Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht

G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht


Plagegeister aller Art und deren Bekämpfung: G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.03.2015, 09:41   #1
Steffen 70
 
G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht - Standard

G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht


Hallo,

hier mal der Scan



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Steffen (administrator) on STEFFEN-PC on 31-03-2015 10:39:03
Running from C:\Users\Steffen\Downloads
Loaded Profiles: Steffen (Available profiles: Steffen & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
(AVM Berlin GmbH) C:\Program Files\avmwlanstick\FRITZWLANMini.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Akamai Technologies, Inc.) C:\Users\Steffen\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Steffen\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_239_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [323584 2006-04-20] (AVM Berlin GmbH)
HKLM\...\Run: [G Data ASM] => C:\Program Files\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files\g data\internetsecurity\avkkid\avkcks.exe,
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Steffen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_239_ActiveX.exe [855216 2014-12-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\...\MountPoints2: G - G:\pushinst.exe
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\...\MountPoints2: {27a82824-2466-11df-ad1a-003067031c7a} - G:\pushinst.exe
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\...\MountPoints2: {e245abf6-f955-11e3-ab17-003067031c7a} - F:\pushinst.exe
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3764681053-1311214435-963443542-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3764681053-1311214435-963443542-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {15A29993-9DCD-469B-8AB5-678C5F72FF3E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://tbsearch.ask.com/redirect?client=ie&tb=WBG&o=15132&src=crm&q={searchTerms}&locale=de_DE
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> {81CE708B-5104-4C62-B333-94B417473B29} URL = hxxp://go.mail.com/br/ie9_search_web/?su={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-11-23] (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-11-23] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-3764681053-1311214435-963443542-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\system32\npdeployJava1.dll [2012-11-23] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-11-23] (Sun Microsystems, Inc.)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3764681053-1311214435-963443542-1000: @autodesk.com/DWF -> C:\Program Files\Autodesk\Autodesk Design Review Browser Add-on v1.2\npADRdwf.dll [2011-01-24] (Autodesk)

Chrome: 
=======
CHR Profile: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-04]
CHR Extension: (Google Search) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-04]
CHR Extension: (avast! WebRep) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-04]
CHR Extension: (Gmail) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "98730404f2d3d842" service could not be unlocked. <===== ATTENTION

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] () [File not signed]
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [274304 2010-11-20] () [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] () [File not signed]
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [422976 2009-07-14] () [File not signed]
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [297552 2009-07-14] () [File not signed]
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [146512 2009-07-14] () [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] () [File not signed]
S3 agp440; C:\Windows\system32\drivers\agp440.sys [53312 2009-07-14] () [File not signed]
S3 aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [70720 2009-07-14] () [File not signed]
S3 aliide; C:\Windows\system32\drivers\aliide.sys [14400 2009-07-14] () [File not signed]
S3 amdagp; C:\Windows\system32\drivers\amdagp.sys [53312 2009-07-14] () [File not signed]
S3 amdide; C:\Windows\system32\drivers\amdide.sys [14912 2009-07-14] () [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-14] () [File not signed]
R3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [52736 2009-07-14] () [File not signed]
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [80256 2011-03-11] () [File not signed]
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [159312 2009-07-14] () [File not signed]
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2011-03-11] () [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] () [File not signed]
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [76368 2009-07-14] () [File not signed]
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [86608 2009-07-14] () [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] () [File not signed]
R0 atapi; C:\Windows\System32\drivers\atapi.sys [21584 2009-07-14] () [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4194816 2009-07-14] () [File not signed]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-14] () [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-14] () [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] () [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] () [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] () [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-14] () [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-14] () [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] () [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-14] () [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-14] () [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-14] () [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-14] () [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] () [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] () [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-14] () [File not signed]
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] () [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-14] () [File not signed]
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [15952 2009-07-14] () [File not signed]
R0 CNG; C:\Windows\System32\Drivers\cng.sys [369968 2015-01-15] () [File not signed]
S3 Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [19024 2009-07-14] () [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] () [File not signed]
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [22096 2009-07-14] () [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] () [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] () [File not signed]
R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [57424 2009-07-14] () [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] () [File not signed]
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [730048 2014-06-16] () [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-14] () [File not signed]
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] () [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] () [File not signed]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] () [File not signed]
R3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] () [File not signed]
R3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-14] () [File not signed]
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58448 2009-07-14] () [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] () [File not signed]
R3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-14] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [198208 2009-07-14] () [File not signed]
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [46160 2009-07-14] () [File not signed]
U0 Fs_Rec; C:\Windows\system32\Drivers\Fs_Rec.sys [19824 2012-03-01] () [File not signed]
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [196328 2013-01-24] () [File not signed]
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] () [File not signed]
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [57936 2009-07-14] () [File not signed]
S0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [44544 2015-03-27] (G Data Software AG)
S1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [101504 2015-03-27] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [56832 2015-03-27] (G Data Software AG)
S1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-27] (G Data Software AG)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-14] () [File not signed]
R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] () [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] () [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-14] () [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-14] () [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-14] () [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] () [File not signed]
S1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [50176 2015-03-27] (G Data Software AG)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [67152 2009-07-14] () [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] () [File not signed]
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14208 2010-11-20] () [File not signed]
S3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-14] () [File not signed]
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [332160 2011-03-11] () [File not signed]
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [41040 2009-07-14] () [File not signed]
S3 intelide; C:\Windows\system32\drivers\intelide.sys [15424 2009-07-14] () [File not signed]
S3 intelppm; C:\Windows\system32\DRIVERS\intelppm.sys [53760 2009-07-14] () [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] () [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] () [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] () [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] () [File not signed]
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [46656 2009-07-14] () [File not signed]
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [234432 2014-02-04] () [File not signed]
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [42576 2009-07-14] () [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] () [File not signed]
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [67520 2015-01-15] () [File not signed]
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [136640 2015-01-15] () [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] () [File not signed]
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [95824 2009-07-14] () [File not signed]
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [89168 2009-07-14] () [File not signed]
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [54864 2009-07-14] () [File not signed]
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [96848 2009-07-14] () [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-31] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [30800 2009-07-14] () [File not signed]
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [235584 2009-07-14] () [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] () [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] () [File not signed]
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [41552 2009-07-14] () [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] () [File not signed]
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [78208 2010-11-20] () [File not signed]
S3 mpio; C:\Windows\system32\drivers\mpio.sys [130432 2010-11-20] () [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] () [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [116224 2014-12-19] () [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] () [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] () [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] () [File not signed]
S3 msahci; C:\Windows\system32\drivers\msahci.sys [28032 2010-11-20] () [File not signed]
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [116096 2010-11-20] () [File not signed]
R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-14] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] () [File not signed]
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [13888 2009-07-14] () [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] () [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] () [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] () [File not signed]
S3 MsRPC; C:\Windows\system32\Drivers\MsRPC.sys [162896 2009-07-14] () [File not signed]
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [28240 2009-07-14] () [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] () [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-14] () [File not signed]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [49728 2009-07-14] () [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] () [File not signed]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [712048 2012-08-22] () [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] () [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] () [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] () [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] () [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] () [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] () [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] () [File not signed]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [44624 2009-07-14] () [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] () [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] () [File not signed]
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1212352 2014-01-24] ()
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] () [File not signed]
R3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x32.sys [347264 2009-07-14] () [File not signed]
S3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [8939296 2013-02-26] () [File not signed]
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [117120 2011-03-11] () [File not signed]
R3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [13312 2007-10-12] () [File not signed]
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [143744 2011-03-11] () [File not signed]
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [105024 2009-07-14] () [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] () [File not signed]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-14] () [File not signed]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [56176 2012-03-17] () [File not signed]
R2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-14] () [File not signed]
R0 pci; C:\Windows\System32\drivers\pci.sys [153984 2010-11-20] () [File not signed]
R0 pciide; C:\Windows\System32\drivers\pciide.sys [12368 2009-07-14] () [File not signed]
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [180288 2009-07-14] () [File not signed]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [43088 2009-07-14] () [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] () [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] () [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-14] () [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] () [File not signed]
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1383488 2009-07-14] () [File not signed]
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [106064 2009-07-14] () [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] () [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] () [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] () [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] () [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] () [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] () [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] () [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [18944 2009-07-14] () [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] () [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] () [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] () [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] () [File not signed]
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [173440 2010-11-20] () [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] () [File not signed]
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [85376 2010-11-20] () [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] () [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] () [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-14] () [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-14] () [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-14] () [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] () [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] () [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] () [File not signed]
S3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [13824 2009-07-14] () [File not signed]
S3 sisagp; C:\Windows\system32\drivers\sisagp.sys [52304 2009-07-14] () [File not signed]
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [40016 2009-07-14] () [File not signed]
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [77888 2009-07-14] () [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] () [File not signed]
R0 spldr; C:\Windows\system32\Drivers\spldr.sys [17472 2009-07-14] () [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] () [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] () [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] () [File not signed]
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [21072 2009-07-14] () [File not signed]
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12240 2009-07-14] () [File not signed]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1294272 2014-04-05] () [File not signed]
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1294272 2014-04-05] () [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] () [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] () [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] () [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2014-11-11] () [File not signed]
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [53120 2010-11-20] () [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] () [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] () [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] () [File not signed]
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [55888 2009-07-14] () [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] () [File not signed]
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [57424 2009-07-14] () [File not signed]
R3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] () [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-14] () [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] () [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] () [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] () [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] () [File not signed]
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [20480 2013-11-27] () [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] () [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [35840 2009-07-14] () [File not signed]
S3 usbser; C:\Windows\System32\DRIVERS\usbser.sys [28160 2013-08-29] () [File not signed]
S3 USBSTOR; C:\Windows\system32\drivers\USBSTOR.SYS [76288 2011-03-11] () [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-27] () [File not signed]
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-14] () [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] () [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] () [File not signed]
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [160128 2010-11-20] () [File not signed]
S3 viaagp; C:\Windows\system32\drivers\viaagp.sys [53328 2009-07-14] () [File not signed]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-14] () [File not signed]
S3 viaide; C:\Windows\system32\drivers\viaide.sys [16976 2009-07-14] () [File not signed]
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] () [File not signed]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-14] () [File not signed]
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] () [File not signed]
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [141904 2009-07-14] () [File not signed]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-14] () [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] () [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] () [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] () [File not signed]
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [19024 2009-07-14] () [File not signed]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [527064 2013-06-26] () [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] () [File not signed]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-14] () [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] () [File not signed]
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] () [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] () [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] () [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] () [File not signed]
U5 98730404f2d3d842; C:\Windows\System32\Drivers\98730404f2d3d842.sys [81408 2015-02-27] () <===== ATTENTION Necurs Rootkit?
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [25168 2009-07-14] () [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 13:28 - 2015-03-30 13:28 - 00027102 _____ () C:\Users\Steffen\Downloads\Addition.txt
2015-03-30 13:27 - 2015-03-30 13:27 - 00001106 _____ () C:\Users\Steffen\Desktop\FRST - Verknüpfung.lnk
2015-03-30 13:26 - 2015-03-31 10:39 - 00034526 _____ () C:\Users\Steffen\Downloads\FRST.txt
2015-03-30 13:26 - 2015-03-31 10:39 - 00000000 ____D () C:\FRST
2015-03-30 13:26 - 2015-03-30 13:26 - 01135104 _____ (Farbar) C:\Users\Steffen\Downloads\FRST.exe
2015-03-27 23:42 - 2015-03-27 23:45 - 00000050 _____ () C:\Windows\system32\bridf08b.dat
2015-03-27 23:41 - 2015-03-27 23:41 - 00000000 ____D () C:\ProgramData\Brother
2015-03-27 22:11 - 2015-03-27 22:11 - 311218386 _____ () C:\Windows\MEMORY.DMP
2015-03-27 22:11 - 2015-03-27 22:11 - 00143800 _____ () C:\Windows\Minidump\032715-18798-01.dmp
2015-03-27 21:00 - 2015-03-31 09:28 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 21:00 - 2015-03-27 21:10 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-03-27 21:00 - 2015-03-27 21:00 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-27 21:00 - 2015-03-27 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-27 21:00 - 2015-03-27 21:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 21:00 - 2015-03-17 07:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-27 21:00 - 2015-03-17 07:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-27 21:00 - 2015-03-17 07:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-27 20:57 - 2015-03-27 21:00 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Steffen\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-03-27 20:47 - 2015-03-31 09:27 - 00000728 _____ () C:\Windows\setupact.log
2015-03-27 20:47 - 2015-03-30 11:56 - 00012366 _____ () C:\Windows\PFRO.log
2015-03-27 20:47 - 2015-03-27 20:47 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-27 20:03 - 2015-03-27 22:36 - 00004306 _____ () C:\Windows\WindowsUpdate.log
2015-03-27 20:00 - 2015-03-27 20:00 - 00003520 _____ () C:\Users\Steffen\Documents\cc_20150327_190017.reg
2015-03-27 19:36 - 2015-03-27 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2015-03-27 19:28 - 2015-03-27 19:28 - 00002008 _____ () C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk
2015-03-27 19:25 - 2015-03-27 19:25 - 00056832 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-03-27 19:22 - 2015-03-27 19:22 - 00053248 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2015-03-27 19:21 - 2015-03-27 19:21 - 00101504 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-03-27 19:21 - 2015-03-27 19:21 - 00050176 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-03-27 19:21 - 2015-03-27 19:21 - 00044544 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-03-27 19:19 - 2015-03-27 19:19 - 00000000 ____D () C:\Program Files\Common Files\G Data
2015-03-27 18:38 - 2015-03-27 18:38 - 00001037 _____ () C:\Users\Public\Desktop\AntiBrowserSpy.lnk
2015-03-27 18:38 - 2015-03-27 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiBrowserSpy
2015-03-19 13:43 - 2015-03-19 13:43 - 00000000 ____D () C:\Users\Steffen\AppData\Local\Solid Concepts Inc
2015-03-19 13:42 - 2015-03-19 13:42 - 00002171 _____ () C:\Users\Public\Desktop\SolidView Lite 2014.lnk
2015-03-19 13:42 - 2015-03-19 13:42 - 00000000 ____D () C:\ProgramData\Solid Concepts Inc
2015-03-19 13:42 - 2015-03-19 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solid Concepts Inc
2015-03-19 13:42 - 2015-03-19 13:42 - 00000000 ____D () C:\Program Files\Solid Concepts Inc
2015-03-19 12:55 - 2015-03-19 13:41 - 163663800 _____ (Solid Concepts Inc) C:\Users\Steffen\Downloads\svlite_2014v0_x86.exe
2015-03-09 17:44 - 2015-03-09 17:48 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-09 17:35 - 2015-03-09 17:35 - 00057337 _____ () C:\Users\Steffen\Downloads\Drehteile (2).zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 09:27 - 2012-11-18 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-31 09:27 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-30 13:29 - 2009-07-14 06:34 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-30 13:29 - 2009-07-14 06:34 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-30 13:28 - 2010-02-28 14:47 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-29 16:42 - 2013-07-20 09:16 - 00000000 ____D () C:\Users\Steffen\AppData\Local\CrashDumps
2015-03-28 16:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-03-27 23:45 - 2013-03-08 13:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-27 23:45 - 2010-08-07 16:25 - 00000000 ____D () C:\Program Files\Brother
2015-03-27 23:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Globalization
2015-03-27 22:33 - 2014-07-22 18:17 - 00000000 ____D () C:\Users\Steffen\Downloads\Neuer Ordner
2015-03-27 22:18 - 2010-11-07 13:25 - 00498176 ___SH () C:\Users\Steffen\Documents\Thumbs.db
2015-03-27 22:11 - 2010-04-07 12:10 - 00000000 ____D () C:\Windows\Minidump
2015-03-27 21:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Web
2015-03-27 19:55 - 2014-05-08 19:09 - 00000000 ____D () C:\ProgramData\G Data
2015-03-27 19:55 - 2012-09-03 08:32 - 00000000 ____D () C:\Program Files\AntiBrowserSpy
2015-03-27 19:21 - 2014-05-08 20:11 - 00001558 _____ () C:\Users\Steffen\AppData\Roaming\gdscan.log
2015-03-27 19:19 - 2014-05-08 20:10 - 00000000 ____D () C:\Program Files\G Data
2015-03-27 18:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\spool
2015-03-27 18:34 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-03-27 18:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\winevt
2015-03-27 18:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\SMI
2015-03-27 18:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\MUI
2015-03-27 18:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\com
2015-03-27 18:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-03-27 18:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2015-03-09 22:23 - 2012-12-17 18:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-09 17:48 - 2015-01-20 13:28 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird.bak
2015-03-09 16:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache

==================== Files in the root of some directories =======

2012-05-23 17:35 - 2012-09-03 09:24 - 0000048 _____ () C:\Users\Steffen\AppData\Roaming\AcroIEHelpe.txt
2012-08-26 13:44 - 2012-09-03 10:06 - 0000017 _____ () C:\Users\Steffen\AppData\Roaming\blckdom.res
2014-05-08 20:11 - 2014-05-08 20:11 - 0000000 _____ () C:\Users\Steffen\AppData\Roaming\gdfw.log
2014-05-08 20:11 - 2015-03-27 19:21 - 0001558 _____ () C:\Users\Steffen\AppData\Roaming\gdscan.log
2012-05-23 17:35 - 2012-05-23 17:35 - 0000264 _____ () C:\Users\Steffen\AppData\Roaming\srvblck5.tmp
2014-10-20 17:22 - 2014-10-20 17:22 - 0004096 ____H () C:\Users\Steffen\AppData\Local\keyfile3.drm
2014-05-08 19:55 - 2014-09-13 15:31 - 0007597 _____ () C:\Users\Steffen\AppData\Local\Resmon.ResmonCfg
2012-09-03 08:55 - 2012-09-03 08:55 - 0017408 _____ () C:\Users\Steffen\AppData\Local\WebpageIcons.db
2012-08-11 11:10 - 2012-08-11 11:38 - 4503728 ____T () C:\ProgramData\00etadpu.pad
2013-12-19 17:18 - 2013-12-19 17:20 - 95025368 ____T () C:\ProgramData\8odwoemq.fee
2013-12-19 17:18 - 2013-12-19 17:18 - 0000000 _____ () C:\ProgramData\8odwoemq.odd
2013-10-29 12:00 - 2013-10-29 12:02 - 95025368 ____T () C:\ProgramData\8zwwlhrq.bxx
2013-10-29 12:00 - 2013-10-29 12:00 - 0000000 _____ () C:\ProgramData\8zwwlhrq.fvv
2013-10-30 13:48 - 2013-10-30 13:49 - 95025368 ____T () C:\ProgramData\9oj69hf.bxx
2013-10-30 13:48 - 2013-10-30 13:48 - 0000000 _____ () C:\ProgramData\9oj69hf.fvv
2012-06-15 10:17 - 2012-06-15 10:17 - 4503728 ____T () C:\ProgramData\c_0_lpt.pad
2012-08-20 12:29 - 2012-08-20 12:30 - 4503728 ____T () C:\ProgramData\ism_0_llatsni.pad
2013-10-28 13:51 - 2013-10-28 13:53 - 95025368 ____T () C:\ProgramData\lzjb8av.bxx
2013-10-28 13:51 - 2013-10-28 13:51 - 0000000 _____ () C:\ProgramData\lzjb8av.fvv
2012-09-03 08:22 - 2012-09-03 08:23 - 4503728 ____T () C:\ProgramData\nud0repor.pad
2012-08-06 11:13 - 2012-08-06 11:14 - 4503728 ____T () C:\ProgramData\rat_0ybba.pad
2012-01-03 18:00 - 2012-01-03 18:04 - 0000440 ____H () C:\ProgramData\UeBUrRTJiwSDHt
2012-07-24 17:39 - 2012-07-24 17:40 - 4503728 ____T () C:\ProgramData\z7_0ytr.pad
2012-01-03 18:09 - 2012-01-03 18:09 - 0000296 _____ () C:\ProgramData\~UeBUrRTJiwSDHt
2012-01-03 18:09 - 2012-01-03 18:09 - 0000200 _____ () C:\ProgramData\~UeBUrRTJiwSDHtr

ZeroAccess:
C:\Users\Steffen\AppData\Local\{b3143e40-0149-157c-ba8a-29adcc6cabbe}
C:\Users\Steffen\AppData\Local\{b3143e40-0149-157c-ba8a-29adcc6cabbe}\@
C:\Users\Steffen\AppData\Local\{b3143e40-0149-157c-ba8a-29adcc6cabbe}\L\00000004.@
C:\Users\Steffen\AppData\Local\{b3143e40-0149-157c-ba8a-29adcc6cabbe}\L\1afb2d56
C:\Users\Steffen\AppData\Local\{b3143e40-0149-157c-ba8a-29adcc6cabbe}\L\55490ac4

Files to move or delete:
====================
C:\ProgramData\00etadpu.pad
C:\ProgramData\8odwoemq.fee
C:\ProgramData\8odwoemq.odd
C:\ProgramData\8zwwlhrq.bxx
C:\ProgramData\8zwwlhrq.fvv
C:\ProgramData\9oj69hf.bxx
C:\ProgramData\9oj69hf.fvv
C:\ProgramData\c_0_lpt.pad
C:\ProgramData\ism_0_llatsni.pad
C:\ProgramData\lzjb8av.bxx
C:\ProgramData\lzjb8av.fvv
C:\ProgramData\nud0repor.pad
C:\ProgramData\rat_0ybba.pad
C:\ProgramData\z7_0ytr.pad


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys
[2012-10-20 11:09] - [2010-11-20 14:30] - 0245632 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\system32\Drivers\volsnap.sys No Company Name <===== ATTENTION!



LastRegBack: 2015-03-19 11:19

==================== End Of Log ============================
--- --- ---
Antwort

Themen zu G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht
angeblich, ausführen, blockiert, data, ellung, funktionier, funktioniert, funktioniert nicht, g data, installier, installiert, kurzem, link, mail, neuinstallierung, nicht mehr, ratlos, rechner, retten, rätsel, sperrt, starte, systemwiederherstellung, taskma, taskmanager


« Virus miditest exe oder memtest exe | Windows 8.1 Viele Fehler. Unerwünschte Werbung, Pop Up, System wird immer langsamer »


Ähnliche Themen: G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht


  1. Zertifikatfehler,Datum falsch,keine SystemWiederherstellung möglich,alle Programme blockieren,
    Log-Analyse und Auswertung - 12.11.2015 (11)
  2. Systemwiederherstellung nicht möglich
    Alles rund um Windows - 04.10.2015 (2)
  3. Avira antivir guard lässt sich nicht aktivieren / keine Systemwiederherstellung möglich
    Antiviren-, Firewall- und andere Schutzprogramme - 24.09.2014 (25)
  4. Keine Downloads Internet möglich, Office 2013 funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (41)
  5. BKA Trojaner (Firefox) - noch funktioniert alles, keine Systemwh. möglich
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (7)
  6. GVU Trojaner - Systemwiederherstellung funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (3)
  7. BKA-Virus: Kein Internet, kein abgesicherter Modus, keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (40)
  8. Ukash Trojaner vom 07.06.2012 - Keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 15.06.2012 (7)
  9. Trojaner aus Emailanhang, keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 23.05.2012 (5)
  10. Bka Trojaner keine systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 10.08.2011 (5)
  11. Systemwiederherstellung XP funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (2)
  12. Windows kann nicht gestartet werden - keine Systemwiederherstellung möglich
    Alles rund um Windows - 26.03.2011 (5)
  13. Hilft mir bitte, kein Desktop mehr auch keine Systemwiederherstellung möglich >.<
    Log-Analyse und Auswertung - 29.10.2009 (1)
  14. keine Netzwerkverbindung,Systemwiederherstellung mehr möglich!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2009 (8)
  15. keine installations-cd, systemwiederherstellung nicht möglich
    Alles rund um Windows - 08.01.2008 (5)
  16. Systemwiederherstellung funktioniert nicht
    Alles rund um Windows - 17.01.2006 (3)
  17. systemwiederherstellung funktioniert/geht nicht
    Alles rund um Windows - 29.12.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht - Hallo, hier mal der Scan FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Steffen (administrator) on STEFFEN-PC on - G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht...
Archiv
Du betrachtest: G data blockiert , keine Systemwiederherstellung möglich , Taskmanager funktioniert nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131