Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   IE & Firefox öffnen eigenständig Seiten http://serve.bannersdontwork.com etc. (https://www.trojaner-board.de/136155-ie-firefox-oeffnen-eigenstaendig-seiten-http-serve-bannersdontwork-com-etc.html)

schrauber 09.06.2013 13:06
Noch nicht, wir versuchen noch was :)

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

pulloverscha 09.06.2013 13:22
Hier die Logs:

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2013
Ran by Eddy (administrator) on 09-06-2013 14:16:46
Running from C:\Users\Eddy\Desktop
Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\ORICOHWRaidManager\XSrvSetup.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Silicon Integrated Systems Corporation) C:\Windows\System32\sistray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent [x]
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"  /MINIMIZED [882520 2013-05-12] (BitTorrent Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
Startup: C:\ProgramData\Start Menu\Programs\Startup\Utility Tray.lnk
ShortcutTarget: Utility Tray.lnk -> C:\Windows\System32\sistray.exe (Silicon Integrated Systems Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 11 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 12 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 13 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 14 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 15 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 16 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 17 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 18 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 19 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 20 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 21 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 22 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 23 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 24 mswsock.dll [20992] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\3aybu4hd.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\3aybu4hd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ORICOHWRaidManager; C:\Program Files\ORICOHWRaidManager\XSrvSetup.exe [69632 2011-05-12] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 SiS315; C:\Windows\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R1 SiSkp; C:\Windows\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-09 14:16 - 2013-06-09 14:16 - 00000000 ____D C:\FRST
2013-06-09 14:15 - 2013-06-09 14:15 - 01358673 ____A (Farbar) C:\Users\Eddy\Desktop\FRST.exe
2013-06-09 14:13 - 2013-06-09 14:14 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-09 14:13 - 2013-06-09 14:14 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-09 14:13 - 2013-06-09 14:14 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 14:07 - 2013-06-09 14:07 - 00903072 ____A (Oracle Corporation) C:\Users\Eddy\Desktop\jxpiinstall.exe
2013-06-09 14:06 - 2013-06-09 14:06 - 07872648 ____A (Adobe Systems Inc.) C:\Users\Eddy\Desktop\Shockwave_Installer_Slim.exe
2013-06-09 13:07 - 2013-06-09 13:07 - 00648201 ____A C:\Users\Eddy\Desktop\adwcleaner.exe
2013-06-09 13:02 - 2013-06-09 13:02 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-06-08 19:18 - 2013-06-08 19:18 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Mozilla
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-08 19:17 - 2013-06-08 19:17 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-08 19:16 - 2013-06-08 19:17 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-08 19:16 - 2013-06-08 19:17 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 19:16 - 2013-06-08 19:16 - 00000000 ____D C:\Program Files\iPod
2013-06-08 18:58 - 2013-06-08 21:18 - 00002038 ____A C:\Windows\PFRO.log
2013-06-08 14:50 - 2013-06-08 14:50 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-08 14:49 - 2013-06-08 19:34 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-06-08 11:05 - 2013-06-08 11:05 - 00890839 ____A C:\Users\Eddy\Desktop\SecurityCheck.exe
2013-06-07 06:33 - 2013-06-07 06:33 - 00179968 ____A (Kaspersky Lab) C:\Users\Eddy\Downloads\kss12.0.1.117mlg_en_ru_fr_de.exe
2013-06-06 17:32 - 2013-06-06 17:32 - 00000000 ____D C:\_OTL
2013-06-06 17:23 - 2013-06-06 17:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-06 17:22 - 2013-06-09 10:41 - 00000000 ____D C:\JRT
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Downloads\SystemLook.exe
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Desktop\SystemLook.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Downloads\esetsmartinstaller_enu.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Desktop\esetsmartinstaller_enu.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Downloads\OTL.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Desktop\OTL.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Downloads\JRT.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Desktop\JRT.exe
2013-06-05 19:11 - 2013-06-05 19:11 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\InfraRecorder
2013-06-04 16:48 - 2013-06-09 12:59 - 00001952 ____A C:\Windows\WindowsUpdate.log
2013-06-04 16:31 - 2013-06-09 13:14 - 00002658 ____A C:\Windows\setupact.log
2013-06-04 16:31 - 2013-06-04 16:31 - 00000000 ____A C:\Windows\setuperr.log
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\MSDOS.SYS
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\IO.SYS
2013-06-02 20:05 - 2013-06-02 20:05 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-02 20:05 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-30 17:00 - 2013-05-30 17:00 - 00000000 ____D C:\Program Files\x264 Video Codec
2013-05-19 16:04 - 2013-05-19 16:11 - 00000933 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2013-05-19 16:03 - 2013-05-19 16:11 - 00000000 ____D C:\Users\Eddy\Desktop\iphone4
2013-05-18 12:47 - 2013-06-09 13:38 - 00000000 ____D C:\Users\Eddy\Downloads\TomTom Europa v1.14
2013-05-17 20:18 - 2013-06-08 19:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-17 16:57 - 2012-08-21 13:01 - 00026840 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-05-13 07:07 - 2013-06-09 13:07 - 00000000 ____D C:\Users\Eddy\Downloads\Bud Spencer & Terence Hill

==================== One Month Modified Files and Folders ========

2013-06-09 14:16 - 2013-06-09 14:16 - 00000000 ____D C:\FRST
2013-06-09 14:15 - 2013-06-09 14:15 - 01358673 ____A (Farbar) C:\Users\Eddy\Desktop\FRST.exe
2013-06-09 14:14 - 2013-06-09 14:13 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-09 14:14 - 2013-06-09 14:13 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-09 14:14 - 2013-06-09 14:13 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 14:07 - 2013-06-09 14:07 - 00903072 ____A (Oracle Corporation) C:\Users\Eddy\Desktop\jxpiinstall.exe
2013-06-09 14:06 - 2013-06-09 14:06 - 07872648 ____A (Adobe Systems Inc.) C:\Users\Eddy\Desktop\Shockwave_Installer_Slim.exe
2013-06-09 14:02 - 2012-08-08 16:17 - 00000000 ____D C:\users\Eddy
2013-06-09 13:51 - 2009-07-14 06:34 - 00018000 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-09 13:51 - 2009-07-14 06:34 - 00018000 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-09 13:48 - 2013-03-26 18:38 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-09 13:38 - 2013-05-18 12:47 - 00000000 ____D C:\Users\Eddy\Downloads\TomTom Europa v1.14
2013-06-09 13:37 - 2013-02-27 18:20 - 00337408 __ASH C:\Users\Eddy\Downloads\Thumbs.db
2013-06-09 13:15 - 2012-12-28 19:24 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\BitTorrent
2013-06-09 13:14 - 2013-06-04 16:31 - 00002658 ____A C:\Windows\setupact.log
2013-06-09 13:14 - 2013-03-26 18:38 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-09 13:14 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-09 13:07 - 2013-06-09 13:07 - 00648201 ____A C:\Users\Eddy\Desktop\adwcleaner.exe
2013-06-09 13:07 - 2013-05-13 07:07 - 00000000 ____D C:\Users\Eddy\Downloads\Bud Spencer & Terence Hill
2013-06-09 13:02 - 2013-06-09 13:02 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-06-09 12:59 - 2013-06-04 16:48 - 00001952 ____A C:\Windows\WindowsUpdate.log
2013-06-09 12:57 - 2013-03-26 18:37 - 00000000 ____D C:\Program Files\Google
2013-06-09 12:30 - 2012-08-08 16:17 - 01620910 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-09 10:41 - 2013-06-06 17:22 - 00000000 ____D C:\JRT
2013-06-08 21:18 - 2013-06-08 18:58 - 00002038 ____A C:\Windows\PFRO.log
2013-06-08 19:34 - 2013-06-08 14:49 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-06-08 19:18 - 2013-06-08 19:18 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Mozilla
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-08 19:18 - 2013-05-17 20:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-08 19:17 - 2013-06-08 19:17 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-08 19:17 - 2013-06-08 19:16 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-08 19:17 - 2013-06-08 19:16 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 19:16 - 2013-06-08 19:16 - 00000000 ____D C:\Program Files\iPod
2013-06-08 19:16 - 2013-02-08 22:19 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-08 14:59 - 2012-08-08 18:15 - 00000000 ____D C:\Users\Eddy\Desktop\Homepage Tools
2013-06-08 14:50 - 2013-06-08 14:50 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-08 14:43 - 2012-08-09 09:41 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\ProtectDisc
2013-06-08 11:05 - 2013-06-08 11:05 - 00890839 ____A C:\Users\Eddy\Desktop\SecurityCheck.exe
2013-06-07 06:33 - 2013-06-07 06:33 - 00179968 ____A (Kaspersky Lab) C:\Users\Eddy\Downloads\kss12.0.1.117mlg_en_ru_fr_de.exe
2013-06-06 17:32 - 2013-06-06 17:32 - 00000000 ____D C:\_OTL
2013-06-06 17:23 - 2013-06-06 17:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Downloads\SystemLook.exe
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Desktop\SystemLook.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Downloads\esetsmartinstaller_enu.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Desktop\esetsmartinstaller_enu.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Downloads\OTL.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Desktop\OTL.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Downloads\JRT.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Desktop\JRT.exe
2013-06-05 19:11 - 2013-06-05 19:11 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\InfraRecorder
2013-06-04 16:31 - 2013-06-04 16:31 - 00000000 ____A C:\Windows\setuperr.log
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\MSDOS.SYS
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\IO.SYS
2013-06-04 06:58 - 2012-08-08 19:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-03 06:51 - 2012-12-05 07:53 - 00000000 ____D C:\Users\Eddy\Desktop\Neuer Ordner (4)
2013-06-03 06:48 - 2009-07-14 10:56 - 00000000 ____D C:\Windows\ShellNew
2013-06-03 06:47 - 2012-12-02 21:06 - 00000000 ____D C:\Users\Eddy\AppData\Local\SENukeX
2013-06-03 06:47 - 2012-11-18 19:15 - 00000000 ____D C:\Users\Eddy\Desktop\E-Mail
2013-06-02 20:05 - 2013-06-02 20:05 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-02 19:58 - 2012-08-08 19:21 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\FileZilla
2013-06-02 13:34 - 2012-08-09 09:40 - 00000000 ____D C:\Program Files\Common Files\DATA BECKER Shared
2013-06-02 13:17 - 2013-03-23 18:06 - 00000000 ____D C:\Users\Eddy\AppData\Local\Google
2013-06-02 13:04 - 2013-04-20 13:05 - 00000000 ____D C:\Windows\System64
2013-06-02 13:04 - 2009-07-14 04:37 - 00000000 ___RD C:\users\Public
2013-06-02 13:03 - 2013-03-30 21:06 - 00000000 ____D C:\Program Files\Pin Blaster
2013-06-02 13:03 - 2012-10-17 17:13 - 00000000 ____D C:\Program Files\SEO PowerSuite
2013-06-02 13:01 - 2012-10-21 21:56 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-02 13:01 - 2012-10-21 21:25 - 00000000 ____D C:\Program Files\BacklinkProfitMonster
2013-05-30 17:00 - 2013-05-30 17:00 - 00000000 ____D C:\Program Files\x264 Video Codec
2013-05-23 10:49 - 2012-12-28 19:24 - 00000000 ____D C:\Program Files\BitTorrent
2013-05-19 16:11 - 2013-05-19 16:04 - 00000933 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2013-05-19 16:11 - 2013-05-19 16:03 - 00000000 ____D C:\Users\Eddy\Desktop\iphone4
2013-05-18 12:19 - 2013-04-12 05:16 - 00000000 ____D C:\Program Files\Mozilla Firefox.bak
2013-05-15 17:45 - 2012-08-08 19:04 - 00000969 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-05-15 17:45 - 2012-08-08 19:04 - 00000000 ____D C:\Program Files\CCleaner
2013-05-12 21:15 - 2012-08-08 19:22 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\TweetAdder3
2013-05-11 18:52 - 2012-08-08 19:01 - 00000000 ____D C:\ProgramData\Adobe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-06-03 00:26

==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-06-2013
Ran by Eddy at 2013-06-09 14:17:11 Run:
Running from C:\Users\Eddy\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.3640)
Backlink Cloner (Version: 1.0.0.53)
BitTorrent (Version: 7.7.2.28499)
Blog Blaster
Brother MFL-Pro Suite MFC-7420 (Version: 1.0.1.0)
CCleaner (Version: 4.01)
DATA BECKER Rechnungsdruckerei 2012
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Feed Blaster
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Google Update Helper (Version: 1.3.21.145)
HDClone 4.1 Free Edition
iCloud (Version: 2.1.1.3)
IMAPSize 0.3.7
iNSTANT BOOSTER
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 11.0.4.4)
Kobo (Version: 3.1.5)
MacroSoft Email Spider Full (Version: 1.0.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mega Robot Bomber (Version: 1.0.41)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
No Hands SEO
Notepad++ (Version: 6.1.6)
ORICO HW RAID Manager (Version: 0.09.43)
PDF Architect (Version: 1.0.41.8362)
PDFCreator (Version: 1.6.0)
Realtek AC'97 Audio
SiS VGA Utilities
SiSAGP driver (Version: 1.22)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
TuneUp Utilities Language Pack (en-US) (Version: 13.0.2013.194)
Tweet Adder 3 (Version: 3.0.51)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update or Uninstall SENukeX (Version: 3.0.0.13)
Video Marketing Blaster (Version: 1.25)
Wiki Bomber (Version: 1.0.7.17)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

04-06-2013 14:53:50 Wiederherstellungsvorgang
08-06-2013 12:33:44 Removed Apple Application Support
08-06-2013 12:49:39 Installed SpyHunter
08-06-2013 17:33:11 Removed SpyHunter
08-06-2013 17:34:57 Installed SpyHunter
09-06-2013 10:44:13 Wiederherstellungsvorgang
09-06-2013 11:01:04 Removed SpyHunter
09-06-2013 12:09:10 Removed Microsoft Silverlight
09-06-2013 12:10:06 Removed Java 7 Update 21
09-06-2013 12:11:15 Removed Bonjour

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2013 02:08:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc
Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c9789
ID des fehlerhaften Prozesses: 0xaf8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (06/09/2013 00:58:22 PM) (Source: System Restore) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Windows-Sicherung).

Error: (06/09/2013 00:38:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/09/2013 00:36:12 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2013 00:00:10 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (06/08/2013 09:19:23 PM) (Source: System Restore) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Removed Apple Application Support).

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/09/2013 01:15:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891

Error: (06/09/2013 01:15:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891

Error: (06/09/2013 01:14:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060

Error: (06/09/2013 01:14:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SBSD Security Center Service" ist von folgendem Dienst abhängig: wscsvc. Dieser Dienst ist eventuell nicht installiert.

Error: (06/09/2013 01:14:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (06/09/2013 01:14:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (06/09/2013 00:58:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891

Error: (06/09/2013 00:58:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891

Error: (06/09/2013 00:57:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060

Error: (06/09/2013 00:57:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SBSD Security Center Service" ist von folgendem Dienst abhängig: wscsvc. Dieser Dienst ist eventuell nicht installiert.


Microsoft Office Sessions:
=========================
Error: (06/09/2013 02:08:11 PM) (Source: Application Error)(User: )
Description: firefox.exe21.0.0.4879518ec3ccxul.dll21.0.0.4879518ec306c0000005001c9789af801ce650453db7bc1C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll406897e2-d0fd-11e2-b5e0-00301b42b4cf

Error: (06/09/2013 00:58:22 PM) (Source: System Restore)(User: )
Description: Windows-Sicherung

Error: (06/09/2013 00:38:07 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (06/09/2013 00:36:12 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Kobo\drivers\dpinst64.exe

Error: (06/09/2013 00:00:10 AM) (Source: Windows Backup)(User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (06/08/2013 09:19:23 PM) (Source: System Restore)(User: )
Description: Removed Apple Application Support

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll

Error: (06/08/2013 07:12:56 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll


==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 1983.55 MB
Available physical RAM: 537.58 MB
Total Pagefile: 3967.11 MB
Available Pagefile: 2424.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:103.66 GB) NTFS
Drive e: (Reparaturdatenträger Windows 7 3) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
Drive f: (Volume) (Fixed) (Total:1863.01 GB) (Free:1479.06 GB) NTFS
Drive g: (Volume) (Fixed) (Total:1863.01 GB) (Free:1862.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: EAB9EAB9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 45181EE6)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 444C544E)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 09.06.2013 15:12
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
HKLM\...\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent [x]
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKCU\...\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"  /MINIMIZED [882520 2013-05-12] (BitTorrent Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FF Extension: No Name - C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\3aybu4hd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2013-06-09 13:02 - 2013-06-09 13:02 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Und ein frisches FRST Log bitte.

pulloverscha 09.06.2013 16:16
Istschon fertig hier der Fixlog und ein neues FRst log

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-06-2013
Ran by Eddy at 2013-06-09 17:03:44 Run:1
Running from C:\Users\Eddy\Desktop
Boot Mode: Normal

==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SiSPower => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoundMan => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => Value deleted successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\3aybu4hd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => Moved successfully.
C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\de-DE" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.

==== End of Fixlog ====
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2013
Ran by Eddy (administrator) on 09-06-2013 17:10:36
Running from C:\Users\Eddy\Desktop
Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\ORICOHWRaidManager\XSrvSetup.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Silicon Integrated Systems Corporation) C:\Windows\System32\sistray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Utility Tray.lnk
ShortcutTarget: Utility Tray.lnk -> C:\Windows\System32\sistray.exe (Silicon Integrated Systems Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
Winsock: Catalog5 05 %SystemRoot%\System32\mswsock.dll [232448] ()
Winsock: Catalog9 01 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 11 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 12 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 13 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 14 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 15 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 16 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 17 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 18 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 19 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 20 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 21 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 22 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 23 mswsock.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 24 mswsock.dll [20992] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\3aybu4hd.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ORICOHWRaidManager; C:\Program Files\ORICOHWRaidManager\XSrvSetup.exe [69632 2011-05-12] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 SiS315; C:\Windows\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R1 SiSkp; C:\Windows\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-09 14:39 - 2013-06-09 14:39 - 00001151 ____A C:\Users\Eddy\Desktop\Outlook Backup Assistant.lnk
2013-06-09 14:39 - 2013-06-09 14:39 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Priotecs
2013-06-09 14:39 - 2013-06-09 14:39 - 00000000 ____D C:\Program Files\Outlook Backup Assistant
2013-06-09 14:38 - 2013-06-09 14:38 - 02800249 ____A C:\Users\Eddy\Desktop\Outlook Backup Assistant 7.1.0.zip
2013-06-09 14:17 - 2013-06-09 14:17 - 00015924 ____A C:\Users\Eddy\Desktop\Addition.txt
2013-06-09 14:16 - 2013-06-09 17:03 - 00000000 ____D C:\FRST
2013-06-09 14:15 - 2013-06-09 14:15 - 01358673 ____A (Farbar) C:\Users\Eddy\Desktop\FRST.exe
2013-06-09 14:13 - 2013-06-09 16:30 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 14:13 - 2013-06-09 14:14 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-09 14:13 - 2013-06-09 14:14 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-09 13:07 - 2013-06-09 13:07 - 00648201 ____A C:\Users\Eddy\Desktop\adwcleaner.exe
2013-06-08 19:18 - 2013-06-08 19:18 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Mozilla
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-08 19:17 - 2013-06-08 19:17 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-08 19:16 - 2013-06-08 19:17 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-08 19:16 - 2013-06-08 19:17 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 19:16 - 2013-06-08 19:16 - 00000000 ____D C:\Program Files\iPod
2013-06-08 18:58 - 2013-06-08 21:18 - 00002038 ____A C:\Windows\PFRO.log
2013-06-08 14:50 - 2013-06-08 14:50 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-08 14:49 - 2013-06-08 19:34 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-06-08 11:05 - 2013-06-08 11:05 - 00890839 ____A C:\Users\Eddy\Desktop\SecurityCheck.exe
2013-06-07 06:33 - 2013-06-07 06:33 - 00179968 ____A (Kaspersky Lab) C:\Users\Eddy\Downloads\kss12.0.1.117mlg_en_ru_fr_de.exe
2013-06-06 17:32 - 2013-06-06 17:32 - 00000000 ____D C:\_OTL
2013-06-06 17:23 - 2013-06-06 17:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-06 17:22 - 2013-06-09 10:41 - 00000000 ____D C:\JRT
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Downloads\SystemLook.exe
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Desktop\SystemLook.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Downloads\esetsmartinstaller_enu.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Desktop\esetsmartinstaller_enu.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Downloads\OTL.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Desktop\OTL.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Downloads\JRT.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Desktop\JRT.exe
2013-06-05 19:11 - 2013-06-05 19:11 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\InfraRecorder
2013-06-04 16:48 - 2013-06-09 12:59 - 00001952 ____A C:\Windows\WindowsUpdate.log
2013-06-04 16:31 - 2013-06-09 13:14 - 00002658 ____A C:\Windows\setupact.log
2013-06-04 16:31 - 2013-06-04 16:31 - 00000000 ____A C:\Windows\setuperr.log
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\MSDOS.SYS
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\IO.SYS
2013-06-02 20:05 - 2013-06-02 20:05 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-02 20:05 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-30 17:00 - 2013-05-30 17:00 - 00000000 ____D C:\Program Files\x264 Video Codec
2013-05-19 16:04 - 2013-05-19 16:11 - 00000933 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2013-05-19 16:03 - 2013-05-19 16:11 - 00000000 ____D C:\Users\Eddy\Desktop\iphone4
2013-05-18 12:47 - 2013-06-09 13:38 - 00000000 ____D C:\Users\Eddy\Downloads\TomTom Europa v1.14
2013-05-17 20:18 - 2013-06-08 19:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-17 16:57 - 2012-08-21 13:01 - 00026840 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-05-13 07:07 - 2013-06-09 13:07 - 00000000 ____D C:\Users\Eddy\Downloads\Bud Spencer & Terence Hill

==================== One Month Modified Files and Folders ========

2013-06-09 17:03 - 2013-06-09 14:16 - 00000000 ____D C:\FRST
2013-06-09 16:48 - 2013-03-26 18:38 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-09 16:30 - 2013-06-09 14:13 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 14:47 - 2013-02-21 07:28 - 00000000 ____D C:\Users\Eddy\Desktop\Sicherung Domains
2013-06-09 14:40 - 2012-11-17 17:58 - 00000000 ____D C:\Users\Eddy\Desktop\Outlook Mails sichern
2013-06-09 14:39 - 2013-06-09 14:39 - 00001151 ____A C:\Users\Eddy\Desktop\Outlook Backup Assistant.lnk
2013-06-09 14:39 - 2013-06-09 14:39 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Priotecs
2013-06-09 14:39 - 2013-06-09 14:39 - 00000000 ____D C:\Program Files\Outlook Backup Assistant
2013-06-09 14:38 - 2013-06-09 14:38 - 02800249 ____A C:\Users\Eddy\Desktop\Outlook Backup Assistant 7.1.0.zip
2013-06-09 14:21 - 2009-07-14 06:34 - 00018000 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-09 14:21 - 2009-07-14 06:34 - 00018000 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-09 14:17 - 2013-06-09 14:17 - 00015924 ____A C:\Users\Eddy\Desktop\Addition.txt
2013-06-09 14:15 - 2013-06-09 14:15 - 01358673 ____A (Farbar) C:\Users\Eddy\Desktop\FRST.exe
2013-06-09 14:14 - 2013-06-09 14:13 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-09 14:14 - 2013-06-09 14:13 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-09 14:02 - 2012-08-08 16:17 - 00000000 ____D C:\users\Eddy
2013-06-09 13:38 - 2013-05-18 12:47 - 00000000 ____D C:\Users\Eddy\Downloads\TomTom Europa v1.14
2013-06-09 13:37 - 2013-02-27 18:20 - 00337408 __ASH C:\Users\Eddy\Downloads\Thumbs.db
2013-06-09 13:15 - 2012-12-28 19:24 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\BitTorrent
2013-06-09 13:14 - 2013-06-04 16:31 - 00002658 ____A C:\Windows\setupact.log
2013-06-09 13:14 - 2013-03-26 18:38 - 00001090 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-09 13:14 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-09 13:07 - 2013-06-09 13:07 - 00648201 ____A C:\Users\Eddy\Desktop\adwcleaner.exe
2013-06-09 13:07 - 2013-05-13 07:07 - 00000000 ____D C:\Users\Eddy\Downloads\Bud Spencer & Terence Hill
2013-06-09 12:59 - 2013-06-04 16:48 - 00001952 ____A C:\Windows\WindowsUpdate.log
2013-06-09 12:57 - 2013-03-26 18:37 - 00000000 ____D C:\Program Files\Google
2013-06-09 12:30 - 2012-08-08 16:17 - 01620910 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-09 10:41 - 2013-06-06 17:22 - 00000000 ____D C:\JRT
2013-06-08 21:18 - 2013-06-08 18:58 - 00002038 ____A C:\Windows\PFRO.log
2013-06-08 19:34 - 2013-06-08 14:49 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-06-08 19:18 - 2013-06-08 19:18 - 00001109 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Mozilla
2013-06-08 19:18 - 2013-06-08 19:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-08 19:18 - 2013-05-17 20:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-08 19:17 - 2013-06-08 19:17 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-08 19:17 - 2013-06-08 19:16 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-08 19:17 - 2013-06-08 19:16 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 19:16 - 2013-06-08 19:16 - 00000000 ____D C:\Program Files\iPod
2013-06-08 19:16 - 2013-02-08 22:19 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-08 14:59 - 2012-08-08 18:15 - 00000000 ____D C:\Users\Eddy\Desktop\Homepage Tools
2013-06-08 14:50 - 2013-06-08 14:50 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-08 14:43 - 2012-08-09 09:41 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\ProtectDisc
2013-06-08 11:05 - 2013-06-08 11:05 - 00890839 ____A C:\Users\Eddy\Desktop\SecurityCheck.exe
2013-06-07 06:33 - 2013-06-07 06:33 - 00179968 ____A (Kaspersky Lab) C:\Users\Eddy\Downloads\kss12.0.1.117mlg_en_ru_fr_de.exe
2013-06-06 17:32 - 2013-06-06 17:32 - 00000000 ____D C:\_OTL
2013-06-06 17:23 - 2013-06-06 17:23 - 00000000 ____D C:\Windows\ERUNT
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Downloads\SystemLook.exe
2013-06-06 17:21 - 2013-06-06 17:21 - 00139264 ____A C:\Users\Eddy\Desktop\SystemLook.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Downloads\esetsmartinstaller_enu.exe
2013-06-06 17:20 - 2013-06-06 17:20 - 02347384 ____A (ESET) C:\Users\Eddy\Desktop\esetsmartinstaller_enu.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Downloads\OTL.exe
2013-06-06 17:17 - 2013-06-06 17:17 - 00602112 ____A (OldTimer Tools) C:\Users\Eddy\Desktop\OTL.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Downloads\JRT.exe
2013-06-06 17:16 - 2013-06-06 17:16 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Eddy\Desktop\JRT.exe
2013-06-05 19:11 - 2013-06-05 19:11 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\InfraRecorder
2013-06-04 16:31 - 2013-06-04 16:31 - 00000000 ____A C:\Windows\setuperr.log
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\MSDOS.SYS
2013-06-04 16:29 - 2013-06-04 16:29 - 00000000 _RASH C:\IO.SYS
2013-06-04 06:58 - 2012-08-08 19:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-03 06:51 - 2012-12-05 07:53 - 00000000 ____D C:\Users\Eddy\Desktop\Neuer Ordner (4)
2013-06-03 06:48 - 2009-07-14 10:56 - 00000000 ____D C:\Windows\ShellNew
2013-06-03 06:47 - 2012-12-02 21:06 - 00000000 ____D C:\Users\Eddy\AppData\Local\SENukeX
2013-06-03 06:47 - 2012-11-18 19:15 - 00000000 ____D C:\Users\Eddy\Desktop\E-Mail
2013-06-02 20:05 - 2013-06-02 20:05 - 00001071 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-02 20:05 - 2013-06-02 20:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-02 19:58 - 2012-08-08 19:21 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\FileZilla
2013-06-02 13:34 - 2012-08-09 09:40 - 00000000 ____D C:\Program Files\Common Files\DATA BECKER Shared
2013-06-02 13:17 - 2013-03-23 18:06 - 00000000 ____D C:\Users\Eddy\AppData\Local\Google
2013-06-02 13:04 - 2013-04-20 13:05 - 00000000 ____D C:\Windows\System64
2013-06-02 13:04 - 2009-07-14 04:37 - 00000000 ___RD C:\users\Public
2013-06-02 13:03 - 2013-03-30 21:06 - 00000000 ____D C:\Program Files\Pin Blaster
2013-06-02 13:03 - 2012-10-17 17:13 - 00000000 ____D C:\Program Files\SEO PowerSuite
2013-06-02 13:01 - 2012-10-21 21:56 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-02 13:01 - 2012-10-21 21:25 - 00000000 ____D C:\Program Files\BacklinkProfitMonster
2013-05-30 17:00 - 2013-05-30 17:00 - 00000000 ____D C:\Program Files\x264 Video Codec
2013-05-23 10:49 - 2012-12-28 19:24 - 00000000 ____D C:\Program Files\BitTorrent
2013-05-19 16:11 - 2013-05-19 16:04 - 00000933 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2013-05-19 16:11 - 2013-05-19 16:03 - 00000000 ____D C:\Users\Eddy\Desktop\iphone4
2013-05-18 12:19 - 2013-04-12 05:16 - 00000000 ____D C:\Program Files\Mozilla Firefox.bak
2013-05-15 17:45 - 2012-08-08 19:04 - 00000969 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-05-15 17:45 - 2012-08-08 19:04 - 00000000 ____D C:\Program Files\CCleaner
2013-05-12 21:15 - 2012-08-08 19:22 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\TweetAdder3
2013-05-11 18:52 - 2012-08-08 19:01 - 00000000 ____D C:\ProgramData\Adobe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-03 00:26

==================== End Of Log ============================

schrauber 09.06.2013 16:18
Windows-taste+R > schreibe

netsh winsock repair

und drücke Enter. Reboot. Was machen deine Probleme?

pulloverscha 09.06.2013 16:59
erledigt - Leider sind noch die besagten Probleme da "Ads Werbung links" und jetzt neu wenn ich über den link gehe steht dort "click to Conitinue < by text-Enhance"

schrauber 09.06.2013 18:15
Kannst mir davon nen Screenshot machen? Kommt das in beiden Browsern?

pulloverscha 10.06.2013 05:36
nach langen hin und her überlegen habe ich nun über Nacht den PC lieber neu gemacht.

Es tut mir leid ich danke Dir dennoch sehr

schrauber 10.06.2013 06:57
Alles klar.


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:56 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19