| |
| |||||||
Log-Analyse und Auswertung: Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.06.2014, 14:55
| #1 |
| |  Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Hallo liebes Forum, seit ca. 1 Woche habe ich ein Problem mit meinem PC.(Windows 7 Professional/32-Bit) Ich wollte aus einem Auto Forum heraus einen Ordner mit Bilder downloaden.Dabei habe ich wohl einen der ungelogenen 12 "Download-Buttons" falsch angeklickt. Zu meinem Problem.Mein Antivirenprogramm hat 3 Befunde angezeigt.Während der surfens mit Mozilla Firefox(ausschließlich Mozilla),bekomme ich ständig,z.B. beim öffnen neuer Tabs oder beim einfach Seiten umschalten z.B. auf eBay aufforderungen zur aktualisierung.In diesen Tabs muss ich "angeblich" dringend Java oder dergleichen aktualisieren.Wenn sich das Fenster öffnet steht in der Leiste: www.svr123...... oder dergleichen.Ich habe mich auch auf der Suchmaschine Google erkundigt jedoch nichts gefunden und nicht unternommen. Ich hoffe das ich mit meinen angaben alle Kriterien zu einer erfolgreichen Behebung meines Problems erfüllt habe. Gruß Marco |
|
27.06.2014, 15:02
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
27.06.2014, 16:03
| #3 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-06-2014
Ran by Marko (administrator) on MARCO-PC on 27-06-2014 16:48:05
Running from C:\Users\Marko\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Wajamu) C:\Program Files\V-bates\guardsvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Wajamu) C:\Program Files\V-bates\notifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Run: [V-bates] => C:\Program Files\V-bates\notifier.exe [411936 2014-06-08] (Wajamu)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwBBiwXafBP_PvKAJyCaxm8-CIgXe63i-qfonB7yuyHWMSwJZOsFQuG-C8htWc_A,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZaw,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwBBiwXafBP_PvKAJyCaxm8-CIgXe63i-qfonB7yuyHWMSwJZOsFQuG-C8htWc_A,,&q={searchTerms}
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwBBiwXafBP_PvKAJyCaxm8-CIgXe63i-qfonB7yuyHWMSwJZOsFQuG-C8htWc-w,,&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwBBiwXafBP_PvKAJyCaxm8-CIgXe63i-qfonB7yuyHWMSwJZOsFQuG-C8htWc-w,,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwBBiwXafBP_PvKAJyCaxm8-CIgXe63i-qfonB7yuyHWMSwJZOsFQuG-C8htWc_A,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwBBiwXafBP_PvKAJyCaxm8-CIgXe63i-qfonB7yuyHWMSwJZOsFQuG-C8htWc_A,,&q={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174
FF Homepage: hxxp://my.ebay.de/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&gbh=1&guest=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Classic Theme Restorer - C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-06-18]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZbA,,
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR StartupUrls: "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZbA,,"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (V-bates) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 Mext Guard; C:\Program Files\V-bates\guardsvc.exe [128800 2014-06-08] (Wajamu)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [210208 2014-06-08] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-05] (Avira Operations GmbH & Co. KG)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
R3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-05] (Avira GmbH)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-27 16:48 - 2014-06-27 16:48 - 00015191 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-27 16:47 - 2014-06-27 16:48 - 00000000 ____D () C:\FRST
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 11:06 - 2014-06-22 12:17 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:52 - 2014-06-20 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:52 - 2014-06-20 21:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:53 - 2014-06-18 22:53 - 00000000 ____D () C:\ProgramData\2308189059
2014-06-18 22:51 - 2014-06-18 22:53 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-06-18 22:51 - 2014-06-18 22:51 - 00002378 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-18 22:51 - 2014-06-18 22:51 - 00000000 ____D () C:\Program Files\V-bates
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:24 - 2014-06-17 14:25 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-20 11:08 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-15 11:00 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-13 22:35 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 22:35 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 22:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 22:35 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 22:35 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 22:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 22:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-06 03:03 - 2014-06-06 03:04 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
==================== One Month Modified Files and Folders =======
2014-06-27 16:48 - 2014-06-27 16:48 - 00015191 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-27 16:48 - 2014-06-27 16:47 - 00000000 ____D () C:\FRST
2014-06-27 16:48 - 2014-05-04 18:50 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Skype
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-27 16:14 - 2014-05-02 12:52 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-27 15:57 - 2014-05-02 12:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-27 12:14 - 2014-05-01 20:07 - 01323409 _____ () C:\Windows\WindowsUpdate.log
2014-06-27 10:24 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 10:24 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 10:16 - 2014-05-02 12:52 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-27 10:16 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-27 10:16 - 2009-07-14 06:39 - 00028367 _____ () C:\Windows\setupact.log
2014-06-26 22:01 - 2014-05-02 12:08 - 00131126 _____ () C:\Windows\IE11_main.log
2014-06-26 21:42 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Steam
2014-06-23 13:50 - 2014-05-05 15:12 - 00000000 ____D () C:\Users\Marko\Desktop\Facebook Bilder
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 12:17 - 2014-06-22 11:06 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-21 10:06 - 2010-11-20 23:48 - 00012132 _____ () C:\Windows\PFRO.log
2014-06-20 21:57 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:54 - 2014-06-20 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 11:08 - 2014-06-15 11:00 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-20 11:08 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-19 09:43 - 2014-05-02 12:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:53 - 2014-06-18 22:53 - 00000000 ____D () C:\ProgramData\2308189059
2014-06-18 22:53 - 2014-06-18 22:51 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-06-18 22:51 - 2014-06-18 22:51 - 00002378 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-18 22:51 - 2014-06-18 22:51 - 00000000 ____D () C:\Program Files\V-bates
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:25 - 2014-06-17 14:24 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-15 10:59 - 2014-05-02 12:51 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 10:59 - 2014-05-02 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-14 11:13 - 2014-05-02 12:52 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 11:01 - 2014-05-06 08:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 23:40 - 2014-05-01 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 23:39 - 2014-05-02 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 23:37 - 2014-05-02 14:01 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-13 22:35 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-13 22:35 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 03:04 - 2014-06-06 03:03 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-06 03:03 - 2014-05-04 16:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-06 03:03 - 2014-05-04 16:41 - 202227798 _____ () C:\Windows\MEMORY.DMP
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 16:07 - 2014-05-05 21:13 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Apple Computer
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 20:12 - 2014-05-19 20:30 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:51 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-31 21:28 - 2014-05-04 18:50 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 21:28 - 2014-05-04 18:49 - 00000000 ____D () C:\ProgramData\Skype
2014-05-28 23:56 - 2014-05-17 19:33 - 00000000 ____D () C:\Users\Marko\AppData\Local\Akamai
Some content of TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\avgnt.exe
C:\Users\Marko\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-18 15:05
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-06-2014
Ran by Marko at 2014-06-27 16:49:30
Running from C:\Users\Marko\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Program version 1.5 (HKLM\...\My Program_is1) (Version: 1.5 - )
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Untitled Screensaver (HKLM\...\11.Treffen-Nord.SCR) (Version: 4.4.4.380 - iScreensaver.com Made with iScreensaver)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
V-bates 2.0.0.441 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.441 - Wajamu) <==== ATTENTION
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Restore Points =========================
20-06-2014 22:01:07 Windows Update
21-06-2014 22:01:57 Windows Update
22-06-2014 19:55:10 Windows Update
23-06-2014 20:33:24 Windows Update
24-06-2014 20:22:10 Windows Update
25-06-2014 21:02:41 Windows Update
26-06-2014 20:01:04 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {23DF0724-2ACB-42DE-B947-3EC0A1DB220C} - System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => C:\Program Files\V-bates\startsc.bat [2014-03-24] ()
Task: {43D45E66-0319-4347-BB70-87F906593692} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52927491-7BB1-494E-902A-5C4B81F71503} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6CC0B133-166F-48F7-945A-AEA42E1EC9B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {8D1AE354-4943-4CCA-8D23-62A25C1B8B55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-15] (Adobe Systems Incorporated)
Task: {A7E857F2-AF27-4BB2-B41D-CE22A7C3BAB1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {BD9CE5B5-F089-4AB4-BAB4-FAC70876B278} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F70573A5-60B6-4FD9-A513-70042345D11F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-18 22:51 - 2014-06-08 14:07 - 00087840 _____ () C:\Program Files\V-bates\libwinhook.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-20 21:52 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-20 21:52 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-20 21:52 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-20 21:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-20 21:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-18 22:51 - 2014-06-08 14:07 - 00389408 _____ () C:\Program Files\V-bates\libredir2.dll
2014-06-18 22:51 - 2014-06-08 14:07 - 00188704 _____ () C:\Program Files\V-bates\libapi2hook.dll
2014-06-18 22:51 - 2014-06-08 14:07 - 00291104 _____ () C:\Program Files\V-bates\libinject2.dll
2014-06-18 22:51 - 2014-06-08 14:07 - 00210208 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-06-15 10:59 - 2014-06-15 10:59 - 17024688 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/27/2014 03:37:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x814
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/27/2014 03:36:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1538
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/27/2014 03:24:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1434
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
System errors:
=============
Error: (06/27/2014 10:16:40 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/27/2014 10:16:40 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (06/26/2014 10:01:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7
Error: (06/26/2014 02:35:40 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/26/2014 02:35:40 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (06/25/2014 11:03:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7
Error: (06/25/2014 11:02:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (06/25/2014 02:14:21 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/25/2014 02:14:21 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (06/24/2014 10:22:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 3326.49 MB
Available physical RAM: 1880.48 MB
Total Pagefile: 6651.27 MB
Available Pagefile: 4862.05 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.55 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.42 GB) (Free:64.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 79E27FFE)
Partition 1: (Active) - (Size=116 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Habe auch noch den "Bericht" von Antivir. Code:
ATTFilter Exportierte Ereignisse:
20.06.2014 15:33 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Marko\AppData\Local\Microsoft\Windows Live Mail\Storage
Folders\Importierte d75\Lokale Ordner\Posteingang\7DD1174E-00000145.eml'
enthielt einen Virus oder unerwünschtes Programm 'TR/Injector.agfe' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56f8954b.qua'
verschoben!
20.06.2014 15:33 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Marko\AppData\Local\Microsoft\Windows Live Mail\Storage
Folders\Importierte d75\Lokale Ordner\Gelöschte O 3b6\584B28C6-000012DD.eml'
enthielt einen Virus oder unerwünschtes Programm 'TR/Injector.agfb' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e5fbaf8.qua'
verschoben!
18.06.2014 22:51 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Marko\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.MSIL.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50876e7e.qua'
verschoben!
18.06.2014 22:50 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Marko\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.MSIL.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
|
|
28.06.2014, 19:33
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc.Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.06.2014, 20:51
| #5 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Hallo, nein ist rein Privat.Rechner wurde vor 3 Monaten ca. bei einem bekannten komplett neu aufgespielt mit Windows 7.Mehr kann ich dazu nicht sagen,aber ich bin 18 Jahre alt und nutze den PC nur für die Schule,Surfen (Soziale Netzwerke) und Counter Strike. Gruß |
|
29.06.2014, 17:51
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Dann deinstalliere die Enterprise Edition von MS-Office bevor es weitergeht.
__________________ --> Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. |
|
30.06.2014, 13:26
| #7 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. So habs deinstalliert. |
|
30.06.2014, 14:08
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.06.2014, 14:52
| #9 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc.Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 30/06/2014 um 15:37:55
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Marko - MARCO-PC
# Gestartet von : C:\Users\Marko\Downloads\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : Mext Guard
Dienst Gelöscht : V-bates Updater
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\2308189059
Ordner Gelöscht : C:\Program Files\Optimizer Pro
Ordner Gelöscht : C:\Program Files\V-bates
Ordner Gelöscht : C:\Users\Marko\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip
Datei Gelöscht : C:\Windows\System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23DF0724-2ACB-42DE-B947-3EC0A1DB220C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23DF0724-2ACB-42DE-B947-3EC0A1DB220C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [V-bates]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\V-bates
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Startup_urls] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZbA,,
Gelöscht [Homepage] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZbA,,
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : ljmibnagodajacnnbifpamhggcohblip
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [7857 octets] - [30/06/2014 15:36:49]
AdwCleaner[S0].txt - [5969 octets] - [30/06/2014 15:37:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6029 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Marko on 30.06.2014 at 15:42:08,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\szonon0d.default-1403639191174\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.06.2014 at 15:45:39,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02
Ran by Marko (administrator) on MARCO-PC on 30-06-2014 15:47:03
Running from C:\Users\Marko\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Marko\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174
FF Homepage: hxxp://my.ebay.de/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&gbh=1&guest=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Classic Theme Restorer - C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (No Name) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-05] (Avira Operations GmbH & Co. KG)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
R3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-05] (Avira GmbH)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-30 15:36 - 2014-06-30 15:38 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2014-05-04 21:29 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\Microsoft Help
2014-06-28 23:52 - 2014-05-04 18:33 - 00002078 _____ () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-28 23:52 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-28 23:52 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:35 - 2014-06-28 23:36 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:49 - 2014-06-27 16:59 - 00019553 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-27 16:48 - 2014-06-30 15:47 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-27 16:47 - 2014-06-30 15:47 - 00000000 ____D () C:\FRST
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 11:06 - 2014-06-22 12:17 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:52 - 2014-06-20 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:52 - 2014-06-20 21:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:51 - 2014-06-30 15:38 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:24 - 2014-06-17 14:25 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-20 11:08 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-15 11:00 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-13 22:35 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 22:35 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 22:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 22:35 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 22:35 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 22:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 22:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-06 03:03 - 2014-06-06 03:04 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
==================== One Month Modified Files and Folders =======
2014-06-30 15:47 - 2014-06-27 16:48 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-30 15:47 - 2014-06-27 16:47 - 00000000 ____D () C:\FRST
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:40 - 2014-05-04 18:50 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Skype
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:38 - 2014-06-30 15:36 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:38 - 2014-06-18 22:51 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-30 15:38 - 2014-05-02 12:52 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-30 15:38 - 2014-05-01 20:07 - 01474872 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 15:38 - 2010-11-20 23:48 - 00012448 _____ () C:\Windows\PFRO.log
2014-06-30 15:38 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 15:38 - 2009-07-14 06:39 - 00029388 _____ () C:\Windows\setupact.log
2014-06-30 15:38 - 2009-07-14 06:33 - 00406336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-30 15:34 - 2014-05-04 18:24 - 00107264 _____ () C:\Users\Marko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 15:14 - 2014-05-02 12:52 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-30 14:57 - 2014-05-02 12:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 14:25 - 2014-05-01 20:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 14:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-30 14:24 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-30 14:22 - 2010-11-21 02:47 - 00000000 ____D () C:\Windows\ShellNew
2014-06-30 14:22 - 2009-07-14 04:04 - 00000387 _____ () C:\Windows\win.ini
2014-06-30 03:00 - 2014-05-02 12:08 - 00135254 _____ () C:\Windows\IE11_main.log
2014-06-29 00:00 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:36 - 2014-06-28 23:35 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-28 13:10 - 2014-05-05 15:12 - 00000000 ____D () C:\Users\Marko\Desktop\Facebook Bilder
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:59 - 2014-06-27 16:49 - 00019553 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-26 21:42 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Steam
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 12:17 - 2014-06-22 11:06 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:57 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:54 - 2014-06-20 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 11:08 - 2014-06-15 11:00 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-20 11:08 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-19 09:43 - 2014-05-02 12:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:25 - 2014-06-17 14:24 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-15 10:59 - 2014-05-02 12:51 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 10:59 - 2014-05-02 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-14 11:13 - 2014-05-02 12:52 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 11:01 - 2014-05-06 08:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 23:39 - 2014-05-02 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 23:37 - 2014-05-02 14:01 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-13 22:35 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-13 22:35 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 03:04 - 2014-06-06 03:03 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-06 03:03 - 2014-05-04 16:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-06 03:03 - 2014-05-04 16:41 - 202227798 _____ () C:\Windows\MEMORY.DMP
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 16:07 - 2014-05-05 21:13 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Apple Computer
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 20:12 - 2014-05-19 20:30 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:51 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-31 21:28 - 2014-05-04 18:50 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 21:28 - 2014-05-04 18:49 - 00000000 ____D () C:\ProgramData\Skype
Some content of TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\avgnt.exe
C:\Users\Marko\AppData\Local\Temp\ose00000.exe
C:\Users\Marko\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 10:50
==================== End Of Log ============================
--- --- --- Hier die beiden neuen.Hab vergessen den Haken zu setzen. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02
Ran by Marko (administrator) on MARCO-PC on 30-06-2014 16:07:12
Running from C:\Users\Marko\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Marko\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174
FF Homepage: hxxp://my.ebay.de/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&gbh=1&guest=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Classic Theme Restorer - C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (No Name) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-05] (Avira Operations GmbH & Co. KG)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
R3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-05] (Avira GmbH)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-30 15:50 - 2014-06-30 15:50 - 00028551 _____ () C:\Users\Marko\Desktop\FRST2.txt
2014-06-30 15:49 - 2014-06-30 15:49 - 00028551 _____ () C:\Users\Marko\Downloads\FRST2.txt
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-30 15:36 - 2014-06-30 15:38 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2014-05-04 21:29 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\Microsoft Help
2014-06-28 23:52 - 2014-05-04 18:33 - 00002078 _____ () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-28 23:52 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-28 23:52 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:35 - 2014-06-28 23:36 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:49 - 2014-06-30 16:05 - 00011550 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-27 16:48 - 2014-06-30 16:07 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-27 16:47 - 2014-06-30 16:07 - 00000000 ____D () C:\FRST
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 11:06 - 2014-06-22 12:17 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:52 - 2014-06-20 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:52 - 2014-06-20 21:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:51 - 2014-06-30 15:38 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:24 - 2014-06-17 14:25 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-20 11:08 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-15 11:00 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-13 22:35 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 22:35 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 22:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 22:35 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 22:35 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 22:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 22:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-06 03:03 - 2014-06-06 03:04 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
==================== One Month Modified Files and Folders =======
2014-06-30 16:07 - 2014-06-27 16:48 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-30 16:07 - 2014-06-27 16:47 - 00000000 ____D () C:\FRST
2014-06-30 16:05 - 2014-06-27 16:49 - 00011550 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-30 15:57 - 2014-05-02 12:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 15:50 - 2014-06-30 15:50 - 00028551 _____ () C:\Users\Marko\Desktop\FRST2.txt
2014-06-30 15:49 - 2014-06-30 15:49 - 00028551 _____ () C:\Users\Marko\Downloads\FRST2.txt
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:42 - 2014-05-01 20:07 - 01474872 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:40 - 2014-05-04 18:50 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Skype
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:38 - 2014-06-30 15:36 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:38 - 2014-06-18 22:51 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-30 15:38 - 2014-05-02 12:52 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-30 15:38 - 2010-11-20 23:48 - 00012448 _____ () C:\Windows\PFRO.log
2014-06-30 15:38 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 15:38 - 2009-07-14 06:39 - 00029388 _____ () C:\Windows\setupact.log
2014-06-30 15:38 - 2009-07-14 06:33 - 00406336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-30 15:34 - 2014-05-04 18:24 - 00107264 _____ () C:\Users\Marko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 15:14 - 2014-05-02 12:52 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-30 14:25 - 2014-05-01 20:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 14:25 - 2010-11-21 02:47 - 00000000 ____D () C:\Windows\ShellNew
2014-06-30 14:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-30 14:24 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-30 14:22 - 2009-07-14 04:04 - 00000387 _____ () C:\Windows\win.ini
2014-06-30 03:00 - 2014-05-02 12:08 - 00135254 _____ () C:\Windows\IE11_main.log
2014-06-29 00:00 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:36 - 2014-06-28 23:35 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-28 13:10 - 2014-05-05 15:12 - 00000000 ____D () C:\Users\Marko\Desktop\Facebook Bilder
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-26 21:42 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Steam
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 12:17 - 2014-06-22 11:06 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:57 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:54 - 2014-06-20 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 11:08 - 2014-06-15 11:00 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-20 11:08 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-19 09:43 - 2014-05-02 12:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:25 - 2014-06-17 14:24 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-15 10:59 - 2014-05-02 12:51 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 10:59 - 2014-05-02 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-14 11:13 - 2014-05-02 12:52 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 11:01 - 2014-05-06 08:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 23:39 - 2014-05-02 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 23:37 - 2014-05-02 14:01 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-13 22:35 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-13 22:35 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 03:04 - 2014-06-06 03:03 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-06 03:03 - 2014-05-04 16:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-06 03:03 - 2014-05-04 16:41 - 202227798 _____ () C:\Windows\MEMORY.DMP
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 16:07 - 2014-05-05 21:13 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Apple Computer
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 20:12 - 2014-05-19 20:30 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:51 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-31 21:28 - 2014-05-04 18:50 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 21:28 - 2014-05-04 18:49 - 00000000 ____D () C:\ProgramData\Skype
Some content of TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\avgnt.exe
C:\Users\Marko\AppData\Local\Temp\ose00000.exe
C:\Users\Marko\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 10:50
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:28-06-2014 02
Ran by Marko at 2014-06-30 16:08:03
Running from C:\Users\Marko\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Program version 1.5 (HKLM\...\My Program_is1) (Version: 1.5 - )
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Untitled Screensaver (HKLM\...\11.Treffen-Nord.SCR) (Version: 4.4.4.380 - iScreensaver.com Made with iScreensaver)
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Restore Points =========================
22-06-2014 19:55:10 Windows Update
23-06-2014 20:33:24 Windows Update
24-06-2014 20:22:10 Windows Update
25-06-2014 21:02:41 Windows Update
26-06-2014 20:01:04 Windows Update
27-06-2014 22:06:00 Windows Update
28-06-2014 21:47:44 Windows Update
28-06-2014 22:37:01 Windows Update
30-06-2014 01:00:15 Windows Update
30-06-2014 12:20:07 Removed Microsoft Office Enterprise 2007
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {43D45E66-0319-4347-BB70-87F906593692} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52927491-7BB1-494E-902A-5C4B81F71503} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {598D9DC0-F008-407E-9010-6E411993FD2E} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MARCO-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {6CC0B133-166F-48F7-945A-AEA42E1EC9B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {8D1AE354-4943-4CCA-8D23-62A25C1B8B55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-15] (Adobe Systems Incorporated)
Task: {A7E857F2-AF27-4BB2-B41D-CE22A7C3BAB1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {BD9CE5B5-F089-4AB4-BAB4-FAC70876B278} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F70573A5-60B6-4FD9-A513-70042345D11F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-20 21:52 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-20 21:52 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-20 21:52 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-20 21:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-20 21:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-18 14:40 - 2014-06-18 14:40 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 3326.49 MB
Available physical RAM: 2279.76 MB
Total Pagefile: 6651.27 MB
Available Pagefile: 5381.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.42 GB) (Free:66.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 79E27FFE)
Partition 1: (Active) - (Size=116 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von Marco1907 (30.06.2014 um 15:08 Uhr) |
|
30.06.2014, 14:59
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2014, 13:45
| #11 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Ich habe gestern meinen vorherigen Post editiert.Anbei waren auch die "neuen" Scans. |
|
01.07.2014, 13:48
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2014, 15:10
| #13 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. Hier die Berichte. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.07.2014 Suchlauf-Zeit: 14:56:51 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.01.03 Rootkit Datenbank: v2014.07.01.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Marko Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 281345 Verstrichene Zeit: 12 Min, 11 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 1 PUP.Optional.VbatesHelper.A, HKLM\SOFTWARE\WOW6432NODE\V-bates, In Quarantäne, [83d4ecae2e4d6bcb945f5e76cc366898], Registrierungswerte: 2 PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [8ccb207a3b40290dc358d8775aa82fd1], PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [8ccb207a3b40290dc358d8775aa82fd1] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 1 Adware.AdGazelle, C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe, In Quarantäne, [fe592575e4975dd9e49b5a38887912ee], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=17ab24c67fc43f49b22f353820ea49f5
# engine=18968
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-01 02:07:25
# local_time=2014-07-01 04:07:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 3367 148779422 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4923703 155854835 0 0
# scanned=111633
# found=5
# cleaned=0
# scan_time=2895
sh=CE28DE9FF2B5DADF176EBF3F15447AD3DBE663B3 ft=1 fh=828e0a0e7dbb1446 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\V-bates\ExtensionUpdaterService.exe.vir"
sh=0181FC22BA3DC02348B6074CE7C6CD5CE578BC26 ft=1 fh=8fa9c0dc5a359ae0 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YBBT3OH1\v-bates[1].exe"
sh=2BD5BD69DBA9BFEFB6AF61FC52E65788133253F3 ft=1 fh=2624d0b4486eed4f vn="Variante von Win32/4Shared.U evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marko\Downloads\11.Treffen-Nord.exe"
sh=581C601F67B3CF1C0201D8CC636A49307EAC78FF ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Marko\Downloads\gimp-2.dmg"
sh=E4979D35E022F409CE6291E2AB998DC96E0B54AA ft=1 fh=ed88ca99856a79c3 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
|
|
01.07.2014, 15:24
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. TFC - Temp File Cleaner Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2014, 15:51
| #15 |
| | Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. So, habe nun alle Schritte erledigt und hoffe auch mit meinen wenigen Kenntnissen gut kooperiert.  Ich werde jetzt in den kommenden 1-2 Tagen alles beobachten ob die vorher dagewesenen Probleme erneut auftauchen oder nicht.Aber ich bin guten Mutes,dass aufgrund der Fachkundigen und absolut netten Hilfe alles in Butter ist. Vielen Dank bis hierhin und ich werde wie gesagt noch einmal ein kurzes Feedback zu den hoffentlich nicht mehr auftretenden Problemen geben.   Ich werde dieses "Board" bei weiteren Problemchen die sich eventuell einschleichen könnten wieder benutzen und es aufjedenfall an Freunde,Bekannte und und und....... weiterempfehlen. Soll ich das Programm " Malwarebytes Anti-Malware " deinstallieren oder erstmal auf dem PC lassen ? Vielen Dank an cosinus und dann bis in 1-2 Tagen.   |
|
| Themen zu Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. |
| adware.adgazelle, antivirenprogramm, kriterien, p.optional.vbateshelper.a, programme, pup.optional.vbates, suchmaschine, tr/dropper.msil.gen, tr/injector.agfb, tr/injector.agfe, win32/4shared.u, win32/downloadsponsor.a, win32/toolbar.bitcocktail.b, windows, windows 7 |
Linear-Darstellung
