Virus blockt alle Reinigungs/Scan Tools

FastCore · 11.07.2014, 11:35

Hallo,

ich habe eigentlich kein Problem mit meinem Computer, aber seitdem Malware-Bytes nicht startet geh ich mal davon aus das ich mich irgend ein Virus dran hindern will ihn zu löschen. Die Anleitung das ich die Logs und alles weitere posten soll hab ich befolgt nur lässt mein Computer keine Installtion zu und isoliert den download oder lässt ihn nicht starten(McAffe erscheint). Malware Bytes-Chameleon startet leider auch nicht das Programm. Könnt ihr mir eventuell erklären was ich am besten jetzt tun sollte. Ich hoffe ich hab kein falschen Theard aufgemacht oder etwas übersehn. Betriebssystem Windows 8 64bit.

Mfg

schrauber · 11.07.2014, 11:43

hi,

McAfee abschalten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FastCore · 11.07.2014, 17:22

Danke für die schnelle Antwort. Ich weis nicht recht wie ich McAfee ausschalten soll wenn ich drauf klicke erscheint dort nur: Ihr abonnent ist abgelaufen aktualisieren oder kaufen auf die Menü button kann ich nicht zugreifen. Wenn ich die exe. Datei ausführen möchte erscheint: Möchten sie die Datei ausführen.....änderungen am Pc, wenn ich auf ja klicke passiert einfach nichts komme dann nur durch Taskmanger erst wieder raus..hmmm. Penetranter Virus

Hoffe hab das richtig gemacht. Nach AdwareCleaner und EstOnlineScanner konnte ich Frst ausführen, Malwarebytes funktioniert immer noch nicht.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Fresh One (administrator) on ARDIT on 11-07-2014 16:58:51
Running from C:\Users\Fresh One\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Farbar) C:\Users\Fresh One\Desktop\FRST64(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-04-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Anvi Smart Defender] => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe [1636536 2013-10-21] (Anvisoft)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD)
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-10] (Valve Corporation)
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [] => [X]
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [GoogleChromeAutoLaunch_B51EA99DFF23659689574CAE53B4887B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dstrmsd&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0DtC0DtByCtBzzyB0CtN0D0Tzu0CyCzzyEtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1Q1B2Z1C1H1B1Q&cr=938507873&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dstrmsd&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0Bzz0DtC0DtByCtBzzyB0CtN0D0Tzu0CyCzzyEtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1Q1B2Z1C1H1B1Q&cr=938507873&ir=
SearchScopes: HKLM - {43398477-B85A-6959-33BA-6974154588D8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {504B45D8-B087-C1C9-F046-524D031643A1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {43398477-B85A-6959-33BA-6974154588D8} URL = 
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default
FF Homepage: hxxp://www.google.de/#
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: YouTube Unblocker - C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\Extensions\youtubeunblocker@unblocker.yt [2014-02-19]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\Extensions\extension@hidemyass.com.xpi [2013-11-19]
FF Extension: Adblock Plus - C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-19]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-14]
CHR Extension: (Google Drive) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-14]
CHR Extension: (YouTube) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-14]
CHR Extension: (Adblock Plus) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-07]
CHR Extension: (Google-Suche) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-14]
CHR Extension: (Google Wallet) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (YouTube Unblocker) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-02-26]
CHR Extension: (Google Mail) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-14]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asdsrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [742584 2013-10-21] (Anvisoft)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HPSLPSVC; C:\Users\sefed_000\AppData\Local\Temp\7zS751D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [18768 2013-10-15] (Anvisoft)
R2 asdrs; C:\Windows\system32\DRIVERS\asdrs.sys [23376 2013-10-15] (Anvisoft)
R2 asdws; C:\Windows\system32\DRIVERS\asdws.sys [17232 2013-10-15] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-03] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
S3 phaudlwr; C:\Windows\system32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 SPC530; C:\Windows\system32\drivers\SPC530.sys [583168 2008-05-21] (                                                            )
S3 SPC530m; C:\Windows\system32\drivers\SPC530m.sys [8192 2008-05-21] (                                                            )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-11 16:58 - 2014-07-11 16:59 - 00022918 _____ () C:\Users\Fresh One\Desktop\FRST.txt
2014-07-11 16:58 - 2014-07-11 16:58 - 02084864 _____ (Farbar) C:\Users\Fresh One\Desktop\FRST64(2).exe
2014-07-11 16:58 - 2014-07-11 16:58 - 00000000 ____D () C:\FRST
2014-07-11 16:37 - 2014-07-11 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-07-11 14:56 - 2014-07-11 14:56 - 02347384 _____ (ESET) C:\Users\Fresh One\Downloads\esetsmartinstaller_enu.exe
2014-07-11 14:56 - 2014-07-11 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-11 14:53 - 2014-07-11 14:53 - 00001254 _____ () C:\Users\Fresh One\Desktop\JRT.txt
2014-07-11 14:26 - 2014-07-11 14:26 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 14:25 - 2014-07-11 14:25 - 01016261 _____ (Thisisu) C:\Users\Fresh One\Desktop\JRT.exe
2014-07-11 14:25 - 2014-07-11 14:25 - 00018028 _____ () C:\Users\Fresh One\Desktop\XI4_eHIZ.htm
2014-07-11 14:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-11 14:10 - 2014-07-11 14:18 - 00000000 ____D () C:\AdwCleaner
2014-07-11 14:09 - 2014-07-11 14:09 - 01348263 _____ () C:\Users\Fresh One\Downloads\adwcleaner_3.215.exe
2014-07-11 13:57 - 2014-07-11 13:57 - 00000830 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 13:57 - 2014-07-11 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-11 13:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-11 13:56 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-11 13:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-11 13:55 - 2014-07-11 13:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-11 13:46 - 2014-07-11 13:48 - 00001612 _____ () C:\Users\sefed_000\Desktop\Rkill.txt
2014-07-11 13:46 - 2014-07-11 13:46 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill.exe
2014-07-11 13:46 - 2014-07-11 13:46 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill64.exe
2014-07-11 13:33 - 2014-07-11 13:33 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Fresh One\Downloads\rkill(1).com
2014-07-11 11:53 - 2014-07-11 11:53 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64(1).exe
2014-07-11 11:24 - 2014-07-11 11:24 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64.exe
2014-07-11 11:20 - 2014-07-11 11:20 - 00050477 _____ () C:\Users\Fresh One\Downloads\Defogger.exe
2014-07-11 11:12 - 2014-07-11 11:12 - 01110476 _____ () C:\Users\Fresh One\Downloads\7z920.exe
2014-07-11 10:59 - 2014-07-11 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-07-11 10:51 - 2014-06-03 21:08 - 00000000 ____D () C:\Users\Fresh One\Desktop\Chameleon
2014-07-10 14:22 - 2014-07-10 14:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone.lnk
2014-07-10 14:22 - 2014-07-10 14:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone (2).lnk
2014-07-10 14:07 - 2014-07-10 14:11 - 00000000 ____D () C:\Users\sefed_000\Desktop\Neuer Ordner (2)
2014-07-01 09:35 - 2014-07-01 09:35 - 431380566 _____ () C:\Windows\MEMORY.DMP
2014-06-29 14:04 - 2014-06-29 14:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-29 12:10 - 2014-06-29 12:11 - 00001612 _____ () C:\Users\Fresh One\Desktop\Rkill.txt
2014-06-29 12:10 - 2014-06-29 12:10 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Fresh One\Downloads\rkill.com
2014-06-29 12:10 - 2014-06-29 12:10 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Fresh One\Downloads\rkill64.com
2014-06-26 21:14 - 2014-06-26 21:14 - 00262144 ____N () C:\Windows\Minidump\062614-40653-01.dmp
2014-06-19 18:00 - 2014-06-19 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-06-13 10:33 - 2014-06-13 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-13 10:33 - 2014-06-13 10:33 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 23:51 - 2014-06-13 10:33 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:51 - 2014-06-13 10:33 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

==================== One Month Modified Files and Folders =======

2014-07-11 16:59 - 2014-07-11 16:58 - 00022918 _____ () C:\Users\Fresh One\Desktop\FRST.txt
2014-07-11 16:58 - 2014-07-11 16:58 - 02084864 _____ (Farbar) C:\Users\Fresh One\Desktop\FRST64(2).exe
2014-07-11 16:58 - 2014-07-11 16:58 - 00000000 ____D () C:\FRST
2014-07-11 16:56 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-11 16:53 - 2013-11-14 12:14 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 16:53 - 2013-11-14 12:14 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-11 16:37 - 2014-07-11 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-07-11 16:06 - 2013-11-15 17:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 16:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-11 15:19 - 2013-10-03 17:27 - 01234873 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 14:56 - 2014-07-11 14:56 - 02347384 _____ (ESET) C:\Users\Fresh One\Downloads\esetsmartinstaller_enu.exe
2014-07-11 14:56 - 2014-07-11 14:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-11 14:53 - 2014-07-11 14:53 - 00001254 _____ () C:\Users\Fresh One\Desktop\JRT.txt
2014-07-11 14:37 - 2013-11-14 11:56 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2868720526-556641131-3235537512-1001
2014-07-11 14:26 - 2014-07-11 14:26 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 14:25 - 2014-07-11 14:25 - 01016261 _____ (Thisisu) C:\Users\Fresh One\Desktop\JRT.exe
2014-07-11 14:25 - 2014-07-11 14:25 - 00018028 _____ () C:\Users\Fresh One\Desktop\XI4_eHIZ.htm
2014-07-11 14:22 - 2013-11-14 13:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-11 14:21 - 2014-05-27 15:39 - 00000386 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2014-07-11 14:21 - 2014-05-27 15:39 - 00000386 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2014-07-11 14:21 - 2013-07-08 10:16 - 00142480 _____ () C:\Windows\PFRO.log
2014-07-11 14:21 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-11 14:18 - 2014-07-11 14:10 - 00000000 ____D () C:\AdwCleaner
2014-07-11 14:17 - 2013-11-15 16:33 - 00000000 ____D () C:\Users\armen_000
2014-07-11 14:17 - 2013-11-14 15:41 - 00000000 ____D () C:\Users\sefed_000
2014-07-11 14:17 - 2013-11-14 11:46 - 00000000 ____D () C:\Users\Fresh One
2014-07-11 14:09 - 2014-07-11 14:09 - 01348263 _____ () C:\Users\Fresh One\Downloads\adwcleaner_3.215.exe
2014-07-11 13:57 - 2014-07-11 13:57 - 00000830 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 13:57 - 2014-07-11 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-11 13:55 - 2014-07-11 13:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-11 13:54 - 2013-11-18 14:09 - 00000000 ____D () C:\Users\Fresh One\AppData\Roaming\ClassicShell
2014-07-11 13:49 - 2013-11-20 15:47 - 00000000 ____D () C:\Users\sefed_000\AppData\Roaming\ClassicShell
2014-07-11 13:48 - 2014-07-11 13:46 - 00001612 _____ () C:\Users\sefed_000\Desktop\Rkill.txt
2014-07-11 13:46 - 2014-07-11 13:46 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill.exe
2014-07-11 13:46 - 2014-07-11 13:46 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill64.exe
2014-07-11 13:44 - 2013-11-14 15:56 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2868720526-556641131-3235537512-1004
2014-07-11 13:38 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-11 13:33 - 2014-07-11 13:33 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Fresh One\Downloads\rkill(1).com
2014-07-11 11:53 - 2014-07-11 11:53 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64(1).exe
2014-07-11 11:24 - 2014-07-11 11:24 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64.exe
2014-07-11 11:20 - 2014-07-11 11:20 - 00050477 _____ () C:\Users\Fresh One\Downloads\Defogger.exe
2014-07-11 11:12 - 2014-07-11 11:12 - 01110476 _____ () C:\Users\Fresh One\Downloads\7z920.exe
2014-07-11 10:59 - 2014-07-11 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-07-11 10:44 - 2013-12-27 11:10 - 00000000 ____D () C:\Users\sefed_000\AppData\Roaming\Skype
2014-07-11 10:09 - 2013-11-14 13:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-10 14:22 - 2014-07-10 14:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone.lnk
2014-07-10 14:22 - 2014-07-10 14:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone (2).lnk
2014-07-10 14:19 - 2012-07-26 08:21 - 00718868 _____ () C:\Windows\setupact.log
2014-07-10 14:11 - 2014-07-10 14:07 - 00000000 ____D () C:\Users\sefed_000\Desktop\Neuer Ordner (2)
2014-07-10 14:03 - 2013-12-24 13:04 - 00000000 ____D () C:\Users\sefed_000\AppData\Local\cache
2014-07-10 12:48 - 2013-11-18 12:20 - 01317888 ___SH () C:\Users\Fresh One\Desktop\Thumbs.db
2014-07-08 18:06 - 2013-11-15 17:17 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 22:16 - 2013-11-18 19:03 - 00000000 ____D () C:\Users\armen_000\AppData\Roaming\ClassicShell
2014-07-07 21:28 - 2013-11-15 16:42 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2868720526-556641131-3235537512-1005
2014-07-07 21:23 - 2014-02-17 19:40 - 00000000 ____D () C:\Users\armen_000\Tracing
2014-07-04 18:14 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-04 10:37 - 2014-05-23 11:03 - 00000000 ____D () C:\Users\sefed_000\Desktop\Neuer Ordner
2014-07-03 10:49 - 2014-03-31 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-03 10:49 - 2013-11-14 13:15 - 00000988 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-01 09:35 - 2014-07-01 09:35 - 431380566 _____ () C:\Windows\MEMORY.DMP
2014-07-01 09:35 - 2013-12-17 14:25 - 00000000 ____D () C:\Windows\Minidump
2014-06-30 13:19 - 2014-01-10 13:28 - 00000000 ____D () C:\Users\sefed_000\Desktop\Bewerbungen
2014-06-29 14:04 - 2014-06-29 14:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-29 12:11 - 2014-06-29 12:10 - 00001612 _____ () C:\Users\Fresh One\Desktop\Rkill.txt
2014-06-29 12:10 - 2014-06-29 12:10 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Fresh One\Downloads\rkill.com
2014-06-29 12:10 - 2014-06-29 12:10 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Fresh One\Downloads\rkill64.com
2014-06-26 21:14 - 2014-06-26 21:14 - 00262144 ____N () C:\Windows\Minidump\062614-40653-01.dmp
2014-06-26 21:10 - 2013-11-15 13:45 - 00000000 ____D () C:\Users\Fresh One\AppData\Roaming\Malwarebytes
2014-06-26 21:10 - 2013-11-15 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-26 21:10 - 2013-11-15 13:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-25 17:49 - 2013-11-15 18:21 - 01488384 ___SH () C:\Users\armen_000\Desktop\Thumbs.db
2014-06-22 12:13 - 2013-11-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 18:01 - 2014-06-19 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 16:48 - 2013-11-14 12:14 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 16:48 - 2013-11-14 12:14 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 17:06 - 2013-12-02 22:20 - 00000000 ____D () C:\Users\sefed_000\Documents\DVDVideoSoft
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-06-15 10:58 - 2013-11-14 12:14 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 10:33 - 2014-06-13 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-13 10:33 - 2014-06-13 10:33 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-13 10:33 - 2014-06-11 23:51 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-13 10:33 - 2014-06-11 23:51 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-12 01:09 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-06-11 09:59 - 2013-11-15 12:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 09:56 - 2013-11-15 12:04 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\armen_000\AppData\Local\Temp\COMAP.EXE
C:\Users\Fresh One\AppData\Local\Temp\COMAP.EXE
C:\Users\Fresh One\AppData\Local\Temp\google-chrome.exe
C:\Users\Fresh One\AppData\Local\Temp\htmlayout.dll
C:\Users\Fresh One\AppData\Local\Temp\Quarantine.exe
C:\Users\Fresh One\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Fresh One\AppData\Local\Temp\xmlUpdater.exe
C:\Users\sefed_000\AppData\Local\Temp\COMAP.EXE
C:\Users\sefed_000\AppData\Local\Temp\HPInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-05 16:13

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by Fresh One at 2014-07-11 17:00:30
Running from C:\Users\Fresh One\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30409 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{377C9C44-398B-6CBD-9138-F6B4AB951839}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0409.2219.38230 - Advanced Micro Devices, Inc.) Hidden
Anvi Smart Defender 1.9.3 (HKLM-x32\...\Anvi Smart Defender) (Version: 1.9.3 - Anvisoft)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}) (Version: 4.0.1.90 - MAGIX AG)
ASUS Video easy (Version: 4.0.1.90 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0409.2219.38230 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0409.2219.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0409.2218.38230 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0409.2219.38230 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
F2400 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.30.1029 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.903 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version:  - FINEDREAM INVEST LTD) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6890 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Start Menu X Version 5.00 (HKLM\...\{3E494002-985C-4908-B72C-5B4DD15BE090}_is1) (Version: 5.00 - OrdinarySoft)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

19-06-2014 12:53:15 Geplanter Prüfpunkt
29-06-2014 13:54:11 Geplanter Prüfpunkt
07-07-2014 09:28:58 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A4ACC11-7710-461F-A606-3B3C4F79CF93} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {0D6F1F33-46C3-4C7D-947B-371B56CEC2F3} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {0DAEBF49-17B1-4CDB-9E6F-F7754206186E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {0F493A2D-21A7-429A-AED2-C27CBCE08DB7} - \UpdaterEX No Task File <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1AC078E2-2C9E-4DD7-BD9B-D24B071FBF95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {1E0E8285-1559-416F-ADFE-7A350155B4CB} - \DealPly No Task File <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {434BBFC1-D6A8-465F-811C-6485175CB641} - \PileFile reminder No Task File <==== ATTENTION
Task: {4A56F839-5BFA-4672-BC93-AFB178D435C9} - \MySearchDial No Task File <==== ATTENTION
Task: {4D25AAF5-3B60-4D9B-B711-AAE9E2D1A473} - \PileFile logon No Task File <==== ATTENTION
Task: {5AB07EAF-ADBF-40E9-BBCB-9177EFF8D9E4} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-05-27] ()
Task: {724B094B-49BF-4F4F-8F9A-7EDFB6B444C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {8E9F253A-6224-4D46-9D04-36DBB545AA6D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: {985A2D15-54A9-4CC6-AD37-43C8236D520F} - \Oxy No Task File <==== ATTENTION
Task: {9ADBBA26-9754-465C-B9F2-A42FDA0D88E9} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ECE4A26F-FE2A-455F-A7ED-FBC545E37397} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-05-27] ()
Task: {FCCA794C-80B6-4C3C-B176-729713C7BED6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-08 11:35 - 2012-06-01 10:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-19 07:10 - 2012-12-19 07:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-05-27 15:39 - 2014-05-27 15:39 - 02733080 _____ () C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
2013-02-13 00:05 - 2013-02-13 00:05 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-02-13 00:05 - 2013-02-13 00:05 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2012-07-25 21:44 - 2012-07-25 21:35 - 00129024 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2012-08-31 20:28 - 2012-08-31 20:28 - 00005120 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MetroNotifications.dll
2012-07-25 21:44 - 2012-07-25 21:35 - 00036864 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 21:44 - 2012-07-25 21:35 - 00022016 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-08 11:35 - 2014-07-11 14:21 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-08 11:35 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-10-15 04:06 - 2013-10-15 04:06 - 00785128 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2014 02:56:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (07/11/2014 02:56:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Fresh One\Downloads\esetsmartinstaller_enu.exe


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 3272.29 MB
Available physical RAM: 1313.3 MB
Total Pagefile: 6600.29 MB
Available Pagefile: 4416.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:85.76 GB) NTFS
Drive d: (Data) (Fixed) (Total:761.33 GB) (Free:760.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 710B350F)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 12.07.2014, 15:47

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

FastCore · 13.07.2014, 12:20

Es funktioniert wieder alles vielen dank für die schnelle Hilfe. Malware-bytes startet wieder und findet keine malware mehr

Schöne Grüße
FastCore

schrauber · 14.07.2014, 09:26

Mach bitte trotzdem Combofix. Wir sind noch nit fertig

FastCore · 14.07.2014, 19:50

Alles klar habs durchgeführt.

Code:

ATTFilter

ComboFix 14-07-14.01 - Fresh One 14.07.2014  20:01:17.1.2 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.3272.2246 [GMT 2:00]
ausgeführt von:: c:\users\Fresh One\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-14 bis 2014-07-14  ))))))))))))))))))))))))))))))
.
.
2014-07-13 13:55 . 2014-07-13 13:56	--------	d-----w-	c:\program files\Defraggler
2014-07-13 11:25 . 2014-07-13 11:25	--------	d-----w-	c:\program files\Microsoft Silverlight
2014-07-13 11:25 . 2014-07-13 11:25	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2014-07-13 10:52 . 2014-07-13 10:53	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-13 10:52 . 2014-07-13 10:52	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-07-13 10:52 . 2014-05-12 05:26	64216	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-13 10:52 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-13 10:52 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-13 10:44 . 2014-07-13 10:44	--------	d-----w-	C:\history
2014-07-13 10:43 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-13 10:43 . 2014-05-08 01:34	328024	----a-w-	c:\windows\system32\drivers\Classpnp.sys
2014-07-13 10:11 . 2014-07-13 10:11	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-07-13 08:27 . 2014-06-26 20:53	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-13 08:27 . 2014-06-26 20:53	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-12 22:13 . 2014-07-12 22:13	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-11 17:19 . 2014-07-11 17:19	--------	d-----w-	c:\users\Fresh One\AppData\Local\Skype
2014-07-11 17:19 . 2014-07-11 18:16	--------	d-----w-	c:\users\Fresh One\AppData\Roaming\Skype
2014-07-11 15:58 . 2014-07-11 16:01	--------	d-----w-	C:\FRST
2014-07-11 15:57 . 2014-06-19 02:12	915968	----a-w-	c:\windows\system32\uxtheme.dll
2014-07-11 13:26 . 2014-07-11 13:26	--------	d-----w-	c:\windows\ERUNT
2014-07-11 13:12 . 2010-08-30 07:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-07-11 13:10 . 2014-07-11 13:18	--------	d-----w-	C:\AdwCleaner
2014-07-11 12:56 . 2014-07-11 12:56	--------	d-----w-	C:\Desktop
2014-07-01 09:19 . 2014-07-01 09:19	257704	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-17 15:21 . 2014-06-17 15:21	235800	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2014-06-17 15:07 . 2014-06-17 15:07	328984	----a-w-	c:\windows\system32\drivers\avgloga.sys
2014-06-17 15:06 . 2014-06-17 15:06	190744	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2014-06-17 15:06 . 2014-06-17 15:06	242968	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2014-06-17 15:06 . 2014-06-17 15:06	153368	----a-w-	c:\windows\system32\drivers\avgdiska.sys
2014-06-17 15:06 . 2014-06-17 15:06	123672	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2014-06-17 15:06 . 2014-06-17 15:06	31512	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 16:11 . 2013-11-15 11:04	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-06-02 23:10 . 2014-04-18 18:15	50464	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2014-05-14 20:09 . 2014-05-14 20:09	274712	----a-w-	c:\windows\system32\drivers\avgwfpa.sys
2014-05-03 05:47 . 2014-06-10 18:32	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-10 18:32	235520	----a-w-	c:\windows\system32\rdpudd.dll
2014-04-29 22:32 . 2014-06-10 18:32	1301504	----a-w-	c:\windows\system32\gdi32.dll
2014-04-29 22:22 . 2014-06-10 18:32	1023488	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-04-19 09:39 . 2014-05-06 10:13	628024	----a-w-	c:\windows\system32\NotificationUI.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-20 16:47	627712	----a-w-	c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2013-04-10 389120]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-07-12 1753280]
"GoogleChromeAutoLaunch_B51EA99DFF23659689574CAE53B4887B"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-06-05 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2012-08-20 550272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe" [2012-12-19 3576784]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2013-07-08 3187360]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-10 642656]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-06-17 5179408]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-11-06 311152]
"Anvi Smart Defender"="c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2013-10-21 1636536]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-11-01 2353880]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ahcix64s;ahcix64s;c:\windows\System32\drivers\ahcix64s.sys;c:\windows\SYSNATIVE\drivers\ahcix64s.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys;c:\windows\SYSNATIVE\DRIVERS\phaudlwr.sys [x]
R3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
R3 SPC530;Philips SPC530NC PC Camera;c:\windows\system32\drivers\SPC530.sys;c:\windows\SYSNATIVE\drivers\SPC530.sys [x]
R3 SPC530m;@oem14.inf,%G2DEVICE.DeviceDesc%m;Philips SPC530NC PC Cameram;c:\windows\system32\drivers\SPC530m.sys;c:\windows\SYSNATIVE\drivers\SPC530m.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys;c:\windows\SYSNATIVE\DRIVERS\asdrm.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 Avgwfpa;AVG Firewall Driver;c:\windows\system32\DRIVERS\avgwfpa.sys;c:\windows\SYSNATIVE\DRIVERS\avgwfpa.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys;c:\windows\SYSNATIVE\DRIVERS\asdrs.sys [x]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [x]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys;c:\windows\SYSNATIVE\DRIVERS\asdws.sys [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 AU8168;AU 8168 NT Driver;c:\windows\system32\DRIVERS\au630x64.sys;c:\windows\SYSNATIVE\DRIVERS\au630x64.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-15 09:48	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-15 17:06]
.
2014-07-13 c:\windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
- c:\program files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-05-27 14:39]
.
2014-07-13 c:\windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
- c:\program files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-05-27 14:39]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14 11:13]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14 11:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15	1472512	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15	1472512	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15	1472512	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-20 16:47	774144	----a-w-	c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-04-23 7188040]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-03-08 1278024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/#
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-14  20:42:29
ComboFix-quarantined-files.txt  2014-07-14 18:42
.
Vor Suchlauf: 12 Verzeichnis(se), 99.042.426.880 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 100.849.733.632 Bytes frei
.
- - End Of File - - 5A62B5E995F7215682770B49A431229D
5FB38429D5D77768867C76DCBDB35194

schrauber · 15.07.2014, 19:21

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

FastCore · 22.07.2014, 14:40

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.07.2014
Suchlauf-Zeit: 14:48:03
Logdatei: malwarebyte.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.22.03
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Fresh One

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 379470
Verstrichene Zeit: 12 Min, 47 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

# AdwCleaner v3.216 - Bericht erstellt am 22/07/2014 um 15:07:35
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Fresh One - ARDIT
# Gestartet von : C:\Users\Fresh One\Downloads\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\sefed_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17028


-\\ Mozilla Firefox v30.0 (en-US)

[ Datei : C:\Users\armen_000\AppData\Roaming\Mozilla\Firefox\Profiles\mco1n8dr.default\prefs.js ]


[ Datei : C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\prefs.js ]


[ Datei : C:\Users\sefed_000\AppData\Roaming\Mozilla\Firefox\Profiles\a7eua44d.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\armen_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\sefed_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17780 octets] - [11/07/2014 15:10:26]
AdwCleaner[R1].txt - [1572 octets] - [22/07/2014 15:05:07]
AdwCleaner[S0].txt - [17080 octets] - [11/07/2014 15:13:59]
AdwCleaner[S1].txt - [1493 octets] - [22/07/2014 15:07:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1553 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Fresh One on 22.07.2014 at 15:16:32,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Fresh One\AppData\Roaming\mozilla\firefox\profiles\2gdm02vz.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2014 at 15:27:39,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Fresh One (administrator) on ARDIT on 22-07-2014 15:35:27
Running from C:\Users\Fresh One\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-04-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Anvi Smart Defender] => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe [1636536 2013-10-21] (Anvisoft)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-04-10] (AMD)
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-12] (Valve Corporation)
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [GoogleChromeAutoLaunch_B51EA99DFF23659689574CAE53B4887B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-2868720526-556641131-3235537512-1001\...\Run: [Facebook Update] => C:\Users\Fresh One\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-20] (Facebook Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {43398477-B85A-6959-33BA-6974154588D8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {504B45D8-B087-C1C9-F046-524D031643A1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {43398477-B85A-6959-33BA-6974154588D8} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default
FF Homepage: hxxp://www.google.de/#
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Fresh One\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: YouTube Unblocker - C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\Extensions\youtubeunblocker@unblocker.yt [2014-02-19]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\Extensions\extension@hidemyass.com.xpi [2013-11-19]
FF Extension: Adblock Plus - C:\Users\Fresh One\AppData\Roaming\Mozilla\Firefox\Profiles\2gdm02vz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-19]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-14]
CHR Extension: (Google Drive) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-14]
CHR Extension: (YouTube) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-14]
CHR Extension: (Adblock Plus) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-08]
CHR Extension: (Google-Suche) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-14]
CHR Extension: (Google Wallet) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (YouTube Unblocker) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-02-26]
CHR Extension: (Google Mail) - C:\Users\Fresh One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-14]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asdsrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [742584 2013-10-21] (Anvisoft)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HPSLPSVC; C:\Users\sefed_000\AppData\Local\Temp\7zS751D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-04-25] (Microsoft Corporation)
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [18768 2013-10-15] (Anvisoft)
R2 asdrs; C:\Windows\system32\DRIVERS\asdrs.sys [23376 2013-10-15] (Anvisoft)
R2 asdws; C:\Windows\system32\DRIVERS\asdws.sys [17232 2013-10-15] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-03] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 phaudlwr; C:\Windows\system32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
R3 SPC530; C:\Windows\system32\drivers\SPC530.sys [583168 2008-05-21] (                                                            )
R3 SPC530m; C:\Windows\system32\drivers\SPC530m.sys [8192 2008-05-21] (                                                            )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-22 15:27 - 2014-07-22 15:35 - 00000751 _____ () C:\Users\Fresh One\Desktop\JRT.txt
2014-07-22 15:12 - 2014-07-22 15:12 - 00000000 ____D () C:\Users\Fresh One\Desktop\FRST-OlderVersion
2014-07-22 15:11 - 2014-07-22 15:12 - 02090496 _____ (Farbar) C:\Users\Fresh One\Desktop\FRST64.exe
2014-07-22 15:11 - 2014-07-22 15:11 - 00001633 _____ () C:\Users\Fresh One\Desktop\AdwCleaner[S1].txt
2014-07-22 15:04 - 2014-07-22 15:04 - 01354223 _____ () C:\Users\Fresh One\Downloads\adwcleaner_3.216.exe
2014-07-22 15:02 - 2014-07-22 15:02 - 00001155 _____ () C:\Users\Fresh One\Desktop\malwarebyte.txt
2014-07-20 17:26 - 2014-07-22 14:31 - 00000956 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001UA.job
2014-07-20 17:26 - 2014-07-21 17:31 - 00000934 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001Core.job
2014-07-20 17:26 - 2014-07-20 17:26 - 00003812 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001UA
2014-07-20 17:26 - 2014-07-20 17:26 - 00003462 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001Core
2014-07-20 17:25 - 2014-07-20 17:26 - 00000000 ____D () C:\Users\Fresh One\AppData\Local\Facebook
2014-07-20 17:25 - 2014-07-20 17:25 - 00501248 _____ (Facebook Inc.) C:\Users\Fresh One\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-07-14 20:43 - 2014-07-14 20:43 - 00018318 _____ () C:\Users\Fresh One\Desktop\combofix.txt
2014-07-14 20:42 - 2014-07-14 20:42 - 00018318 _____ () C:\ComboFix.txt
2014-07-14 19:57 - 2014-07-14 20:42 - 00000000 ____D () C:\Qoobox
2014-07-14 19:57 - 2014-07-14 20:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 19:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-14 19:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-14 19:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-14 19:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-14 19:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-14 19:57 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-14 19:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-14 19:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-14 19:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-14 19:53 - 2014-07-14 19:53 - 05219590 ____R (Swearware) C:\Users\Fresh One\Desktop\ComboFix.exe
2014-07-13 15:56 - 2014-07-13 15:56 - 00001731 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-07-13 15:56 - 2014-07-13 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-07-13 15:55 - 2014-07-13 15:56 - 00000000 ____D () C:\Program Files\Defraggler
2014-07-13 15:55 - 2014-07-13 15:55 - 04362512 _____ (Piriform Ltd) C:\Users\Fresh One\Downloads\dfsetup218.exe
2014-07-13 15:55 - 2014-07-13 15:55 - 00961360 _____ (Chip Digital GmbH) C:\Users\Fresh One\Downloads\Malwarebytes Chameleon - CHIP-Installer.exe
2014-07-13 13:26 - 2014-07-13 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-13 13:25 - 2014-07-13 13:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-13 13:25 - 2014-07-13 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-13 13:17 - 2014-07-13 13:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Fresh One\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2014-07-13 12:52 - 2014-07-22 14:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 12:52 - 2014-07-13 12:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-13 12:52 - 2014-07-13 12:52 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 12:52 - 2014-07-13 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-13 12:52 - 2014-07-13 12:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-13 12:52 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-13 12:52 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-13 12:52 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-13 12:43 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-07-13 12:43 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-07-13 12:37 - 2014-04-18 20:48 - 00217018 ____N () C:\Windows\hpoins44.dat.temp
2014-07-13 12:37 - 2012-09-27 01:06 - 00000444 ____N () C:\Windows\hpomdl44.dat.temp
2014-07-13 12:35 - 2014-07-13 12:37 - 39969288 _____ () C:\Users\Fresh One\Downloads\DJ_AIO_06_F2400_NonNet_Basic_Win_enu_140_175.exe
2014-07-13 12:23 - 2014-07-13 12:24 - 00380232 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 12:11 - 2014-07-13 12:11 - 00001271 _____ () C:\Users\Fresh One\Desktop\Revo Uninstaller.lnk
2014-07-13 12:11 - 2014-07-13 12:11 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-13 12:10 - 2014-07-13 12:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Fresh One\Downloads\revosetup95.exe
2014-07-13 10:27 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-13 10:27 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-13 00:13 - 2014-07-13 00:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 19:19 - 2014-07-21 00:10 - 00000000 ____D () C:\Users\Fresh One\AppData\Roaming\Skype
2014-07-11 19:19 - 2014-07-11 19:19 - 00000000 ____D () C:\Users\Fresh One\AppData\Local\Skype
2014-07-11 18:02 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-11 18:02 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 18:02 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 18:02 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-11 18:02 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-11 18:02 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-11 18:02 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 18:02 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-11 18:02 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-11 18:02 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-11 18:02 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-11 18:02 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-11 18:02 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-11 18:02 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-11 18:02 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-11 18:02 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 18:02 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-11 18:02 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 18:02 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-11 18:00 - 2014-07-11 18:01 - 00025583 _____ () C:\Users\Fresh One\Desktop\Addition.txt
2014-07-11 17:58 - 2014-07-22 15:35 - 00018058 _____ () C:\Users\Fresh One\Desktop\FRST.txt
2014-07-11 17:58 - 2014-07-22 15:35 - 00000000 ____D () C:\FRST
2014-07-11 17:58 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 17:58 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-11 17:58 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-11 17:58 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 17:58 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 17:58 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 17:58 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 17:58 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 17:58 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-11 17:58 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 17:58 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-11 17:58 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 17:58 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-11 17:58 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 17:58 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-11 17:58 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-11 17:58 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-11 17:58 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-11 17:58 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-11 17:58 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-11 17:58 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-11 17:57 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-11 17:57 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-11 17:57 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-11 17:57 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-11 17:57 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 17:57 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 17:57 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 17:57 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-11 17:57 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-11 17:57 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 17:57 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-11 17:57 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-11 17:57 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-11 17:57 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-11 17:57 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-11 17:57 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-11 17:57 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-11 17:57 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 17:57 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-11 17:57 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-11 17:57 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 17:57 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-11 17:57 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-11 15:56 - 2014-07-11 15:56 - 02347384 _____ (ESET) C:\Users\Fresh One\Downloads\esetsmartinstaller_enu.exe
2014-07-11 15:26 - 2014-07-11 15:26 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 15:25 - 2014-07-11 15:25 - 01016261 _____ (Thisisu) C:\Users\Fresh One\Desktop\JRT.exe
2014-07-11 15:25 - 2014-07-11 15:25 - 00018028 _____ () C:\Users\Fresh One\Desktop\XI4_eHIZ.htm
2014-07-11 15:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-11 15:10 - 2014-07-22 15:08 - 00000000 ____D () C:\AdwCleaner
2014-07-11 14:46 - 2014-07-11 14:48 - 00001612 _____ () C:\Users\sefed_000\Desktop\Rkill.txt
2014-07-11 14:46 - 2014-07-11 14:46 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill.exe
2014-07-11 14:46 - 2014-07-11 14:46 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill64.exe
2014-07-11 12:53 - 2014-07-11 12:53 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64(1).exe
2014-07-11 12:24 - 2014-07-11 12:24 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64.exe
2014-07-11 12:20 - 2014-07-11 12:20 - 00050477 _____ () C:\Users\Fresh One\Downloads\Defogger.exe
2014-07-11 12:12 - 2014-07-11 12:12 - 01110476 _____ () C:\Users\Fresh One\Downloads\7z920.exe
2014-07-10 15:22 - 2014-07-10 15:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone.lnk
2014-07-10 15:22 - 2014-07-10 15:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone (2).lnk
2014-07-10 15:07 - 2014-07-10 15:11 - 00000000 ____D () C:\Users\sefed_000\Desktop\Neuer Ordner (2)
2014-07-01 10:35 - 2014-07-01 10:35 - 431380566 _____ () C:\Windows\MEMORY.DMP
2014-06-29 13:10 - 2014-06-29 13:11 - 00001612 _____ () C:\Users\Fresh One\Desktop\Rkill.txt
2014-06-26 22:14 - 2014-06-26 22:14 - 00262144 ____N () C:\Windows\Minidump\062614-40653-01.dmp

==================== One Month Modified Files and Folders =======

2014-07-22 15:35 - 2014-07-22 15:27 - 00000751 _____ () C:\Users\Fresh One\Desktop\JRT.txt
2014-07-22 15:35 - 2014-07-11 17:58 - 00018058 _____ () C:\Users\Fresh One\Desktop\FRST.txt
2014-07-22 15:35 - 2014-07-11 17:58 - 00000000 ____D () C:\FRST
2014-07-22 15:30 - 2013-10-03 18:27 - 01111033 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 15:28 - 2013-11-14 12:56 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2868720526-556641131-3235537512-1001
2014-07-22 15:15 - 2013-11-18 15:09 - 00000000 ____D () C:\Users\Fresh One\AppData\Roaming\ClassicShell
2014-07-22 15:14 - 2013-04-25 15:36 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-07-22 15:14 - 2013-04-25 15:36 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-07-22 15:14 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 15:12 - 2014-07-22 15:12 - 00000000 ____D () C:\Users\Fresh One\Desktop\FRST-OlderVersion
2014-07-22 15:12 - 2014-07-22 15:11 - 02090496 _____ (Farbar) C:\Users\Fresh One\Desktop\FRST64.exe
2014-07-22 15:11 - 2014-07-22 15:11 - 00001633 _____ () C:\Users\Fresh One\Desktop\AdwCleaner[S1].txt
2014-07-22 15:11 - 2013-11-14 14:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-22 15:10 - 2014-05-27 16:39 - 00000386 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2014-07-22 15:10 - 2014-05-27 16:39 - 00000386 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2014-07-22 15:10 - 2013-11-14 13:14 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 15:09 - 2013-07-08 11:16 - 00162844 _____ () C:\Windows\PFRO.log
2014-07-22 15:09 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 15:08 - 2014-07-11 15:10 - 00000000 ____D () C:\AdwCleaner
2014-07-22 15:08 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-22 15:06 - 2013-11-15 18:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 15:04 - 2014-07-22 15:04 - 01354223 _____ () C:\Users\Fresh One\Downloads\adwcleaner_3.216.exe
2014-07-22 15:02 - 2014-07-22 15:02 - 00001155 _____ () C:\Users\Fresh One\Desktop\malwarebyte.txt
2014-07-22 15:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-22 14:53 - 2013-11-14 13:14 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 14:47 - 2014-07-13 12:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 14:33 - 2013-11-14 14:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-22 14:33 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-22 14:31 - 2014-07-20 17:26 - 00000956 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001UA.job
2014-07-21 17:31 - 2014-07-20 17:26 - 00000934 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001Core.job
2014-07-21 00:10 - 2014-07-11 19:19 - 00000000 ____D () C:\Users\Fresh One\AppData\Roaming\Skype
2014-07-20 23:08 - 2013-11-18 13:20 - 01320448 ___SH () C:\Users\Fresh One\Desktop\Thumbs.db
2014-07-20 17:29 - 2012-07-26 09:21 - 00719678 _____ () C:\Windows\setupact.log
2014-07-20 17:26 - 2014-07-20 17:26 - 00003812 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001UA
2014-07-20 17:26 - 2014-07-20 17:26 - 00003462 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2868720526-556641131-3235537512-1001Core
2014-07-20 17:26 - 2014-07-20 17:25 - 00000000 ____D () C:\Users\Fresh One\AppData\Local\Facebook
2014-07-20 17:25 - 2014-07-20 17:25 - 00501248 _____ (Facebook Inc.) C:\Users\Fresh One\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-07-20 17:17 - 2013-11-14 13:14 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 23:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-14 20:43 - 2014-07-14 20:43 - 00018318 _____ () C:\Users\Fresh One\Desktop\combofix.txt
2014-07-14 20:42 - 2014-07-14 20:42 - 00018318 _____ () C:\ComboFix.txt
2014-07-14 20:42 - 2014-07-14 19:57 - 00000000 ____D () C:\Qoobox
2014-07-14 20:42 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-07-14 20:40 - 2014-07-14 19:57 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 20:39 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-07-14 19:53 - 2014-07-14 19:53 - 05219590 ____R (Swearware) C:\Users\Fresh One\Desktop\ComboFix.exe
2014-07-13 15:56 - 2014-07-13 15:56 - 00001731 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-07-13 15:56 - 2014-07-13 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-07-13 15:56 - 2014-07-13 15:55 - 00000000 ____D () C:\Program Files\Defraggler
2014-07-13 15:55 - 2014-07-13 15:55 - 04362512 _____ (Piriform Ltd) C:\Users\Fresh One\Downloads\dfsetup218.exe
2014-07-13 15:55 - 2014-07-13 15:55 - 00961360 _____ (Chip Digital GmbH) C:\Users\Fresh One\Downloads\Malwarebytes Chameleon - CHIP-Installer.exe
2014-07-13 13:38 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-13 13:26 - 2014-07-13 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-13 13:25 - 2014-07-13 13:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-13 13:25 - 2014-07-13 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-13 13:17 - 2014-07-13 13:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Fresh One\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2014-07-13 12:52 - 2014-07-13 12:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fresh One\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-13 12:52 - 2014-07-13 12:52 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 12:52 - 2014-07-13 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-13 12:52 - 2014-07-13 12:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-13 12:43 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-13 12:39 - 2014-04-18 20:35 - 00137764 _____ () C:\Windows\hpoins44.dat
2014-07-13 12:39 - 2014-04-18 20:35 - 00001173 _____ () C:\ProgramData\hpzinstall.log
2014-07-13 12:38 - 2014-04-18 20:37 - 00000000 ____D () C:\Program Files (x86)\HP
2014-07-13 12:37 - 2014-07-13 12:35 - 39969288 _____ () C:\Users\Fresh One\Downloads\DJ_AIO_06_F2400_NonNet_Basic_Win_enu_140_175.exe
2014-07-13 12:25 - 2013-07-08 12:41 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-13 12:24 - 2014-07-13 12:23 - 00380232 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 12:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-13 12:11 - 2014-07-13 12:11 - 00001271 _____ () C:\Users\Fresh One\Desktop\Revo Uninstaller.lnk
2014-07-13 12:11 - 2014-07-13 12:11 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-13 12:10 - 2014-07-13 12:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Fresh One\Downloads\revosetup95.exe
2014-07-13 00:14 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 00:14 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 00:13 - 2014-07-13 00:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-13 00:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-13 00:13 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 19:19 - 2014-07-11 19:19 - 00000000 ____D () C:\Users\Fresh One\AppData\Local\Skype
2014-07-11 19:19 - 2014-03-26 21:36 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-11 19:19 - 2014-03-26 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-11 19:19 - 2013-11-26 22:09 - 00000000 ____D () C:\ProgramData\Skype
2014-07-11 18:12 - 2013-11-15 13:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 18:11 - 2013-11-15 13:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 18:01 - 2014-07-11 18:00 - 00025583 _____ () C:\Users\Fresh One\Desktop\Addition.txt
2014-07-11 15:56 - 2014-07-11 15:56 - 02347384 _____ (ESET) C:\Users\Fresh One\Downloads\esetsmartinstaller_enu.exe
2014-07-11 15:26 - 2014-07-11 15:26 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 15:25 - 2014-07-11 15:25 - 01016261 _____ (Thisisu) C:\Users\Fresh One\Desktop\JRT.exe
2014-07-11 15:25 - 2014-07-11 15:25 - 00018028 _____ () C:\Users\Fresh One\Desktop\XI4_eHIZ.htm
2014-07-11 15:17 - 2013-11-15 17:33 - 00000000 ____D () C:\Users\armen_000
2014-07-11 15:17 - 2013-11-14 16:41 - 00000000 ____D () C:\Users\sefed_000
2014-07-11 15:17 - 2013-11-14 12:46 - 00000000 ____D () C:\Users\Fresh One
2014-07-11 14:49 - 2013-11-20 16:47 - 00000000 ____D () C:\Users\sefed_000\AppData\Roaming\ClassicShell
2014-07-11 14:48 - 2014-07-11 14:46 - 00001612 _____ () C:\Users\sefed_000\Desktop\Rkill.txt
2014-07-11 14:46 - 2014-07-11 14:46 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill.exe
2014-07-11 14:46 - 2014-07-11 14:46 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\sefed_000\Downloads\rkill64.exe
2014-07-11 14:44 - 2013-11-14 16:56 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2868720526-556641131-3235537512-1004
2014-07-11 12:53 - 2014-07-11 12:53 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64(1).exe
2014-07-11 12:24 - 2014-07-11 12:24 - 02084864 _____ (Farbar) C:\Users\Fresh One\Downloads\FRST64.exe
2014-07-11 12:20 - 2014-07-11 12:20 - 00050477 _____ () C:\Users\Fresh One\Downloads\Defogger.exe
2014-07-11 12:12 - 2014-07-11 12:12 - 01110476 _____ () C:\Users\Fresh One\Downloads\7z920.exe
2014-07-11 11:44 - 2013-12-27 12:10 - 00000000 ____D () C:\Users\sefed_000\AppData\Roaming\Skype
2014-07-10 15:22 - 2014-07-10 15:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone.lnk
2014-07-10 15:22 - 2014-07-10 15:22 - 00002139 _____ () C:\Users\sefed_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phone (2).lnk
2014-07-10 15:11 - 2014-07-10 15:07 - 00000000 ____D () C:\Users\sefed_000\Desktop\Neuer Ordner (2)
2014-07-10 15:03 - 2013-12-24 14:04 - 00000000 ____D () C:\Users\sefed_000\AppData\Local\cache
2014-07-08 19:06 - 2013-11-15 18:17 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 23:16 - 2013-11-18 20:03 - 00000000 ____D () C:\Users\armen_000\AppData\Roaming\ClassicShell
2014-07-07 22:28 - 2013-11-15 17:42 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2868720526-556641131-3235537512-1005
2014-07-07 22:23 - 2014-02-17 20:40 - 00000000 ____D () C:\Users\armen_000\Tracing
2014-07-04 11:37 - 2014-05-23 12:03 - 00000000 ____D () C:\Users\sefed_000\Desktop\Neuer Ordner
2014-07-03 11:49 - 2014-03-31 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-03 11:49 - 2013-11-14 14:15 - 00000988 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-01 10:35 - 2014-07-01 10:35 - 431380566 _____ () C:\Windows\MEMORY.DMP
2014-07-01 10:35 - 2013-12-17 15:25 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 00:42 - 2014-07-11 17:58 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-11 17:58 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-11 17:58 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-06-30 14:19 - 2014-01-10 14:28 - 00000000 ____D () C:\Users\sefed_000\Desktop\Bewerbungen
2014-06-29 13:11 - 2014-06-29 13:10 - 00001612 _____ () C:\Users\Fresh One\Desktop\Rkill.txt
2014-06-28 05:35 - 2014-07-11 17:58 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 22:53 - 2014-07-13 10:27 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2014-07-13 10:27 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 22:14 - 2014-06-26 22:14 - 00262144 ____N () C:\Windows\Minidump\062614-40653-01.dmp
2014-06-26 22:10 - 2013-11-15 14:45 - 00000000 ____D () C:\Users\Fresh One\AppData\Roaming\Malwarebytes
2014-06-26 22:10 - 2013-11-15 14:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-26 22:10 - 2013-11-15 14:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-25 18:49 - 2013-11-15 19:21 - 01488384 ___SH () C:\Users\armen_000\Desktop\Thumbs.db
2014-06-22 13:13 - 2013-11-14 13:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Fresh One\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-16 03:32

==================== End Of Log ============================

--- --- ---

schrauber · 23.07.2014, 08:25

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

14.07.2014, 09:26	#6
schrauber /// the machine /// TB-Ausbilder	Virus blockt alle Reinigungs/Scan Tools Mach bitte trotzdem Combofix. Wir sind noch nit fertig __________________ --> Virus blockt alle Reinigungs/Scan Tools

Virus blockt alle Reinigungs/Scan Tools

Plagegeister aller Art und deren Bekämpfung: Virus blockt alle Reinigungs/Scan Tools