 23:22 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-06-11 23:22 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:21 - 2014-06-11 23:22 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:15 - 2014-06-11 23:22 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:13 - 2014-06-11 23:22 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\luna\AppData\Local\Temp\avgnt.exe
C:\Users\luna\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-19 09:50

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:22-06-2014
Ran by luna at 2014-06-24 19:08:19
Running from C:\Users\luna\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.444 - Avira)
BrowserSafeguard with RocketTab (HKLM\...\BrowserSafeguard) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Wikinger (HKCU\...\Wikinger) (Version: - )
WindowsProtectManger20.0.0.401 (HKLM\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION

==================== Restore Points =========================

19-06-2014 07:58:01 Geplanter Prüfpunkt
22-06-2014 17:41:28 System Speedup So, Jun 22, 14 19:41
23-06-2014 10:10:28 Wiederherstellungsvorgang
23-06-2014 10:26:44 22.06.2014 12:00
23-06-2014 10:34:32 Windows Update
24-06-2014 16:22:30 Installed Java 7 Update 60

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0348B580-DA5B-43C4-8064-0AE89073FE32} - System32\Tasks\GlaryInitialize => C:\Program Files\Glary Utilities\initialize.exe [2013-03-29] (Glarysoft Ltd)
Task: {1EFD9445-3BF0-4C57-9257-845FBFEF765E} - System32\Tasks\{8F35EB5B-8989-485F-B358-69C273F9893F} => C:\Users\luna\Downloads\jDownloaderWebInstaller09581.exe
Task: {1F0A2A77-6A94-4BC4-83E2-9B09458F3321} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {2861992A-AAF2-404E-BB6C-C8126B4A10AA} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-06-22] () <==== ATTENTION
Task: {4D5CF9A6-BFCD-4571-A039-CE0847329E5D} - System32\Tasks\One-Click Optimizer => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe [2013-12-18] (Ashampoo Development GmbH & Co. KG)
Task: {72E755DD-703D-4D68-8BCB-B78A13D00730} - System32\Tasks\{06D149A8-27E3-4663-A3BF-EF4323F613C4} => C:\Users\luna\Downloads\jDownloaderWebInstaller09581.exe
Task: {8CC687DF-623D-4E89-AE36-1B08D98A40FB} - System32\Tasks\{19EA6AD3-9C52-4B14-A69F-E6CE520B9CEB} => C:\Program Files\JDownloader\JDownloader.exe
Task: {9BE1CD19-280B-48C8-BE76-D5FC60FAF88E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001Core => C:\Users\luna\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-28] (Facebook Inc.)
Task: {A37074C7-64F2-4383-9E16-ADC0D1043D0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)
Task: {E68A3401-F13A-406D-ABC3-B4EBA9B597C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F0F8536A-9CE3-4CA7-A424-68163460CAE5} - System32\Tasks\GlaryInitialize 3 => C:\Program Files\Glary Utilities 3\Initialize.exe
Task: {F281CB90-E3B5-4000-BCF4-EC0F3B6A3813} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001UA => C:\Users\luna\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-28] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001Core.job => C:\Users\luna\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001UA.job => C:\Users\luna\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GlaryInitialize 3.job => C:\Program Files\Glary Utilities 3\Initialize.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe

==================== Loaded Modules (whitelisted) =============

2014-03-14 03:30 - 2014-03-14 03:30 - 00112416 _____ () C:\Program Files\Mega Browse\updateMegaBrowse.exe
2013-04-02 18:52 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-06-22 19:35 - 2014-06-22 19:35 - 00363008 _____ () C:\Program Files\Browsersafeguard\BrowserSafeguard.exe
2014-06-24 17:39 - 2014-06-24 17:39 - 01267728 _____ () C:\Users\luna\AppData\Local\Temp\is-88QTT.tmp\ashampoo_winoptimizer_2014_1.0.0_15399.tmp
2014-06-24 17:39 - 2014-06-24 17:39 - 01267728 _____ () C:\Users\luna\AppData\Local\Temp\is-EJ35J.tmp\ashampoo_winoptimizer_2014_1.0.0_15399.tmp
2014-06-18 11:42 - 2014-06-18 11:42 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-06-13 08:16 - 2014-06-13 08:16 - 17024688 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:036AA5DD
AlternateDataStreams: C:\ProgramData\TEMP:041ED421
AlternateDataStreams: C:\ProgramData\TEMP:097C4B7D
AlternateDataStreams: C:\ProgramData\TEMP:099BA123
AlternateDataStreams: C:\ProgramData\TEMP:0A701F26
AlternateDataStreams: C:\ProgramData\TEMP:0BF4DA47
AlternateDataStreams: C:\ProgramData\TEMP:1416AAA6
AlternateDataStreams: C:\ProgramData\TEMP:18A25CF1
AlternateDataStreams: C:\ProgramData\TEMP:1A8854EC
AlternateDataStreams: C:\ProgramData\TEMP:1EC13383
AlternateDataStreams: C:\ProgramData\TEMP:27974442
AlternateDataStreams: C:\ProgramData\TEMP:28BE9DE0
AlternateDataStreams: C:\ProgramData\TEMP:28DFF83F
AlternateDataStreams: C:\ProgramData\TEMP:29EA7E22
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:31C9BA96
AlternateDataStreams: C:\ProgramData\TEMP:386B39C3
AlternateDataStreams: C:\ProgramData\TEMP:394EB021
AlternateDataStreams: C:\ProgramData\TEMP:3B622E21
AlternateDataStreams: C:\ProgramData\TEMP:3B633DE9
AlternateDataStreams: C:\ProgramData\TEMP:3D033DEC
AlternateDataStreams: C:\ProgramData\TEMP:3DB6F365
AlternateDataStreams: C:\ProgramData\TEMP:3E8A3E87
AlternateDataStreams: C:\ProgramData\TEMP:3EC5BC08
AlternateDataStreams: C:\ProgramData\TEMP:41CB6858
AlternateDataStreams: C:\ProgramData\TEMP:432EC713
AlternateDataStreams: C:\ProgramData\TEMP:498B5975
AlternateDataStreams: C:\ProgramData\TEMP:4B7C28B1
AlternateDataStreams: C:\ProgramData\TEMP:4EE95FE7
AlternateDataStreams: C:\ProgramData\TEMP:52641FBE
AlternateDataStreams: C:\ProgramData\TEMP:53BA2DF6
AlternateDataStreams: C:\ProgramData\TEMP:5607B58C
AlternateDataStreams: C:\ProgramData\TEMP:5C3ED5BB
AlternateDataStreams: C:\ProgramData\TEMP:5CB83528
AlternateDataStreams: C:\ProgramData\TEMP:5FA9655E
AlternateDataStreams: C:\ProgramData\TEMP:5FC043A8
AlternateDataStreams: C:\ProgramData\TEMP:61FEC5E3
AlternateDataStreams: C:\ProgramData\TEMP:623BF0B1
AlternateDataStreams: C:\ProgramData\TEMP:623E564B
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:66C764F5
AlternateDataStreams: C:\ProgramData\TEMP:67396145
AlternateDataStreams: C:\ProgramData\TEMP:69AF9D20
AlternateDataStreams: C:\ProgramData\TEMP:6B709AD7
AlternateDataStreams: C:\ProgramData\TEMP:6D65CED0
AlternateDataStreams: C:\ProgramData\TEMP:6DD124E2
AlternateDataStreams: C:\ProgramData\TEMP:6ED8B881
AlternateDataStreams: C:\ProgramData\TEMP:7254CF01
AlternateDataStreams: C:\ProgramData\TEMP:72E5CC07
AlternateDataStreams: C:\ProgramData\TEMP:754E278B
AlternateDataStreams: C:\ProgramData\TEMP:75765D7B
AlternateDataStreams: C:\ProgramData\TEMP:77B64C59
AlternateDataStreams: C:\ProgramData\TEMP:79A7F369
AlternateDataStreams: C:\ProgramData\TEMP:7ADA8871
AlternateDataStreams: C:\ProgramData\TEMP:7B8AF9AA
AlternateDataStreams: C:\ProgramData\TEMP:7C27C41C
AlternateDataStreams: C:\ProgramData\TEMP:7D938C9B
AlternateDataStreams: C:\ProgramData\TEMP:7EB93F0E
AlternateDataStreams: C:\ProgramData\TEMP:834DD57E
AlternateDataStreams: C:\ProgramData\TEMP:8751B175
AlternateDataStreams: C:\ProgramData\TEMP:87731E5E
AlternateDataStreams: C:\ProgramData\TEMP:8B69E3C3
AlternateDataStreams: C:\ProgramData\TEMP:8BE7A048
AlternateDataStreams: C:\ProgramData\TEMP:902C848D
AlternateDataStreams: C:\ProgramData\TEMP:9F3CEEE6
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE
AlternateDataStreams: C:\ProgramData\TEMP:A6345BDA
AlternateDataStreams: C:\ProgramData\TEMP:A8185163
AlternateDataStreams: C:\ProgramData\TEMP:A9F13D2D
AlternateDataStreams: C:\ProgramData\TEMP:AA0017FD
AlternateDataStreams: C:\ProgramData\TEMP:AA93EFD3
AlternateDataStreams: C:\ProgramData\TEMP:AABCC5A7
AlternateDataStreams: C:\ProgramData\TEMP:ABBFFEA2
AlternateDataStreams: C:\ProgramData\TEMP:AE34D87E
AlternateDataStreams: C:\ProgramData\TEMP:AED33A42
AlternateDataStreams: C:\ProgramData\TEMP:B01EC114
AlternateDataStreams: C:\ProgramData\TEMP:B2CCDB69
AlternateDataStreams: C:\ProgramData\TEMP:B33464A5
AlternateDataStreams: C:\ProgramData\TEMP:B3606FCC
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B4F7687B
AlternateDataStreams: C:\ProgramData\TEMP:B522B91B
AlternateDataStreams: C:\ProgramData\TEMP:B65E763D
AlternateDataStreams: C:\ProgramData\TEMP:B961095A
AlternateDataStreams: C:\ProgramData\TEMP:C87C3E2C
AlternateDataStreams: C:\ProgramData\TEMP:C98828D3
AlternateDataStreams: C:\ProgramData\TEMP:CAB0171A
AlternateDataStreams: C:\ProgramData\TEMP:CB8C8B5D
AlternateDataStreams: C:\ProgramData\TEMP:CBAF0C30
AlternateDataStreams: C:\ProgramData\TEMP

01ACC06
AlternateDataStreams: C:\ProgramData\TEMP

64DD961
AlternateDataStreams: C:\ProgramData\TEMP

8A1AC56
AlternateDataStreams: C:\ProgramData\TEMP

8F64D5A
AlternateDataStreams: C:\ProgramData\TEMP

B77E2C4
AlternateDataStreams: C:\ProgramData\TEMP

C9915D2
AlternateDataStreams: C:\ProgramData\TEMP:E2295807
AlternateDataStreams: C:\ProgramData\TEMP:E4996D81
AlternateDataStreams: C:\ProgramData\TEMP:E690114B
AlternateDataStreams: C:\ProgramData\TEMP:E94FA418
AlternateDataStreams: C:\ProgramData\TEMP:E96A2658
AlternateDataStreams: C:\ProgramData\TEMP:EC855C73
AlternateDataStreams: C:\ProgramData\TEMP:F135A76C
AlternateDataStreams: C:\ProgramData\TEMP:F176B6C6
AlternateDataStreams: C:\ProgramData\TEMP:F2E92DCD
AlternateDataStreams: C:\ProgramData\TEMP:F39FAB77
AlternateDataStreams: C:\ProgramData\TEMP:F4362715
AlternateDataStreams: C:\ProgramData\TEMP:F52DB269
AlternateDataStreams: C:\ProgramData\TEMP:FD6D11C9

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2014 05:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WO2014.exe, Version: 10.0.0.0, Zeitstempel: 0x52b19d7b
Name des fehlerhaften Moduls: WO2014.exe, Version: 10.0.0.0, Zeitstempel: 0x52b19d7b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00006c6a
ID des fehlerhaften Prozesses: 0xc6c
Startzeit der fehlerhaften Anwendung: 0xWO2014.exe0
Pfad der fehlerhaften Anwendung: WO2014.exe1
Pfad des fehlerhaften Moduls: WO2014.exe2
Berichtskennung: WO2014.exe3

Error: (06/24/2014 05:43:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WO2014.exe, Version: 10.0.0.0, Zeitstempel: 0x52b19d7b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x531599f6
Ausnahmecode: 0x80000003
Fehleroffset: 0x0003492e
ID des fehlerhaften Prozesses: 0xc6c
Startzeit der fehlerhaften Anwendung: 0xWO2014.exe0
Pfad der fehlerhaften Anwendung: WO2014.exe1
Pfad des fehlerhaften Moduls: WO2014.exe2
Berichtskennung: WO2014.exe3

Error: (06/24/2014 05:41:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ashampoo_winoptimizer_2014_1.0.0_15399.tmp, Version: 51.1052.0.0, Zeitstempel: 0x5073e4d7
Name des fehlerhaften Moduls: webbrowser.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4ff22ae9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x036a5f00
ID des fehlerhaften Prozesses: 0x116c
Startzeit der fehlerhaften Anwendung: 0xashampoo_winoptimizer_2014_1.0.0_15399.tmp0
Pfad der fehlerhaften Anwendung: ashampoo_winoptimizer_2014_1.0.0_15399.tmp1
Pfad des fehlerhaften Moduls: ashampoo_winoptimizer_2014_1.0.0_15399.tmp2
Berichtskennung: ashampoo_winoptimizer_2014_1.0.0_15399.tmp3

Error: (06/24/2014 10:09:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1614
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/23/2014 00:17:39 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070005.

Error: (06/22/2014 08:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1408
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/22/2014 08:13:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x12a4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/22/2014 07:41:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.

Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {9ba59245-75c5-4de4-9f47-2cb1ca783c9b}

Error: (06/22/2014 07:34:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x4f0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/22/2014 07:00:25 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

System errors:
=============
Error: (06/24/2014 06:26:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 46.

Error: (06/24/2014 06:26:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 46.

Error: (06/24/2014 06:26:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 46.

Error: (06/24/2014 06:26:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 46.

Error: (06/24/2014 06:26:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 46.

Error: (06/24/2014 06:26:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 46.

Error: (06/24/2014 10:25:08 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (06/24/2014 10:25:08 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (06/24/2014 10:25:08 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (06/24/2014 10:25:08 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Microsoft Office Sessions:
=========================
Error: (06/24/2014 05:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WO2014.exe10.0.0.052b19d7bWO2014.exe10.0.0.052b19d7bc000000500006c6ac6c01cf8fc2e400d43fC:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exeC:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe39e03c31-fbb6-11e3-a20e-0025229a3157

Error: (06/24/2014 05:43:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WO2014.exe10.0.0.052b19d7bKERNELBASE.dll6.1.7601.18409531599f6800000030003492ec6c01cf8fc2e400d43fC:\Program Files\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exeC:\Windows\system32\KERNELBASE.dll38b33b4e-fbb6-11e3-a20e-0025229a3157

Error: (06/24/2014 05:41:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ashampoo_winoptimizer_2014_1.0.0_15399.tmp51.1052.0.05073e4d7webbrowser.dll_unloaded0.0.0.04ff22ae9c0000005036a5f00116c01cf8fc27eec37b5C:\Users\luna\A ppData\Local\Temp\is-EJ35J.tmp\ashampoo_winoptimizer_2014_1.0.0_15399.tmpwebbrowser.dll11cfc410-fbb6-11e3-a20e-0025229a3157

Error: (06/24/2014 10:09:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b161401cf8f7b6c53085eC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllccad5c96-fb76-11e3-a20e-0025229a3157

Error: (06/23/2014 00:17:39 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Geplanter Prüfpunkt0x80070005

Error: (06/22/2014 08:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b140801cf8e464e207cf1C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllf5520224-fa39-11e3-b55c-0025229a3157

Error: (06/22/2014 08:13:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b12a401cf8e4168ee82c7C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllebc75ba8-fa38-11e3-b55c-0025229a3157

Error: (06/22/2014 07:41:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert

Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {9ba59245-75c5-4de4-9f47-2cb1ca783c9b}

Error: (06/22/2014 07:34:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b4f001cf8e3c3a396900C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll862a2418-fa33-11e3-b55c-0025229a3157

Error: (06/22/2014 07:00:25 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

==================== Memory info ===========================

Percentage of memory in use: 76%
Total physical RAM: 1791.3 MB
Available physical RAM: 426.36 MB
Total Pagefile: 3582.61 MB
Available Pagefile: 1537.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.32 GB) (Free:38.82 GB) NTFS
Drive d: () (Fixed) (Total:358.34 GB) (Free:184.62 GB) NTFS
Drive h: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 31753174)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=358 GB) - (Type=07 NTFS)

==================== End Of Log ============================

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-24 19:51:01
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\00000067 ST350041 rev.CC46 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\luna\AppData\Local\Temp\kxldapow.sys

---- System - GMER 2.1 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAdjustPrivilegesToken [0x8ECA9204]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwAlpcConnectPort [0x8F65C9C2]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwAlpcCreatePort [0x8F65D290]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwAlpcSendWaitReceivePort [0x8EC5D7CE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwClose [0x8EC4598C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwConnectPort [0x8F65C418]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateEvent [0x8EC45F04]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateFile [0x8F655C2C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateKey [0x8F677A8C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateMutant [0x8EC45DEA]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreatePort [0x8F65CF22]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateProcess [0x8F67178A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateProcessEx [0x8F671BB2]
SSDT 8FB28EB6 ZwCreateSection
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateSemaphore [0x8EC46024]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateThread [0x8ECAB506]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwCreateThreadEx [0x8ECAB746]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateUserProcess [0x8F672026]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwCreateWaitablePort [0x8F65D080]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDebugActiveProcess [0x8ECAB050]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDeleteFile [0x8F65696C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDeleteKey [0x8F679580]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDeleteValueKey [0x8F678E32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwDeviceIoControlFile [0x8EC459D0]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwDuplicateObject [0x8F670568]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadDriver [0x8F6504F8]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadKey [0x8F67A012]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadKey2 [0x8F67A250]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwLoadKeyEx [0x8F67A702]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwMapViewOfSection [0x8F67C6B4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwNotifyChangeKey [0x8EC5B4AA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenEvent [0x8EC45F9A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwOpenFile [0x8F65651C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenMutant [0x8EC45E7A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwOpenProcess [0x8F673CA8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenSection [0x8ECAC31A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwOpenSemaphore [0x8EC460BA]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwOpenThread [0x8F673896]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwProtectVirtualMemory [0x8F688C6E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueryDirectoryObject [0x8EC46144]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueryObject [0x8EC5B6B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwQueueApcThread [0x8ECABD1C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwRenameKey [0x8F67B0EA]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwReplaceKey [0x8F67A9CC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyPort [0x8EC5D5B2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyWaitReceivePort [0x8EC5D440]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwReplyWaitReceivePortEx [0x8EC5D4F6]
SSDT 8FB28EC0 ZwRequestWaitReplyPort
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwRestoreKey [0x8F67BB52]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwResumeThread [0x8ECABA48]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSecureConnectPort [0x8F65C6E4]
SSDT 8FB28EBB ZwSetContextThread
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetInformationFile [0x8F656D78]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetInformationObject [0x8F688B32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSetInformationToken [0x8EC461E6]
SSDT 8FB28EC5 ZwSetSecurityObject
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetSystemInformation [0x8F64FBC2]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwSetValueKey [0x8F678552]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSuspendProcess [0x8ECAAD98]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwSuspendThread [0x8ECAB8F0]
SSDT 8FB28ECA ZwSystemDebugControl
SSDT 8FB28E57 ZwTerminateProcess
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwTerminateThread [0x8ECAB402]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys ZwUnloadDriver [0x8F65094A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwUnmapViewOfSection [0x8ECAC482]
SSDT \SystemRoot\system32\DRIVERS\klif.sys ZwWriteVirtualMemory [0x8ECAC1AC]

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82E8DA15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EC7212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82ECE46C 4 Bytes [04, 92, CA, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82ECE494 8 Bytes [C2, C9, 65, 8F, 90, D2, 65, ...]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82ECE4D8 4 Bytes [CE, D7, C5, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82ECE504 4 Bytes [8C, 59, C4, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82ECE528 4 Bytes [18, C4, 65, 8F]
.text ...
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0x955D369D]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x955D9000, 0xBB22, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x955ED300, 0x1BEE, 0xE8000020]

---- EOF - GMER 2.1 ----
was ich schon ausprobiert habe , sind: Java neu installiert , cookies und cache werden regelmässig geleert , Browser und Pc neustarts , nichts hat geholfen
Vielen Dank

schrauber · 24.06.2014, 19:50

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Daline · 26.06.2014, 11:23

Code:

ATTFilter

# AdwCleaner v3.213 - Bericht erstellt am 26/06/2014 um 11:25:48
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : luna - LUNA-PC
# Gestartet von : C:\Users\luna\Downloads\adwcleaner_3.213.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [52658 octets] - [09/11/2013 14:50:37]
AdwCleaner[R1].txt - [1683 octets] - [18/11/2013 16:46:32]
AdwCleaner[R2].txt - [1630 octets] - [23/11/2013 18:05:16]
AdwCleaner[R3].txt - [7207 octets] - [24/06/2014 21:55:37]
AdwCleaner[R4].txt - [1339 octets] - [24/06/2014 22:52:34]
AdwCleaner[R5].txt - [1399 octets] - [26/06/2014 11:23:43]
AdwCleaner[S0].txt - [19352 octets] - [09/11/2013 14:51:38]
AdwCleaner[S1].txt - [1563 octets] - [23/11/2013 18:06:27]
AdwCleaner[S2].txt - [7280 octets] - [24/06/2014 22:08:10]
AdwCleaner[S3].txt - [1320 octets] - [26/06/2014 11:25:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1380 octets] ##########

ich muss das in etappen schicken , die dateien sind zu gross und ich kann das nicht verpacken , also bitte nicht sauer sein

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.06.2014
Suchlauf-Zeit: 11:46:00
Logdatei: malware.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.26.02
Rootkit Datenbank: v2014.06.23.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: luna

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 244031
Verstrichene Zeit: 9 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1244560251-4054863525-2374536600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowserSafeguardInstalled, Löschen bei Neustart, [5fab225b3645f34334ddaefcc63c49b7], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by luna on 26.06.2014 at 12:14:58,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\luna\AppData\Roaming\mozilla\firefox\profiles\tsqciz2p.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.06.2014 at 12:20:04,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by luna (administrator) on LUNA-PC on 26-06-2014 12:21:56
Running from C:\Users\luna\Downloads
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Realtek) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-26] (Check Point Software Technologies LTD)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1244560251-4054863525-2374536600-1001\...\Run: [Facebook Update] => C:\Users\luna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-28] (Facebook Inc.)
HKU\S-1-5-21-1244560251-4054863525-2374536600-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk *  
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49295;https=127.0.0.1:49295
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA57F7C0D0AAACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.1: Amazon 
FF Homepage: about:home
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ff-21&tbrId=v1_abb-channel-23_24e47b777a1f4256a673316dfbc01e20_39_1006_20140622_DE_ff_ab_sbinstall3&query=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\luna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Ghostery - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: GMX MailCheck - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\toolbar@gmx.net.xpi [2013-03-21]
FF Extension: ImTranslator - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-11-01]
FF Extension: Adblock Plus - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-17]
FF Extension: QuickJava - C:\Users\luna\AppData\Roaming\Mozilla\Firefox\Profiles\tsqciz2p.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-01-17]
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-11-24]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-21]
CHR Extension: (Google Drive) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-21]
CHR Extension: (YouTube) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-21]
CHR Extension: (Google Search) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-21]
CHR Extension: (Gmail) - C:\Users\luna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 Realtek11nSU; C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-26] (Check Point Software Technologies LTD)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2013-01-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [14080 2013-10-24] (<Glarysoft Ltd>)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2012-11-15] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [589144 2013-02-21] (Kaspersky Lab)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-01-17] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [458776 2013-10-23] (Check Point Software Technologies LTD)
U3 DfSdkS; 
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [75608 2013-02-21] (Kaspersky Lab)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 12:20 - 2014-06-26 12:20 - 00000750 _____ () C:\Users\luna\Desktop\JRT.txt
2014-06-24 22:27 - 2014-06-24 22:27 - 00033457 _____ () C:\Users\luna\Downloads\FRST1.txt
2014-06-24 22:18 - 2014-06-24 22:18 - 00000000 ____D () C:\Windows\ERUNT
2014-06-24 22:12 - 2014-06-24 22:12 - 01016261 _____ (Thisisu) C:\Users\luna\Downloads\JRT.exe
2014-06-24 21:54 - 2014-06-26 12:11 - 00001350 _____ () C:\malware.txt
2014-06-24 21:54 - 2014-06-24 21:54 - 01342659 _____ () C:\Users\luna\Downloads\adwcleaner_3.213.exe
2014-06-24 21:42 - 2014-06-26 12:01 - 00000392 _____ () C:\Windows\setupact.log
2014-06-24 21:42 - 2014-06-26 11:27 - 00073234 _____ () C:\Windows\PFRO.log
2014-06-24 21:42 - 2014-06-24 21:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-24 21:18 - 2014-06-26 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 21:18 - 2014-06-26 11:44 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-06-24 21:18 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-24 21:18 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-24 21:12 - 2014-06-24 21:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\luna\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-24 21:08 - 2014-06-26 11:39 - 00001226 _____ () C:\Users\luna\Desktop\Revo Uninstaller.lnk
2014-06-24 21:08 - 2014-06-26 11:39 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-06-24 21:07 - 2014-06-24 21:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\luna\Downloads\revosetup95.exe
2014-06-24 19:51 - 2014-06-24 19:51 - 00006703 _____ () C:\Users\luna\Downloads\log.log
2014-06-24 19:11 - 2014-06-24 19:12 - 00380416 _____ () C:\Users\luna\Downloads\Gmer-19357.exe
2014-06-24 19:08 - 2014-06-24 19:09 - 00024866 _____ () C:\Users\luna\Downloads\Addition.txt
2014-06-24 19:06 - 2014-06-26 12:22 - 00000000 ____D () C:\FRST
2014-06-24 19:06 - 2014-06-26 12:21 - 00012312 _____ () C:\Users\luna\Downloads\FRST.txt
2014-06-24 19:06 - 2014-06-24 19:06 - 01073152 _____ (Farbar) C:\Users\luna\Downloads\FRST.exe
2014-06-24 19:04 - 2014-06-24 19:04 - 00000470 _____ () C:\Users\luna\Downloads\defogger_disable.log
2014-06-24 19:04 - 2014-06-24 19:04 - 00000000 _____ () C:\Users\luna\defogger_reenable
2014-06-24 18:57 - 2014-06-24 18:57 - 00050477 _____ () C:\Users\luna\Downloads\Defogger.exe
2014-06-24 18:25 - 2014-06-24 18:25 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-24 18:24 - 2014-06-24 18:24 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\Program Files\Java
2014-06-24 18:20 - 2014-06-24 18:20 - 00918952 _____ (Oracle Corporation) C:\Users\luna\Downloads\jxpiinstall.exe
2014-06-24 17:41 - 2014-06-24 21:42 - 00000396 _____ () C:\Windows\Tasks\One-Click Optimizer.job
2014-06-24 17:41 - 2014-06-24 17:41 - 00002232 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00001214 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 2014.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-06-24 17:41 - 2009-08-24 21:08 - 00028160 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe
2014-06-24 17:37 - 2014-06-24 17:37 - 27662792 _____ (Ashampoo GmbH & Co. KG ) C:\Users\luna\Downloads\ashampoo_winoptimizer_2014_1.0.0_15399.exe
2014-06-23 12:35 - 2010-08-12 11:46 - 00758784 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2014-06-23 12:35 - 2010-08-09 22:33 - 00011164 _____ () C:\Windows\system32\Drivers\nvphy.bin
2014-06-23 07:37 - 2014-06-23 07:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-23 07:37 - 2014-06-23 07:37 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-23 07:35 - 2014-06-23 07:36 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-19 06:09 - 2014-06-19 06:09 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-18 11:42 - 2014-06-18 11:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-11 23:22 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 23:22 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 23:22 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 23:22 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 23:22 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 23:22 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 23:22 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 23:22 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 23:22 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 23:22 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 23:22 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 23:22 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 23:22 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 23:22 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 23:22 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 23:22 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 23:22 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 23:22 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 23:22 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 23:22 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 23:22 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 23:22 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 23:22 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 23:22 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 23:22 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 23:22 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 23:22 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 23:22 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 23:21 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 23:21 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 23:21 - 2014-05-08 11:06 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 23:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 23:21 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 23:21 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 23:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 23:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 23:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 23:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-06-26 12:22 - 2014-06-24 19:06 - 00012312 _____ () C:\Users\luna\Downloads\FRST.txt
2014-06-26 12:22 - 2014-06-24 19:06 - 00000000 ____D () C:\FRST
2014-06-26 12:20 - 2014-06-26 12:20 - 00000750 _____ () C:\Users\luna\Desktop\JRT.txt
2014-06-26 12:18 - 2013-04-02 21:42 - 00000000 ____D () C:\Users\luna\AppData\Roaming\Skype
2014-06-26 12:11 - 2014-06-24 21:54 - 00001350 _____ () C:\malware.txt
2014-06-26 12:10 - 2013-11-04 14:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-26 12:09 - 2013-11-02 18:11 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-06-26 12:08 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-26 12:08 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-26 12:07 - 2013-10-30 07:45 - 00000320 _____ () C:\Windows\Tasks\GlaryInitialize 3.job
2014-06-26 12:07 - 2013-01-17 18:03 - 00000312 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-26 12:01 - 2014-06-24 21:42 - 00000392 _____ () C:\Windows\setupact.log
2014-06-26 12:01 - 2013-03-19 14:03 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-26 12:01 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 12:00 - 2012-10-14 13:54 - 01764628 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 11:44 - 2014-06-24 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-26 11:44 - 2014-06-24 21:18 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-06-26 11:44 - 2013-11-01 14:30 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-26 11:40 - 2013-11-28 00:35 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001UA.job
2014-06-26 11:39 - 2014-06-24 21:08 - 00001226 _____ () C:\Users\luna\Desktop\Revo Uninstaller.lnk
2014-06-26 11:39 - 2014-06-24 21:08 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-06-26 11:27 - 2014-06-24 21:42 - 00073234 _____ () C:\Windows\PFRO.log
2014-06-26 11:26 - 2013-11-09 14:50 - 00000000 ____D () C:\AdwCleaner
2014-06-26 11:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-06-25 23:40 - 2013-11-28 00:35 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1244560251-4054863525-2374536600-1001Core.job
2014-06-24 22:27 - 2014-06-24 22:27 - 00033457 _____ () C:\Users\luna\Downloads\FRST1.txt
2014-06-24 22:18 - 2014-06-24 22:18 - 00000000 ____D () C:\Windows\ERUNT
2014-06-24 22:12 - 2014-06-24 22:12 - 01016261 _____ (Thisisu) C:\Users\luna\Downloads\JRT.exe
2014-06-24 21:54 - 2014-06-24 21:54 - 01342659 _____ () C:\Users\luna\Downloads\adwcleaner_3.213.exe
2014-06-24 21:42 - 2014-06-24 21:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-24 21:42 - 2014-06-24 17:41 - 00000396 _____ () C:\Windows\Tasks\One-Click Optimizer.job
2014-06-24 21:18 - 2013-11-01 14:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 21:12 - 2014-06-24 21:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\luna\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-24 21:07 - 2014-06-24 21:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\luna\Downloads\revosetup95.exe
2014-06-24 19:51 - 2014-06-24 19:51 - 00006703 _____ () C:\Users\luna\Downloads\log.log
2014-06-24 19:12 - 2014-06-24 19:11 - 00380416 _____ () C:\Users\luna\Downloads\Gmer-19357.exe
2014-06-24 19:09 - 2014-06-24 19:08 - 00024866 _____ () C:\Users\luna\Downloads\Addition.txt
2014-06-24 19:06 - 2014-06-24 19:06 - 01073152 _____ (Farbar) C:\Users\luna\Downloads\FRST.exe
2014-06-24 19:04 - 2014-06-24 19:04 - 00000470 _____ () C:\Users\luna\Downloads\defogger_disable.log
2014-06-24 19:04 - 2014-06-24 19:04 - 00000000 _____ () C:\Users\luna\defogger_reenable
2014-06-24 19:04 - 2012-10-14 14:17 - 00000000 ____D () C:\Users\luna
2014-06-24 18:57 - 2014-06-24 18:57 - 00050477 _____ () C:\Users\luna\Downloads\Defogger.exe
2014-06-24 18:25 - 2014-06-24 18:25 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-24 18:25 - 2014-03-14 08:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-24 18:24 - 2014-06-24 18:24 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-24 18:24 - 2014-06-24 18:24 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-24 18:24 - 2014-06-24 18:24 - 00000000 ____D () C:\Program Files\Java
2014-06-24 18:20 - 2014-06-24 18:20 - 00918952 _____ (Oracle Corporation) C:\Users\luna\Downloads\jxpiinstall.exe
2014-06-24 18:17 - 2013-01-10 23:41 - 00000000 ____D () C:\Program Files\JDownloader
2014-06-24 17:45 - 2012-10-14 14:51 - 00000000 ____D () C:\Windows\Panther
2014-06-24 17:41 - 2014-06-24 17:41 - 00002232 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00001214 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 2014.lnk
2014-06-24 17:41 - 2014-06-24 17:41 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-06-24 17:41 - 2013-04-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-06-24 17:41 - 2013-04-15 15:40 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-06-24 17:41 - 2013-04-15 15:40 - 00000000 ____D () C:\Program Files\Ashampoo
2014-06-24 17:37 - 2014-06-24 17:37 - 27662792 _____ (Ashampoo GmbH & Co. KG ) C:\Users\luna\Downloads\ashampoo_winoptimizer_2014_1.0.0_15399.exe
2014-06-24 11:56 - 2013-01-17 18:22 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-24 05:48 - 2012-11-13 17:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-23 12:16 - 2013-01-17 18:03 - 00000000 ____D () C:\Program Files\Glary Utilities
2014-06-23 12:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-06-23 10:41 - 2012-10-14 14:23 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 07:37 - 2014-06-23 07:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-23 07:37 - 2014-06-23 07:37 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-23 07:36 - 2014-06-23 07:35 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-23 07:36 - 2012-12-30 12:51 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-23 07:36 - 2012-12-30 12:51 - 00000000 ____D () C:\Program Files\Adobe
2014-06-22 20:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-22 20:10 - 2013-12-31 22:46 - 00000000 ____D () C:\Users\luna\Desktop\stundenspiele
2014-06-19 06:09 - 2014-06-19 06:09 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-19 06:09 - 2014-03-22 13:07 - 00000000 ___RD () C:\Program Files\Skype
2014-06-19 06:09 - 2013-04-02 21:41 - 00000000 ____D () C:\ProgramData\Skype
2014-06-19 06:05 - 2012-10-14 15:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 11:42 - 2014-06-18 11:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-14 15:46 - 2013-01-12 13:41 - 00000000 ____D () C:\Windows\rescache
2014-06-13 08:16 - 2013-11-04 14:59 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-13 08:16 - 2013-11-04 14:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-12 09:34 - 2014-05-07 00:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 00:13 - 2013-08-14 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 00:11 - 2012-10-17 16:00 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-11 23:21 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-11 23:21 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 11:18 - 2014-06-11 23:22 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:02 - 2014-06-11 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 11:02 - 2014-06-11 23:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 10:44 - 2014-06-11 23:22 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 10:43 - 2014-06-11 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 10:42 - 2014-06-11 23:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 23:22 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 10:34 - 2014-06-11 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 23:22 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 10:30 - 2014-06-11 23:22 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 10:28 - 2014-06-11 23:22 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 10:28 - 2014-06-11 23:22 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 10:27 - 2014-06-11 23:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 10:21 - 2014-06-11 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 10:16 - 2014-06-11 23:22 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 23:22 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:04 - 2014-06-11 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 23:22 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 09:57 - 2014-06-11 23:22 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-06-11 23:22 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 09:54 - 2014-06-11 23:22 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 23:22 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 23:22 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-06-11 23:22 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:21 - 2014-06-11 23:22 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:15 - 2014-06-11 23:22 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:13 - 2014-06-11 23:22 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\luna\AppData\Local\Temp\avgnt.exe
C:\Users\luna\AppData\Local\Temp\Quarantine.exe
C:\Users\luna\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 09:50

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 27.06.2014, 07:16

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Daline · 27.06.2014, 09:09

ja dieser eset-online-check will nicht starten , der erzählt mir irgendwas von proxy und update fehlgeschlagen

schrauber · 28.06.2014, 12:47

Lass ESET weg und mach nen Vollscan mit deinem AV Programm.

28.06.2014, 12:47	#6
schrauber /// the machine /// TB-Ausbilder	Facebook - Script antwortet nicht mehr Lass ESET weg und mach nen Vollscan mit deinem AV Programm. __________________ --> Facebook - Script antwortet nicht mehr

Facebook - Script antwortet nicht mehr

Log-Analyse und Auswertung: Facebook - Script antwortet nicht mehr