Firefox - Vorgang abgebrochen , Malware?

tr45678 · 05.07.2014, 21:08

hi
hier eset

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=3fca9df3382d8f43a346fc850b9b287c
# engine=19037
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-05 07:29:04
# local_time=2014-07-05 09:29:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 22257 18006706 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 14468858 156218394 0 0
# scanned=356326
# found=2
# cleaned=0
# scan_time=4448
sh=B31160E9A2728F15DCDC67459BDC6A42A50E995C ft=1 fh=c68883bfd3c95b67 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="D:\02_Downloads\01_TMP Download Firefox\7-Zip-lnstall.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\02_Downloads\01_TMP Download Firefox\MyPhoneExplorer_Setup_1.8.5.exe"

checkup

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Java version out of Date! 
  Adobe Flash Player 13.0.0.214 Flash Player out of Date!  
 Mozilla Firefox (30.0) 
 Mozilla Thunderbird (24.6.0) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

frst

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by CF-NOTE (administrator) on CF-NOTE-PC on 05-07-2014 22:03:25
Running from C:\Users\CF-NOTE\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
() C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
() C:\Users\CF-NOTE\Downloads\SecurityCheck(1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-02-01] (Dell Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2877192 2013-12-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1167360 2009-08-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\MountPoints2: {94d0b455-e944-11e3-adf0-c01885c17ff0} - H:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\MountPoints2: {bad71d4e-ec96-11e3-ad4d-c01885c17ff0} - G:\AutoRun.exe
HKU\S-1-5-21-3492060238-4242190544-90466790-1000\...\MountPoints2: {ff85488e-d7f9-11e3-ab6e-c01885c17ff0} - G:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
ShellIconOverlayIdentifiers: 01UnsuppModule -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} =>  No File
ShellIconOverlayIdentifiers: 02SyncingModule -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} =>  No File
ShellIconOverlayIdentifiers: 03SyncedModule -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} =>  No File
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.35.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\CF-NOTE\AppData\Roaming\Mozilla\Firefox\Profiles\ovtezfrh.Christian
FF Homepage: hxxp://www.orf.at/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\CF-NOTE\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Add to Search Bar - C:\Users\CF-NOTE\AppData\Roaming\Mozilla\Firefox\Profiles\ovtezfrh.Christian\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-07-05]
FF Extension: Ghostery - C:\Users\CF-NOTE\AppData\Roaming\Mozilla\Firefox\Profiles\ovtezfrh.Christian\Extensions\firefox@ghostery.com.xpi [2014-07-05]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-06-04] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2014-01-21] (Autodesk)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2014-01-19] (Conexant Systems, Inc.)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-04-09] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [218432 2014-04-09] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-21] (Intel Corporation)
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-15] () [File not signed]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2014-06-05] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe [384072 2013-10-09] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [138280 2012-03-05] (Broadcom Corporation.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2012-09-04] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2014-01-20] (Duplex Secure Ltd.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
U3 a5tt3fkl; C:\Windows\System32\Drivers\a5tt3fkl.sys [0 ] (Intel Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 22:03 - 2014-07-05 22:03 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\FRST-OlderVersion
2014-07-05 21:52 - 2014-07-05 21:52 - 00854390 _____ () C:\Users\CF-NOTE\Downloads\SecurityCheck.exe
2014-07-05 21:52 - 2014-07-05 21:52 - 00854390 _____ () C:\Users\CF-NOTE\Downloads\SecurityCheck(1).exe
2014-07-05 20:01 - 2014-07-05 20:01 - 02347384 _____ (ESET) C:\Users\CF-NOTE\Downloads\esetsmartinstaller_deu.exe
2014-07-05 20:01 - 2014-07-05 20:01 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 18:13 - 2014-07-04 18:13 - 00001013 _____ () C:\Users\CF-NOTE\Desktop\JRT.txt
2014-07-04 18:04 - 2014-07-04 18:04 - 01016261 _____ (Thisisu) C:\Users\CF-NOTE\Downloads\JRT.exe
2014-07-04 18:04 - 2014-07-04 18:04 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 07:53 - 2014-07-04 17:56 - 00000000 ____D () C:\AdwCleaner
2014-07-04 07:53 - 2014-07-04 07:53 - 01346519 _____ () C:\Users\CF-NOTE\Downloads\adwcleaner_3.214.exe
2014-07-02 21:17 - 2014-07-02 21:17 - 00003483 _____ () C:\Users\CF-NOTE\Desktop\löschprotokoll malware.txt
2014-07-02 20:53 - 2014-07-02 20:54 - 00040795 _____ () C:\Users\CF-NOTE\Desktop\Addition.txt
2014-07-02 20:51 - 2014-07-05 22:03 - 02084352 _____ (Farbar) C:\Users\CF-NOTE\Desktop\FRST64.exe
2014-07-02 20:43 - 2014-07-05 22:03 - 00019619 _____ () C:\Users\CF-NOTE\Desktop\FRST.txt
2014-07-02 19:26 - 2014-07-04 07:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 19:25 - 2014-07-02 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 19:25 - 2014-07-02 19:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 19:25 - 2014-07-02 19:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 19:25 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 19:25 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 19:25 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 22:08 - 2014-07-01 22:08 - 00284288 _____ (Mozilla) C:\Users\CF-NOTE\Desktop\Firefox Setup Stub 30.0.exe
2014-07-01 22:04 - 2014-07-05 22:03 - 00000000 ____D () C:\FRST
2014-07-01 22:04 - 2014-07-01 22:07 - 00049860 _____ () C:\Users\CF-NOTE\Downloads\Addition.txt
2014-07-01 22:04 - 2014-07-01 22:07 - 00037558 _____ () C:\Users\CF-NOTE\Downloads\FRST.txt
2014-07-01 22:03 - 2014-07-01 22:03 - 02083328 _____ (Farbar) C:\Users\CF-NOTE\Downloads\FRST64.exe
2014-07-01 21:56 - 2014-07-02 07:01 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-01 21:56 - 2014-07-02 07:01 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-01 21:56 - 2014-07-02 07:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-01 21:49 - 2014-07-01 21:49 - 00284288 _____ (Mozilla) C:\Users\CF-NOTE\Downloads\Firefox Setup Stub 30.0.exe
2014-07-01 21:47 - 2014-07-05 09:06 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\Alte Firefox-Daten
2014-06-29 22:09 - 2014-06-29 22:09 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Local\Huawei
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 __SHD () C:\Users\CF-NOTE\AppData\Local\EmieUserList
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 __SHD () C:\Users\CF-NOTE\AppData\Local\EmieSiteList
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Roaming\Security System 2
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Local\Temp47c7f78c9f5b381da0daafc57e1e4ab9
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-29 11:48 - 2014-06-13 13:40 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\dload
2014-06-26 10:29 - 2014-06-26 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-06-14 13:49 - 2014-06-15 10:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-13 13:34 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 13:34 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 13:34 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 13:34 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 13:34 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 13:34 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 13:34 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 13:34 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 13:34 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 13:34 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 13:34 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 13:34 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 13:34 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 13:34 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 13:34 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 13:34 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 13:34 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 13:34 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 13:34 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 13:34 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 13:34 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 13:34 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 13:34 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 13:34 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 13:34 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 13:34 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 13:34 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 13:34 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 13:34 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 13:34 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 13:34 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 13:34 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 13:34 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 13:34 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 13:34 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 13:34 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 13:34 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 13:34 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 13:34 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 13:34 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 13:34 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 13:34 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 13:34 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 13:34 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 13:34 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 13:34 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 13:34 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 13:34 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 13:34 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 13:34 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 13:34 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 13:34 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 09:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 09:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 09:21 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 09:21 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 22:00 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 22:00 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 22:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 22:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 22:00 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 22:00 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 22:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 22:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 13:55 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 13:55 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 22:26 - 2014-06-08 22:26 - 00002837 _____ () C:\Users\CF-NOTE\Desktop\HUAWEI P6-U06 - Verknüpfung.lnk
2014-06-05 12:16 - 2014-06-05 12:16 - 00000000 ____D () C:\ProgramData\MobileBrServ

==================== One Month Modified Files and Folders =======

2014-07-05 22:03 - 2014-07-05 22:03 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\FRST-OlderVersion
2014-07-05 22:03 - 2014-07-02 20:51 - 02084352 _____ (Farbar) C:\Users\CF-NOTE\Desktop\FRST64.exe
2014-07-05 22:03 - 2014-07-02 20:43 - 00019619 _____ () C:\Users\CF-NOTE\Desktop\FRST.txt
2014-07-05 22:03 - 2014-07-01 22:04 - 00000000 ____D () C:\FRST
2014-07-05 22:02 - 2014-01-29 22:05 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 22:02 - 2014-01-19 11:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-05 21:52 - 2014-07-05 21:52 - 00854390 _____ () C:\Users\CF-NOTE\Downloads\SecurityCheck.exe
2014-07-05 21:52 - 2014-07-05 21:52 - 00854390 _____ () C:\Users\CF-NOTE\Downloads\SecurityCheck(1).exe
2014-07-05 21:48 - 2014-01-19 09:17 - 01181531 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 21:06 - 2014-02-08 09:36 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Roaming\Raptr
2014-07-05 20:02 - 2014-01-29 22:05 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 20:01 - 2014-07-05 20:01 - 02347384 _____ (ESET) C:\Users\CF-NOTE\Downloads\esetsmartinstaller_deu.exe
2014-07-05 20:01 - 2014-07-05 20:01 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-05 09:11 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 09:11 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 09:08 - 2010-11-21 08:50 - 00700380 _____ () C:\Windows\system32\perfh007.dat
2014-07-05 09:08 - 2010-11-21 08:50 - 00149986 _____ () C:\Windows\system32\perfc007.dat
2014-07-05 09:08 - 2009-07-14 07:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-05 09:06 - 2014-07-01 21:47 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\Alte Firefox-Daten
2014-07-05 09:04 - 2014-02-21 16:50 - 00024122 _____ () C:\Windows\setupact.log
2014-07-05 09:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 18:13 - 2014-07-04 18:13 - 00001013 _____ () C:\Users\CF-NOTE\Desktop\JRT.txt
2014-07-04 18:04 - 2014-07-04 18:04 - 01016261 _____ (Thisisu) C:\Users\CF-NOTE\Downloads\JRT.exe
2014-07-04 18:04 - 2014-07-04 18:04 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 17:57 - 2014-03-19 19:27 - 00013650 _____ () C:\Windows\PFRO.log
2014-07-04 17:56 - 2014-07-04 07:53 - 00000000 ____D () C:\AdwCleaner
2014-07-04 07:55 - 2014-03-19 20:23 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\tmp
2014-07-04 07:55 - 2014-01-19 09:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-04 07:54 - 2014-07-02 19:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 07:53 - 2014-07-04 07:53 - 01346519 _____ () C:\Users\CF-NOTE\Downloads\adwcleaner_3.214.exe
2014-07-02 21:25 - 2014-05-07 14:36 - 00000000 ____D () C:\Windows\pss
2014-07-02 21:17 - 2014-07-02 21:17 - 00003483 _____ () C:\Users\CF-NOTE\Desktop\löschprotokoll malware.txt
2014-07-02 20:54 - 2014-07-02 20:53 - 00040795 _____ () C:\Users\CF-NOTE\Desktop\Addition.txt
2014-07-02 19:25 - 2014-07-02 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 19:25 - 2014-07-02 19:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 19:25 - 2014-07-02 19:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 19:19 - 2014-01-19 09:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-02 07:01 - 2014-07-01 21:56 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 07:01 - 2014-07-01 21:56 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 07:01 - 2014-07-01 21:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-01 22:08 - 2014-07-01 22:08 - 00284288 _____ (Mozilla) C:\Users\CF-NOTE\Desktop\Firefox Setup Stub 30.0.exe
2014-07-01 22:07 - 2014-07-01 22:04 - 00049860 _____ () C:\Users\CF-NOTE\Downloads\Addition.txt
2014-07-01 22:07 - 2014-07-01 22:04 - 00037558 _____ () C:\Users\CF-NOTE\Downloads\FRST.txt
2014-07-01 22:03 - 2014-07-01 22:03 - 02083328 _____ (Farbar) C:\Users\CF-NOTE\Downloads\FRST64.exe
2014-07-01 21:49 - 2014-07-01 21:49 - 00284288 _____ (Mozilla) C:\Users\CF-NOTE\Downloads\Firefox Setup Stub 30.0.exe
2014-06-29 22:47 - 2014-01-19 14:46 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Roaming\Skype
2014-06-29 22:09 - 2014-06-29 22:09 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Local\Huawei
2014-06-29 15:33 - 2014-03-20 22:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-29 15:33 - 2014-01-19 14:46 - 00000000 ____D () C:\ProgramData\Skype
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 __SHD () C:\Users\CF-NOTE\AppData\Local\EmieUserList
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 __SHD () C:\Users\CF-NOTE\AppData\Local\EmieSiteList
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Roaming\Security System 2
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\Users\CF-NOTE\AppData\Local\Temp47c7f78c9f5b381da0daafc57e1e4ab9
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-29 11:59 - 2014-06-29 11:59 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-26 10:29 - 2014-06-26 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-06-26 10:29 - 2014-01-19 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-23 21:55 - 2014-01-31 20:43 - 00000302 _____ () C:\Windows\Tasks\Synology Data Replicator 3-CF-NOTE-PC-CF-NOTE.job
2014-06-20 19:57 - 2014-01-29 22:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 19:57 - 2014-01-29 22:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-15 10:55 - 2014-06-14 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-13 13:40 - 2014-06-29 11:48 - 00000000 ____D () C:\Users\CF-NOTE\Desktop\dload
2014-06-13 09:23 - 2014-01-19 10:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 09:21 - 2014-05-06 19:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 09:21 - 2014-01-19 10:06 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 22:26 - 2014-06-08 22:26 - 00002837 _____ () C:\Users\CF-NOTE\Desktop\HUAWEI P6-U06 - Verknüpfung.lnk
2014-06-08 11:13 - 2014-06-12 13:55 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 13:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 12:16 - 2014-06-05 12:16 - 00000000 ____D () C:\ProgramData\MobileBrServ

Some content of TEMP:
====================
C:\Users\CF-NOTE\AppData\Local\Temp\7z920.exe
C:\Users\CF-NOTE\AppData\Local\Temp\amazonicon_v6.exe
C:\Users\CF-NOTE\AppData\Local\Temp\avgnt.exe
C:\Users\CF-NOTE\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\CF-NOTE\AppData\Local\Temp\foxy_security.exe
C:\Users\CF-NOTE\AppData\Local\Temp\mfc80.dll
C:\Users\CF-NOTE\AppData\Local\Temp\mfc80u.dll
C:\Users\CF-NOTE\AppData\Local\Temp\mfcm80.dll
C:\Users\CF-NOTE\AppData\Local\Temp\mfcm80u.dll
C:\Users\CF-NOTE\AppData\Local\Temp\msvcm80.dll
C:\Users\CF-NOTE\AppData\Local\Temp\msvcp80.dll
C:\Users\CF-NOTE\AppData\Local\Temp\msvcr80.dll
C:\Users\CF-NOTE\AppData\Local\Temp\OSU.exe
C:\Users\CF-NOTE\AppData\Local\Temp\Quarantine.exe
C:\Users\CF-NOTE\AppData\Local\Temp\sdanircmdc.exe
C:\Users\CF-NOTE\AppData\Local\Temp\sdapskill.exe
C:\Users\CF-NOTE\AppData\Local\Temp\sdaspwn.exe
C:\Users\CF-NOTE\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\CF-NOTE\AppData\Local\Temp\WTGXMLUtil.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 07:28

==================== End Of Log ============================

--- --- ---

--- --- ---

firefox funktioniert wieder
wars dass?

Firefox - Vorgang abgebrochen , Malware?

Plagegeister aller Art und deren Bekämpfung: Firefox - Vorgang abgebrochen , Malware?

Firefox - Vorgang abgebrochen , Malware?

Ähnliche Themen: Firefox - Vorgang abgebrochen , Malware?