h**p://98uj8.de/s3brsn5ba66mgfzeinrum#ad 98uj8.de hat sich gestern mehrmals selbstständig geöffnet

M-K-D-B · 06.08.2014, 15:20

Berichte mir bitte, ob du nach den folgenden Schritte immer noch Probleme mit "98uj8.de" hast. Wenn ja, in welchem Browser?

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
Tcpip\..\Interfaces\{06733ADE-BD3B-4581-BF2F-CFBABB54BC09}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{C02CAB3E-C922-4371-A1DD-E72CF76EF979}: [NameServer]208.69.150.252,208.69.150.250
Reboot:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

jrrrrr · 07.08.2014, 15:22

Hey,

also bisher hatte ich noch keine Probleme mit der besagten Website.

Hier sind die Logs:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by SMC (administrator) on ENZO on 06-08-2014 20:31:29
Running from C:\Users\SMC\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Spotify Ltd) C:\Users\SMC\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Windows\Windows.old\Program Files (x86)\Mozilla Firefox\firefox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-4258935142-1642581507-3000048300-1001\...\Run: [Spotify] => C:\Users\SMC\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-05] (Spotify Ltd)
HKU\S-1-5-21-4258935142-1642581507-3000048300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-4258935142-1642581507-3000048300-1001\...\Run: [Spotify Web Helper] => C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-05] (Spotify Ltd)
HKU\S-1-5-21-4258935142-1642581507-3000048300-1001\...\Run: [MKLOL] => C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [1227976 2014-06-06] (MK)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\SMC\AppData\Roaming\Mozilla\Firefox\Profiles\cqb5t4zu.default-1407084708848
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: NoScript - C:\Users\SMC\AppData\Roaming\Mozilla\Firefox\Profiles\cqb5t4zu.default-1407084708848\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-03]
FF Extension: Adblock Plus - C:\Users\SMC\AppData\Roaming\Mozilla\Firefox\Profiles\cqb5t4zu.default-1407084708848\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-03]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: ???????? - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: ???? - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: ??????? - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Ch?n qu?ng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-28]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-12]
CHR Extension: (Google Drive) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-12]
CHR Extension: (YouTube) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-12]
CHR Extension: (Adblock Plus) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-03]
CHR Extension: (Google-Suche) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-12]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-03-12]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-03-12]
CHR Extension: (Virtual Keyboard) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-12]
CHR Extension: (Google Wallet) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-12]
CHR Extension: (Google Mail) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-12]
CHR Extension: (Anti-Banner) - C:\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-03-12]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-02-21] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-06-04] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-09-24] (Advanced Micro Devices)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [23936 2014-02-03] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-28] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-28] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-28] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R1 PStrip64; C:\Windows\System32\drivers\pstrip64.sys [13008 2006-09-30] ()
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 22:45 - 2014-08-05 22:45 - 00001035 _____ () C:\Users\SMC\Desktop\ss.txt
2014-08-05 15:44 - 2014-08-05 15:44 - 00000076 _____ () C:\Users\SMC\Desktop\Kim Jaejoong – Healing for myself.url
2014-08-04 18:30 - 2014-08-04 18:30 - 00000633 _____ () C:\Users\SMC\Desktop\JRT.txt
2014-08-04 18:24 - 2014-08-04 18:24 - 01016261 _____ (Thisisu) C:\Users\SMC\Downloads\JRT_6.1.4.exe
2014-08-04 18:24 - 2014-08-04 18:24 - 00000000 ____D () C:\Windows\ERUNT
2014-08-03 18:51 - 2014-08-03 18:51 - 00000000 ____D () C:\Users\SMC\Desktop\Alte Firefox-Daten
2014-08-01 23:04 - 2014-08-01 23:04 - 00001037 _____ () C:\Users\SMC\Desktop\mbam.txt
2014-08-01 22:59 - 2014-08-01 22:59 - 00044988 _____ () C:\Users\SMC\Desktop\Shortcut.txt
2014-08-01 22:56 - 2014-08-01 22:47 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-01 22:48 - 2014-08-01 22:57 - 00009189 _____ () C:\zoek-results.log
2014-08-01 22:47 - 2014-08-01 22:55 - 00000000 ____D () C:\zoek_backup
2014-08-01 22:46 - 2014-08-01 22:46 - 01287168 _____ () C:\Users\SMC\Desktop\zoek.exe
2014-08-01 22:36 - 2014-08-04 18:15 - 00000000 ____D () C:\Users\SMC\Desktop\Neuer Ordner (2)
2014-08-01 22:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-01 22:33 - 2014-08-01 22:33 - 01361309 _____ () C:\Users\SMC\Desktop\adwcleaner_3.302.exe
2014-08-01 21:26 - 2014-08-01 21:26 - 00011861 _____ () C:\ComboFix.txt
2014-08-01 21:20 - 2014-08-01 21:18 - 05566482 ____R (Swearware) C:\Users\SMC\Desktop\ComboFix.exe
2014-08-01 21:20 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-01 21:20 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-01 21:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-01 21:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-01 21:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-01 21:20 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-08-01 21:20 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-01 21:20 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-01 21:20 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-01 21:19 - 2014-08-01 21:26 - 00000000 ____D () C:\Qoobox
2014-08-01 21:18 - 2014-08-01 21:25 - 00000000 ____D () C:\Windows\erdnt
2014-08-01 21:18 - 2014-08-01 21:18 - 05566482 ____R (Swearware) C:\Users\SMC\Downloads\ComboFix.exe
2014-08-01 15:44 - 2014-08-04 18:13 - 00029010 _____ () C:\Users\SMC\Desktop\Addition.txt
2014-08-01 15:39 - 2014-08-06 20:31 - 00017141 _____ () C:\Users\SMC\Desktop\FRST.txt
2014-08-01 02:56 - 2014-08-06 20:29 - 00143880 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 02:23 - 2014-08-01 02:23 - 00027575 _____ () C:\Users\SMC\Downloads\Addition.txt
2014-08-01 02:22 - 2014-08-06 20:31 - 00000000 ____D () C:\FRST
2014-08-01 02:22 - 2014-08-01 02:23 - 00047895 _____ () C:\Users\SMC\Downloads\FRST.txt
2014-08-01 02:22 - 2014-08-01 02:22 - 02094080 _____ (Farbar) C:\Users\SMC\Desktop\FRST64.exe
2014-08-01 02:08 - 2014-08-06 20:29 - 00000846 _____ () C:\Windows\setupact.log
2014-08-01 02:08 - 2014-08-01 22:57 - 00016242 _____ () C:\Windows\PFRO.log
2014-08-01 02:08 - 2014-08-01 02:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-01 02:00 - 2014-08-06 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 02:00 - 2014-08-01 02:00 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 02:00 - 2014-08-01 02:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 02:00 - 2014-08-01 02:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 02:00 - 2014-08-01 02:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 02:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 02:00 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 02:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 01:59 - 2014-08-01 01:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SMC\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-31 17:04 - 2014-07-31 17:04 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-31 17:04 - 2014-07-31 17:04 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-31 17:03 - 2014-07-31 17:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-31 17:03 - 2014-07-31 17:03 - 03738080 _____ (Piriform Ltd) C:\Users\SMC\Downloads\ccsetup416_slim.exe
2014-07-27 11:12 - 2014-07-27 11:12 - 00281248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-24 14:40 - 2014-07-24 14:40 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\mp3DirectCut
2014-07-24 14:39 - 2014-07-24 14:39 - 00308709 _____ () C:\Users\SMC\Downloads\mp3dc220 (1).exe
2014-07-24 14:39 - 2014-07-24 14:39 - 00001059 _____ () C:\Users\SMC\Desktop\mp3DirectCut.lnk
2014-07-24 14:39 - 2014-07-24 14:39 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-07-24 14:32 - 2014-07-24 14:32 - 00308709 _____ () C:\Users\SMC\Downloads\mp3DC220.exe
2014-07-22 15:12 - 2014-07-22 15:12 - 04179293 _____ (Lavalys, Inc. ) C:\Users\SMC\Downloads\everesthome220.exe
2014-07-21 18:33 - 2014-07-21 18:33 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-21 18:33 - 2014-07-21 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-20 18:35 - 2014-07-20 18:35 - 09318466 _____ () C:\Users\SMC\Downloads\IEM9_Shenzhen_Replaypack.zip
2014-07-16 12:32 - 2014-07-16 12:32 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 21:03 - 2014-07-15 21:03 - 00000211 _____ () C:\Users\SMC\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2014-07-15 21:03 - 2014-07-15 21:03 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-10 14:27 - 2014-07-10 14:27 - 00000210 _____ () C:\Users\SMC\Documents\Enzo.txt
2014-07-10 14:26 - 2014-07-10 14:26 - 00000012 _____ () C:\Users\SMC\Documents\Metin2 Items.txt
2014-07-09 15:15 - 2013-12-25 04:22 - 00000000 ____D () C:\Users\SMC\Desktop\Hardcore-RELOADED
2014-07-09 15:03 - 2014-07-09 15:13 - 1330512925 _____ () C:\Users\SMC\Downloads\Hardcore-RELOADED_24_01.rar
2014-07-09 13:22 - 2014-07-09 13:22 - 00000566 _____ () C:\Users\Public\Desktop\Sirius MT2.lnk
2014-07-09 13:22 - 2014-07-09 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2
2014-07-09 13:11 - 2014-07-09 13:11 - 00629760 _____ (SiriusMT2) C:\Users\SMC\Downloads\sirius.20.13.rev.win8.installer (1).exe
2014-07-09 13:10 - 2014-07-09 13:18 - 1543192939 _____ (Sirius MT2 ) C:\Users\SMC\Documents\sirius.20.13.rev.win8.client.exe
2014-07-09 13:10 - 2014-07-09 13:10 - 00629760 _____ (SiriusMT2) C:\Users\SMC\Downloads\sirius.20.13.rev.win8.installer.exe
2014-07-09 13:10 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:10 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:10 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 13:10 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 13:10 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:10 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:10 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 13:10 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 13:10 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 13:10 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:10 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 13:10 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 13:10 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 13:10 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 13:10 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 13:10 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 13:10 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 13:10 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 13:10 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 13:10 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 13:10 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 13:10 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 13:10 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 13:10 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:10 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:10 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:10 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 13:10 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 13:10 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 13:10 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 13:10 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:10 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 13:10 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 13:10 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 13:10 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 13:10 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 13:10 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 13:10 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 13:10 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 13:10 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 13:10 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 13:10 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 13:10 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 13:10 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-08 20:26 - 2013-09-09 19:20 - 00009216 _____ () C:\Users\SMC\Desktop\Debugger.exe
2014-07-08 20:18 - 2014-07-08 20:31 - 00000000 ____D () C:\Users\SMC\Desktop\Pandora2 Client
2014-07-08 19:58 - 2014-07-08 20:18 - 1015610130 _____ () C:\Users\SMC\Downloads\Pandora2.p23 (1).rar
2014-07-08 14:21 - 2014-07-08 14:21 - 00000000 ____D () C:\Users\SMC\Desktop\Dark-Mt2 2012
2014-07-08 14:20 - 2014-07-08 14:20 - 02029048 _____ () C:\Users\SMC\Downloads\winrar-x64-510d.exe
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\WinRAR
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-08 14:14 - 2014-07-08 14:19 - 1011932113 _____ () C:\Users\SMC\Downloads\Dark-Mt2 2012.rar
2014-07-08 14:01 - 2014-07-08 14:01 - 00690176 _____ () C:\Users\SMC\Downloads\protection.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-06 20:31 - 2014-08-01 15:39 - 00017141 _____ () C:\Users\SMC\Desktop\FRST.txt
2014-08-06 20:31 - 2014-08-01 02:22 - 00000000 ____D () C:\FRST
2014-08-06 20:31 - 2014-03-02 03:24 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Skype
2014-08-06 20:30 - 2014-03-02 02:08 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Spotify
2014-08-06 20:29 - 2014-08-01 02:56 - 00143880 _____ () C:\Windows\WindowsUpdate.log
2014-08-06 20:29 - 2014-08-01 02:08 - 00000846 _____ () C:\Windows\setupact.log
2014-08-06 20:29 - 2014-08-01 02:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-06 20:29 - 2014-03-28 16:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-06 20:29 - 2014-02-28 17:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-06 20:29 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 20:29 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-06 20:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-06 19:44 - 2014-03-28 16:21 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-06 16:15 - 2014-03-05 18:36 - 00000000 ____D () C:\Users\SMC\AppData\Local\PMB Files
2014-08-06 14:59 - 2014-03-02 02:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4258935142-1642581507-3000048300-1001
2014-08-06 05:21 - 2014-03-05 18:36 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-06 05:06 - 2014-03-07 17:09 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\TS3Client
2014-08-05 22:45 - 2014-08-05 22:45 - 00001035 _____ () C:\Users\SMC\Desktop\ss.txt
2014-08-05 15:44 - 2014-08-05 15:44 - 00000076 _____ () C:\Users\SMC\Desktop\Kim Jaejoong – Healing for myself.url
2014-08-04 18:32 - 2012-07-26 12:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-08-04 18:32 - 2012-07-26 12:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-08-04 18:32 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-04 18:30 - 2014-08-04 18:30 - 00000633 _____ () C:\Users\SMC\Desktop\JRT.txt
2014-08-04 18:24 - 2014-08-04 18:24 - 01016261 _____ (Thisisu) C:\Users\SMC\Downloads\JRT_6.1.4.exe
2014-08-04 18:24 - 2014-08-04 18:24 - 00000000 ____D () C:\Windows\ERUNT
2014-08-04 18:18 - 2013-09-01 01:53 - 00000000 ____D () C:\AdwCleaner
2014-08-04 18:15 - 2014-08-01 22:36 - 00000000 ____D () C:\Users\SMC\Desktop\Neuer Ordner (2)
2014-08-04 18:13 - 2014-08-01 15:44 - 00029010 _____ () C:\Users\SMC\Desktop\Addition.txt
2014-08-03 18:51 - 2014-08-03 18:51 - 00000000 ____D () C:\Users\SMC\Desktop\Alte Firefox-Daten
2014-08-03 16:30 - 2014-04-13 15:39 - 00000000 ____D () C:\Users\SMC\Steam
2014-08-03 15:31 - 2014-03-25 22:23 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-03 15:00 - 2014-07-03 22:34 - 00000000 ____D () C:\Users\SMC\Downloads\Gameforge Live
2014-08-01 23:38 - 2014-02-28 16:50 - 00000000 ____D () C:\Users\SMC
2014-08-01 23:04 - 2014-08-01 23:04 - 00001037 _____ () C:\Users\SMC\Desktop\mbam.txt
2014-08-01 22:59 - 2014-08-01 22:59 - 00044988 _____ () C:\Users\SMC\Desktop\Shortcut.txt
2014-08-01 22:57 - 2014-08-01 22:48 - 00009189 _____ () C:\zoek-results.log
2014-08-01 22:57 - 2014-08-01 02:08 - 00016242 _____ () C:\Windows\PFRO.log
2014-08-01 22:55 - 2014-08-01 22:47 - 00000000 ____D () C:\zoek_backup
2014-08-01 22:47 - 2014-08-01 22:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-01 22:46 - 2014-08-01 22:46 - 01287168 _____ () C:\Users\SMC\Desktop\zoek.exe
2014-08-01 22:36 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-01 22:33 - 2014-08-01 22:33 - 01361309 _____ () C:\Users\SMC\Desktop\adwcleaner_3.302.exe
2014-08-01 21:26 - 2014-08-01 21:26 - 00011861 _____ () C:\ComboFix.txt
2014-08-01 21:26 - 2014-08-01 21:19 - 00000000 ____D () C:\Qoobox
2014-08-01 21:26 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-08-01 21:25 - 2014-08-01 21:18 - 00000000 ____D () C:\Windows\erdnt
2014-08-01 21:25 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-08-01 21:18 - 2014-08-01 21:20 - 05566482 ____R (Swearware) C:\Users\SMC\Desktop\ComboFix.exe
2014-08-01 21:18 - 2014-08-01 21:18 - 05566482 ____R (Swearware) C:\Users\SMC\Downloads\ComboFix.exe
2014-08-01 02:25 - 2014-03-15 01:11 - 00000000 ____D () C:\Users\SMC\AppData\Local\Opera Software
2014-08-01 02:25 - 2014-03-15 01:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-01 02:24 - 2014-05-27 14:45 - 00000000 ____D () C:\Users\SMC\AppData\Local\PokerStars.EU
2014-08-01 02:24 - 2014-05-27 14:45 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-08-01 02:23 - 2014-08-01 02:23 - 00027575 _____ () C:\Users\SMC\Downloads\Addition.txt
2014-08-01 02:23 - 2014-08-01 02:22 - 00047895 _____ () C:\Users\SMC\Downloads\FRST.txt
2014-08-01 02:22 - 2014-08-01 02:22 - 02094080 _____ (Farbar) C:\Users\SMC\Desktop\FRST64.exe
2014-08-01 02:08 - 2014-08-01 02:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-01 02:00 - 2014-08-01 02:00 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 02:00 - 2014-08-01 02:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 02:00 - 2014-08-01 02:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 02:00 - 2014-08-01 02:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 01:59 - 2014-08-01 01:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SMC\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-31 17:05 - 2014-03-06 21:27 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 17:05 - 2014-02-28 16:43 - 00000000 ____D () C:\Windows\Panther
2014-07-31 17:04 - 2014-07-31 17:04 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-31 17:04 - 2014-07-31 17:04 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-31 17:04 - 2014-07-31 17:03 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-31 17:03 - 2014-07-31 17:03 - 03738080 _____ (Piriform Ltd) C:\Users\SMC\Downloads\ccsetup416_slim.exe
2014-07-31 03:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-30 13:10 - 2014-03-29 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-30 09:54 - 2013-04-10 13:23 - 00000000 ____D () C:\Users\SMC\Documents\StarCraft II
2014-07-30 09:35 - 2014-03-02 02:09 - 00000000 ____D () C:\Users\SMC\AppData\Local\Spotify
2014-07-27 11:12 - 2014-07-27 11:12 - 00281248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-24 14:40 - 2014-07-24 14:40 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\mp3DirectCut
2014-07-24 14:39 - 2014-07-24 14:39 - 00308709 _____ () C:\Users\SMC\Downloads\mp3dc220 (1).exe
2014-07-24 14:39 - 2014-07-24 14:39 - 00001059 _____ () C:\Users\SMC\Desktop\mp3DirectCut.lnk
2014-07-24 14:39 - 2014-07-24 14:39 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-07-24 14:32 - 2014-07-24 14:32 - 00308709 _____ () C:\Users\SMC\Downloads\mp3DC220.exe
2014-07-22 15:12 - 2014-07-22 15:12 - 04179293 _____ (Lavalys, Inc. ) C:\Users\SMC\Downloads\everesthome220.exe
2014-07-21 18:33 - 2014-07-21 18:33 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-21 18:33 - 2014-07-21 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-21 18:33 - 2014-04-21 21:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-21 18:33 - 2014-03-08 00:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-20 18:35 - 2014-07-20 18:35 - 09318466 _____ () C:\Users\SMC\Downloads\IEM9_Shenzhen_Replaypack.zip
2014-07-16 12:32 - 2014-07-16 12:32 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 21:03 - 2014-07-15 21:03 - 00000211 _____ () C:\Users\SMC\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2014-07-15 21:03 - 2014-07-15 21:03 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-15 01:03 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-12 07:50 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 07:50 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 07:50 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 07:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 03:02 - 2014-03-08 00:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-03-08 00:17 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-03-08 00:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-03-08 00:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 14:27 - 2014-07-10 14:27 - 00000210 _____ () C:\Users\SMC\Documents\Enzo.txt
2014-07-10 14:26 - 2014-07-10 14:26 - 00000012 _____ () C:\Users\SMC\Documents\Metin2 Items.txt
2014-07-10 13:18 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 13:17 - 2014-03-03 17:40 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 13:17 - 2014-03-03 17:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 13:17 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-09 15:13 - 2014-07-09 15:03 - 1330512925 _____ () C:\Users\SMC\Downloads\Hardcore-RELOADED_24_01.rar
2014-07-09 13:22 - 2014-07-09 13:22 - 00000566 _____ () C:\Users\Public\Desktop\Sirius MT2.lnk
2014-07-09 13:22 - 2014-07-09 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2
2014-07-09 13:18 - 2014-07-09 13:10 - 1543192939 _____ (Sirius MT2 ) C:\Users\SMC\Documents\sirius.20.13.rev.win8.client.exe
2014-07-09 13:11 - 2014-07-09 13:11 - 00629760 _____ (SiriusMT2) C:\Users\SMC\Downloads\sirius.20.13.rev.win8.installer (1).exe
2014-07-09 13:10 - 2014-07-09 13:10 - 00629760 _____ (SiriusMT2) C:\Users\SMC\Downloads\sirius.20.13.rev.win8.installer.exe
2014-07-08 20:31 - 2014-07-08 20:18 - 00000000 ____D () C:\Users\SMC\Desktop\Pandora2 Client
2014-07-08 20:18 - 2014-07-08 19:58 - 1015610130 _____ () C:\Users\SMC\Downloads\Pandora2.p23 (1).rar
2014-07-08 14:21 - 2014-07-08 14:21 - 00000000 ____D () C:\Users\SMC\Desktop\Dark-Mt2 2012
2014-07-08 14:20 - 2014-07-08 14:20 - 02029048 _____ () C:\Users\SMC\Downloads\winrar-x64-510d.exe
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\WinRAR
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-08 14:20 - 2014-07-08 14:20 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-08 14:19 - 2014-07-08 14:14 - 1011932113 _____ () C:\Users\SMC\Downloads\Dark-Mt2 2012.rar
2014-07-08 14:01 - 2014-07-08 14:01 - 00690176 _____ () C:\Users\SMC\Downloads\protection.dll
2014-07-07 21:35 - 2014-03-05 15:18 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-07-07 01:46 - 2014-06-21 09:57 - 00000000 ____D () C:\Users\SMC\AppData\Roaming\Apple Computer

Some content of TEMP:
====================
C:\Users\SMC\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 15:17

==================== End Of Log ============================

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by SMC at 2014-08-06 20:31:53
Running from C:\Users\SMC\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{9A37ADB3-3D8D-4EDF-8F6D-B8A66F18087B}) (Version: 5.0.10.2793 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MKLOL (HKCU\...\MKLOL) (Version:  - )
ModernRcon v0.8 (HKLM-x32\...\ModernRcon v0.8) (Version:  - )
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PowerStrip 3 (remove only) (HKLM-x32\...\PowerStrip 3 (remove only)) (Version:  - )
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

01-08-2014 00:55:14 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {252AA413-5CC8-4601-B015-0467E52DE5ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {3DA5B74C-69B8-4C99-B829-563C91686650} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {5B4E08BC-17E9-4339-B7F2-FCCA21A732FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-28] (Google Inc.)
Task: {65B0F6F9-5294-42AA-B5AB-918624A2A7BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-28] (Google Inc.)
Task: {8305B651-6154-4653-8BAD-FDF0AB551187} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C2A1CA5E-0B5F-4DC9-B9F4-9BB8F44A4BBA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-21 10:47 - 2014-02-21 10:47 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-02-21 10:47 - 2014-02-21 10:47 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-02-21 10:47 - 2014-02-21 10:47 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-02-21 10:47 - 2014-02-21 10:47 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-03-25 22:23 - 2014-06-04 21:04 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-02 02:09 - 2014-07-05 08:17 - 00601144 _____ () C:\Users\SMC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-03-02 02:09 - 2014-07-05 08:17 - 36966968 _____ () C:\Users\SMC\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-02 11:55 - 2014-07-05 08:17 - 00867896 _____ () C:\Users\SMC\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-03-02 02:09 - 2014-07-05 08:17 - 00886840 _____ () C:\Users\SMC\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-03-02 02:09 - 2014-07-05 08:17 - 00108600 _____ () C:\Users\SMC\AppData\Roaming\Spotify\Data\libegl.dll
2014-07-30 10:41 - 2014-07-30 10:41 - 03800688 _____ () C:\Windows\Windows.old\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/06/2014 02:55:06 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (54132) Versuch, Datei "C:\Users\SMC\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (08/05/2014 03:50:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.16.0.105 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fc4

Startzeit: 01cfb000eee1cd68

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: ceaa76c8-1c42-11e4-be92-d43d7e948b8d

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (08/05/2014 03:50:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (08/06/2014 02:55:06 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex54132C:\Users\SMC\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (08/05/2014 03:50:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.16.0.105fc401cfb000eee1cd684294967295C:\Program Files (x86)\Skype\Phone\Skype.execeaa76c8-1c42-11e4-be92-d43d7e948b8d


CodeIntegrity Errors:
===================================
  Date: 2014-07-22 15:13:19.498
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\SMC\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-22 15:13:19.452
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 8138.93 MB
Available physical RAM: 6038.43 MB
Total Pagefile: 9482.93 MB
Available Pagefile: 6819.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:55.77 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:931.17 GB) (Free:823.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: E26C42F5)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E38E2228)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FixLog:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 02
Ran by SMC at 2014-08-06 20:28:13 Run:1
Running from C:\Users\SMC\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
Tcpip\..\Interfaces\{06733ADE-BD3B-4581-BF2F-CFBABB54BC09}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{C02CAB3E-C922-4371-A1DD-E72CF76EF979}: [NameServer]208.69.150.252,208.69.150.250
Reboot:
end
         
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{06733ADE-BD3B-4581-BF2F-CFBABB54BC09}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C02CAB3E-C922-4371-A1DD-E72CF76EF979}\\NameServer => value deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====

MfG

M-K-D-B · 07.08.2014, 19:53

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 2
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei von ESET,
die Logdatei von SecurityCheck.

jrrrrr · 09.08.2014, 18:46

Hey,

hier sind die Logs.

Log Eset:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=db779c90eeac3c48a00d66779809df1b
# engine=19572
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-09 08:37:53
# local_time=2014-08-09 10:37:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 152642 39047895 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7280310 67079584 0 0
# scanned=539269
# found=11
# cleaned=0
# scan_time=4402
sh=499A2078CE3E027AAF3403A8AAB21707AAD41800 ft=0 fh=0000000000000000 vn="JS/OfferMosquito.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\SMC\AppData\Roaming\Mozilla\Firefox\Profiles\ah0thgjj.default\Extensions\om@offermosquito.com.xpi.vir"
sh=ADC8915D3F7D0CF9BD77C30CFF1B6295EDA818A9 ft=1 fh=5b9d1938e5cc2328 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Users\SMC\Documents\sirius.20.13.rev.win8.client.exe"
sh=D5499A01E72A4A809F1FC32258A067C5BC1809EC ft=1 fh=c5d432a21c4ebf13 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\SMC\Downloads\Call of Duty 4 Patch - CHIP-Installer.exe"
sh=93ED51EE99DF5AA8295AB679BBC41072656DFA38 ft=1 fh=c71c001112f2459e vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\SMC\Downloads\CoD4MW-1.6-1.7-PatchSetup_CB-DL-Manager.exe"
sh=834249C10A5499D770E6798981E4014A53A46FC6 ft=1 fh=fd3bb40d3bd78eb8 vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\SMC\Downloads\WinZip170_setup.exe"
sh=D8B5FBA0238440B59E166ADCAFB4D9B7C83F9BED ft=1 fh=8e95f06f0a537b3b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\SMC\Downloads\xfire_installer_46139(1).exe"
sh=D8B5FBA0238440B59E166ADCAFB4D9B7C83F9BED ft=1 fh=8e95f06f0a537b3b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\SMC\Downloads\xfire_installer_46139.exe"
sh=EABE9A2798F13E3A28D848DB4ABB58607E454425 ft=1 fh=c6b280c63d0ad705 vn="JS/OfferMosquito.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Windows.old\Users\SMC\AppData\Local\omesuperv.exe"
sh=6698E194E68D2F17655501AA408DC6D91D381041 ft=0 fh=0000000000000000 vn="JS/OfferMosquito.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Windows.old\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Windows.old\Users\SMC\AppData\Local\Temp\4aafRSfo.exe.part"
sh=9C91BBA2C95CB7E06544193721FE1A49C4E88B22 ft=1 fh=631750d281508a04 vn="Win32/Toolbar.Widgi.C evtl. unerwünschte Anwendung" ac=I fn="E:\Program Files (x86)\IObit\Driver Booster\Update\db_update0226.exe"
ESETSmartInstaller@High as downloader log:
all ok

Security-Check Log:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.86  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Java version out of Date! 
 Adobe Flash Player 	14.0.0.145  
 Mozilla Firefox (31.0) 
 Google Chrome 35.0.1916.153  
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

MfG

M-K-D-B · 10.08.2014, 09:54

Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
C:\Windows\Windows.old\Users\SMC\AppData\Local\omesuperv.exe
C:\Windows\Windows.old\Users\SMC\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito
C:\Users\SMC\Downloads\xfire_installer_*.exe
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Schritt 1
Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Schritt 2
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.

Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti-Viren-Programm und zusätzlicher Schutz

Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist! Ein kostenloses Anti-Viren Programm, das wir empfehlen, wäre z. B. Avast! Free Antivirus oder Microsoft Security Essentials.
MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt. Du kannst es zusätzlich zu deinem Anti-Viren Programm verwenden.
Update das Tool und lasse es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
AdwCleaner
Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwünschten Programmen (PUPs).
Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt von der Herstellerseite auf den Desktop herunterladen. Auch dieses Programm kann parallel zu deinem Anti-Viren Programm verwendet werden.
SpywareBlaster
Eine kurze Einführung findest du Hier

Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox

Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
NoScript
Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
AdblockPlus
Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
Es spart außerdem Downloadkapazität.

Performance

Halte dich fern von Registry Cleanern.
Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
Miekemoes Blogspot ( MVP )

Was du vermeiden solltest:

Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..).
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!

Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

jrrrrr · 11.08.2014, 23:30

So ich habe nun alles erledigt und ich danke dir vielmals für deine Hilfe!

MfG

M-K-D-B · 12.08.2014, 10:02

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

h**p://98uj8.de/s3brsn5ba66mgfzeinrum#ad 98uj8.de hat sich gestern mehrmals selbstständig geöffnet

Log-Analyse und Auswertung: h**p://98uj8.de/s3brsn5ba66mgfzeinrum#ad 98uj8.de hat sich gestern mehrmals selbstständig geöffnet