Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PC läuft sehr langsam, Firefox schließt automatisch, Manche Seiten blockiert (https://www.trojaner-board.de/153708-pc-laeuft-sehr-langsam-firefox-schliesst-automatisch-manche-seiten-blockiert.html)

NeedHelp08 11.05.2014 17:16
PC läuft sehr langsam, Firefox schließt automatisch, Manche Seiten blockiert
 
Hallo an das super geschulte Team,

Nachdem ich meinen Schwiegereltern erzählt habe, wie professionell und schnell mein PC-Problem in dieser Community gelöst werden konnte, wurde ich kurzerhand gebeten den Laptop der Schwiegereltern hier überprüfen zu lassen.

Die berichteten Fehler lauten wie folgt:
  • Der PC Läuft langsam
  • Das Programm Firefox schließt sich beim Surfen von alleine
  • Manche Seiten lassen sich nicht wie gewöhnt öffnen

Vielen Dank im Voraus
Grüße NH

schrauber 11.05.2014 17:31
hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


NeedHelp08 12.05.2014 08:57
Hallo und ein Dankeschön ...

Hier sind die Logs

Viele Grüße


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by Katrin (administrator) on KATRIN-PC on 12-05-2014 09:50:13
Running from C:\Users\xxxx\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6253160 2011-09-15] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-12] (AVAST Software)
HKU\S-1-5-21-905575457-879607011-4093534939-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default
FF user.js: detected! => C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\searchplugins\suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\Extensions\ich@maltegoetz.de [2014-01-15]
FF Extension: WOT - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-15]
FF Extension: Adblock Plus - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-10]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-07-05] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-16] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-16] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-05-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-05-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [67776 2014-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-12] ()
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2011-03-01] (Atheros)
R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [242336 2011-03-01] (Atheros)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [251496 2011-02-15] (Realtek Semiconductor Corp.)
S3 catchme; \??\C:\Users\xxxx\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 09:50 - 2014-05-12 09:50 - 00008704 _____ () C:\Users\xxxx\Downloads\FRST.txt
2014-05-12 09:50 - 2014-05-12 09:50 - 00000000 ____D () C:\FRST
2014-05-12 09:49 - 2014-05-12 09:49 - 01056256 _____ (Farbar) C:\Users\xxxx\Downloads\FRST.exe
2014-05-12 09:37 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-12 09:36 - 2014-05-12 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 09:36 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-12 09:36 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-12 09:36 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-12 09:35 - 2014-05-12 09:36 - 00004410 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 09:33 - 2014-05-12 09:33 - 00067776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-05-12 09:33 - 2014-05-12 09:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-12 09:33 - 2014-05-12 09:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-11 11:52 - 2014-05-11 11:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 11:40 - 2014-05-11 11:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-10 16:43 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-10 16:43 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-04 13:27 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-04 13:27 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-24 16:45 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-24 16:45 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-24 16:45 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-24 16:45 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-24 16:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-24 16:45 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-24 16:45 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-24 16:45 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-24 16:45 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-24 16:45 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-24 16:45 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-24 16:45 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-24 16:45 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-24 16:45 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-24 16:45 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-24 16:45 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-24 16:45 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-24 16:45 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-24 16:45 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-24 16:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-24 16:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-24 16:44 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-24 16:44 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-24 16:44 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 15:37 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-15 15:37 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-15 15:37 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-15 15:37 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-15 15:37 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-15 15:37 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-12 09:50 - 2014-05-12 09:50 - 00008704 _____ () C:\Users\xxxx\Downloads\FRST.txt
2014-05-12 09:50 - 2014-05-12 09:50 - 00000000 ____D () C:\FRST
2014-05-12 09:50 - 2010-11-20 23:01 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 09:49 - 2014-05-12 09:49 - 01056256 _____ (Farbar) C:\Users\xxxx\Downloads\FRST.exe
2014-05-12 09:49 - 2012-05-10 19:50 - 01705028 _____ () C:\Windows\WindowsUpdate.log
2014-05-12 09:48 - 2009-07-14 06:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 09:48 - 2009-07-14 06:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 09:47 - 2014-03-06 15:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-05-12 09:47 - 2012-05-11 00:29 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Skype
2014-05-12 09:47 - 2012-05-10 22:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-12 09:46 - 2012-05-11 00:10 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-05-12 09:45 - 2013-11-06 12:12 - 00002184 _____ () C:\Windows\setupact.log
2014-05-12 09:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 09:44 - 2013-11-06 12:12 - 00097682 _____ () C:\Windows\PFRO.log
2014-05-12 09:37 - 2013-11-06 11:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 09:36 - 2014-05-12 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 09:36 - 2014-05-12 09:35 - 00004410 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 09:36 - 2013-06-25 10:41 - 00000000 ____D () C:\Program Files\Java
2014-05-12 09:34 - 2013-11-06 11:48 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-12 09:33 - 2014-05-12 09:33 - 00067776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-05-12 09:33 - 2014-05-12 09:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-12 09:33 - 2014-05-12 09:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-12 09:33 - 2013-04-02 12:30 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-12 09:33 - 2013-04-02 12:30 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-12 09:33 - 2012-05-10 23:05 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-12 09:33 - 2012-05-10 23:05 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-12 09:33 - 2012-05-10 23:05 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-12 09:33 - 2012-05-10 23:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-12 09:33 - 2012-05-10 23:04 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-11 11:52 - 2014-05-11 11:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 11:40 - 2014-05-11 11:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-10 17:19 - 2012-05-11 00:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-04 12:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-29 18:19 - 2012-05-11 00:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 18:19 - 2012-05-11 00:42 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 14:48 - 2014-05-04 13:27 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-04 13:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-24 18:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-24 16:44 - 2013-08-20 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-24 16:41 - 2012-05-11 00:47 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-14 20:13 - 2014-05-12 09:36 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-05-12 09:37 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-05-12 09:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-05-12 09:36 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-14 04:11 - 2014-05-10 16:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-05-10 16:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\xxxx\AppData\Local\Temp\Checkupdate.exe
C:\Users\xxxx\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\xxxx\AppData\Local\Temp\Foxit Updater.exe
C:\Users\xxxx\AppData\Local\Temp\gcapi_dll.dll
C:\Users\xxxx\AppData\Local\Temp\gtapi_signed.dll
C:\Users\xxxx\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-11-11 15:25

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-05-2014 01
Ran by Katrin at 2014-05-12 09:51:36
Running from C:\Users\xxxx\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2011.0705.1115.18310 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.60705.1113 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (Version: 2011.0705.1115.18310 - Ihr Firmenname) Hidden
ATI Catalyst Install Manager (HKLM\...\{13AD0436-E893-E726-0CBB-33FCF35A2F29}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2018 - Avast Software)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.60 - Atheros Communications)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2011.0705.1115.18310 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2011.0705.1115.18310 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2011.0705.1115.18310 - ATI) Hidden
CCC Help Chinese Standard (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Czech (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Danish (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Dutch (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help English (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Finnish (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help French (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help German (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Greek (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Hungarian (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Italian (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Japanese (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Korean (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Norwegian (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Polish (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Portuguese (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Russian (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Spanish (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Swedish (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Thai (Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Turkish (Version: 2011.0705.1114.18310 - ATI) Hidden
ccc-utility (Version: 2011.0705.1115.18310 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
CloudReading (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.0.27.1025 - Foxit Corporation)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5120 - CyberLink Corp.)
CyberLink YouCam (Version: 3.5.3.5120 - CyberLink Corp.) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
OpenOffice.org 3.3 (HKLM\...\{F105303F-EE2B-4F6F-90D1-56AB73BE87B5}) (Version: 3.3.9535 - OpenOffice.org)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6461 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

26-01-2014 09:19:55 Windows Update
29-01-2014 17:28:11 Windows Update
04-02-2014 13:04:04 Windows Update
20-02-2014 08:14:51 Windows Update
06-03-2014 12:14:10 Windows Update
06-03-2014 15:57:28 Windows Update
11-03-2014 11:57:33 Windows Update
17-03-2014 12:41:04 Windows Update
19-03-2014 13:09:49 Windows Update
01-04-2014 17:10:59 Windows Update
06-04-2014 13:45:30 Windows Update
15-04-2014 13:33:52 Windows Update
24-04-2014 14:39:52 Windows Update
29-04-2014 15:35:03 Windows Update
04-05-2014 10:00:00 Windows Update
04-05-2014 11:26:56 Windows Update
10-05-2014 14:42:56 Windows Update
11-05-2014 09:39:39 Windows Update
12-05-2014 07:31:52 avast! antivirus system restore point
12-05-2014 07:35:10 Installed Java 7 Update 55
12-05-2014 07:39:46 Removed Apple Application Support
12-05-2014 07:41:19 Removed Apple Mobile Device Support
12-05-2014 07:42:36 Removed Apple Software Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {316F7D2B-EC55-4AFC-9DD5-7EF2698F23EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {8B7E67A8-61D7-4265-BC4B-1E971B5FFCBA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {90BDEDF0-0045-4245-B2FE-23E9CF6F55BC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-12] (AVAST Software)
Task: {996DA765-C3B6-4AF0-87AC-6725715D9F12} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2012-03-20] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-05-12 09:30 - 2014-05-12 08:24 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051200\algo.dll
2011-07-05 11:26 - 2011-07-05 11:26 - 00065024 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-11-06 11:47 - 2013-11-06 11:47 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-07-05 11:26 - 2011-07-05 11:26 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-07-05 11:13 - 2011-07-05 11:13 - 00243712 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 13:42 - 2011-06-17 13:42 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-05-11 11:52 - 2014-05-11 11:52 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 09:46:49 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:42:37 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/12/2014 09:42:37 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/12/2014 09:41:20 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/12/2014 09:41:20 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/12/2014 09:41:09 AM) (Source: Microsoft-Windows-RestartManager) (User: Katrin-PC) (EventID: 10007)
Description: Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu gestartet werden.

Error: (05/12/2014 09:41:09 AM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/12/2014 09:39:48 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/12/2014 09:39:48 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/12/2014 09:35:11 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (05/12/2014 09:44:20 AM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/12/2014 09:41:09 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001

Error: (05/11/2014 00:13:31 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/10/2014 05:34:54 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/06/2014 10:57:29 AM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/06/2014 10:31:34 AM) (Source: bowser) (User: ) (EventID: 8003)
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6D8C590F-06BB-4832-8DDE-8F828F5AC7-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/04/2014 05:24:14 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/04/2014 01:26:49 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/04/2014 00:58:48 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (04/29/2014 06:25:32 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (05/12/2014 09:46:49 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:42:37 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/12/2014 09:42:37 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/12/2014 09:41:20 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/12/2014 09:41:20 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/12/2014 09:41:09 AM) (Source: Microsoft-Windows-RestartManager) (User: Katrin-PC) (EventID: 10007)
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217820400

Error: (05/12/2014 09:41:09 AM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Error: (05/12/2014 09:39:48 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/12/2014 09:39:48 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/12/2014 09:35:11 AM) (Source: Microsoft-Windows-CAPI2) (User: ) (EventID: 513)
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswTdi.

System Error:
Das System kann die angegebene Datei nicht finden.


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 3578.91 MB
Available physical RAM: 2146.09 MB
Total Pagefile: 7156.1 MB
Available Pagefile: 5604.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:263.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: B03E7563)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 12.05.2014 17:47
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

NeedHelp08 14.05.2014 08:41
Guten Morgen

Hier ist die Log von Combofix

Code:
ComboFix 14-05-13.01 - Katrin 14.05.2014  9:17.2.2 - x86
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.3579.2526 [GMT 2:00]
ausgeführt von:: c:\users\xxxx\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-04-14 bis 2014-05-14  ))))))))))))))))))))))))))))))
.
.
2014-05-14 07:32 . 2014-05-14 07:32        --------        d-----w-        c:\users\Public\AppData\Local\temp
2014-05-14 07:32 . 2014-05-14 07:32        --------        d-----w-        c:\users\Malisa\AppData\Local\temp
2014-05-14 07:32 . 2014-05-14 07:32        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-05-12 07:50 . 2014-05-12 07:53        --------        d-----w-        C:\FRST
2014-05-12 07:36 . 2014-04-14 18:13        94632        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2014-05-12 07:33 . 2014-05-12 07:33        67776        ----a-w-        c:\windows\system32\drivers\aswStm.sys
2014-05-12 07:33 . 2014-05-12 07:33        24184        ----a-w-        c:\windows\system32\drivers\aswHwid.sys
2014-05-12 07:33 . 2014-05-12 07:33        43152        ----a-w-        c:\windows\avastSS.scr
2014-05-11 09:40 . 2014-05-11 09:40        --------        d-s---w-        c:\windows\system32\CompatTel
2014-05-10 14:44 . 2014-04-17 03:32        8050496        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4A8962E-412C-4B45-B6C2-CA7652A09158}\mpengine.dll
2014-05-10 14:43 . 2014-04-14 02:11        361984        ----a-w-        c:\windows\system32\aepdu.dll
2014-05-10 14:43 . 2014-04-14 02:07        302592        ----a-w-        c:\windows\system32\aeinv.dll
2014-05-04 11:27 . 2014-04-29 12:34        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2014-04-24 14:44 . 2014-03-06 06:40        1967104        ----a-w-        c:\windows\system32\inetcpl.cpl
2014-04-24 14:44 . 2014-03-06 07:46        4254720        ----a-w-        c:\windows\system32\jscript9.dll
2014-04-15 13:37 . 2014-02-04 02:07        149440        ----a-w-        c:\windows\system32\drivers\storport.sys
2014-04-15 13:37 . 2014-02-04 02:07        234432        ----a-w-        c:\windows\system32\drivers\msiscsi.sys
2014-04-15 13:37 . 2014-02-04 02:07        27072        ----a-w-        c:\windows\system32\drivers\Diskdump.sys
2014-04-15 13:37 . 2014-02-04 02:00        2048        ----a-w-        c:\windows\system32\iologmsg.dll
2014-04-15 13:37 . 2014-01-24 02:18        1212352        ----a-w-        c:\windows\system32\drivers\ntfs.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-12 07:33 . 2013-04-02 10:30        49944        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2014-05-12 07:33 . 2013-04-02 10:30        180632        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2014-05-12 07:33 . 2012-05-10 21:05        411552        ----a-w-        c:\windows\system32\drivers\aswsp.sys
2014-05-12 07:33 . 2012-05-10 21:05        81768        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2014-05-12 07:33 . 2012-05-10 21:05        776976        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2014-05-12 07:33 . 2012-05-10 21:05        67824        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2014-05-12 07:33 . 2012-05-10 21:04        271264        ----a-w-        c:\windows\system32\aswBoot.exe
2014-04-29 16:19 . 2012-05-10 22:42        70832        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 16:19 . 2012-05-10 22:42        692400        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2014-03-31 07:35 . 2012-05-10 22:28        231584        ------w-        c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-12 07:33        260976        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2011-09-15 6253160]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-08-10 343168]
"AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-03-01 490656]
"AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-03-01 302240]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-12 3873704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-05-12 67776]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-16 66688]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-16 33408]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-05-12 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-05-12 411552]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2009-11-18 87968]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-05 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-05 294400]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-05-12 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-05-12 67824]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-07-14 100880]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-01 24736]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-01 242336]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 27632]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 251496]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 37504]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASWSTM
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 16:19]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-14  09:37:48
ComboFix-quarantined-files.txt  2014-05-14 07:37
ComboFix2.txt  2013-06-06 08:28
.
Vor Suchlauf: 10 Verzeichnis(se), 282.295.029.760 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 283.209.420.800 Bytes frei
.
- - End Of File - - 86C66870686BE09BBE6E38ECABF906ED
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/CODE]

schrauber 15.05.2014 07:24
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

NeedHelp08 16.05.2014 07:57
Vielen Dank für die Tipps, hier sind die Logs

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 15.05.2014
Suchlauf-Zeit: 15:59:20
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.15.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Katrin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 251082
Verstrichene Zeit: 22 Min, 13 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-905575457-879607011-4093534939-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [426e262bee8d83b3d1290e8b29d94eb2],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-905575457-879607011-4093534939-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [9917bd94ceadcc6a55be9f11cf344db3],

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-905575457-879607011-4093534939-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0G2Y1R2X0G1M2S1M0G1S1H, In Quarantäne, [9917bd94ceadcc6a55be9f11cf344db3]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
# AdwCleaner v3.208 - Bericht erstellt am 15/05/2014 um 16:03:50
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Katrin - KATRIN-PC
# Gestartet von : C:\Users\xxxx\Downloads\adwcleaner_3.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Tarma Installer
Datei Gelöscht : C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKLM\Software\PIP

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1438 octets] - [15/05/2014 16:02:13]
AdwCleaner[S0].txt - [1359 octets] - [15/05/2014 16:03:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1419 octets] #########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Katrin on 15.05.2014 at 16:08:51,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\n5mi6n41.default\minidumps [90 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.05.2014 at 16:16:44,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-05-2014
Ran by Katrin (administrator) on KATRIN-PC on 16-05-2014 08:47:37
Running from C:\Users\xxxx\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6253160 2011-09-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-12] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-905575457-879607011-4093534939-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-905575457-879607011-4093534939-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [370912 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-905575457-879607011-4093534939-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\searchplugins\suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\Extensions\ich@maltegoetz.de [2014-01-15]
FF Extension: WOT - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-15]
FF Extension: Adblock Plus - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\n5mi6n41.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-10]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-04-17] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-16] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-16] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [184032 2014-03-28] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-12] ()
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2011-03-01] (Atheros)
R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [242336 2011-03-01] (Atheros)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [251496 2011-02-15] (Realtek Semiconductor Corp.)
S3 amdiox86; system32\DRIVERS\amdiox86.sys [X]
S3 catchme; \??\C:\Users\xxxx\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-16 08:47 - 2014-05-16 08:47 - 00000000 ____D () C:\Users\xxxx\Downloads\FRST-OlderVersion
2014-05-15 16:19 - 2014-05-15 16:19 - 00001499 _____ () C:\Users\xxxx\Desktop\AdwCleaner[S0].txt
2014-05-15 16:16 - 2014-05-15 16:19 - 00000862 _____ () C:\Users\xxxx\Desktop\JRT.txt
2014-05-15 16:08 - 2014-05-15 16:08 - 01016261 _____ (Thisisu) C:\Users\xxxx\Downloads\JRT.exe
2014-05-15 16:08 - 2014-05-15 16:08 - 00000000 ____D () C:\Windows\ERUNT
2014-05-15 16:05 - 2014-05-15 16:05 - 00000306 _____ () C:\Windows\PFRO.log
2014-05-15 16:02 - 2014-05-15 16:03 - 00000000 ____D () C:\AdwCleaner
2014-05-15 16:01 - 2014-05-15 16:01 - 01325827 _____ () C:\Users\xxxx\Downloads\adwcleaner_3.208.exe
2014-05-15 16:01 - 2014-05-15 16:01 - 00001703 _____ () C:\Users\xxxx\Desktop\mbam.txt
2014-05-15 15:36 - 2014-05-15 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 15:35 - 2014-05-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-15 15:35 - 2014-05-15 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 15:35 - 2014-05-15 15:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-15 15:35 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 15:35 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-15 15:35 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-15 15:34 - 2014-05-15 15:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\xxxx\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-15 15:29 - 2014-05-15 16:05 - 00000112 _____ () C:\Windows\setupact.log
2014-05-15 15:29 - 2014-05-15 15:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 12:31 - 2014-05-14 12:31 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-14 12:27 - 2014-05-14 12:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-14 12:27 - 2014-05-14 12:26 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-14 12:26 - 2014-05-14 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-14 12:26 - 2014-05-14 12:26 - 00000000 ____D () C:\Program Files\Java
2014-05-14 11:27 - 2014-05-14 11:27 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Oracle
2014-05-14 11:20 - 2014-05-14 11:20 - 00000000 ____D () C:\Users\xxxx\AppData\Local\Adobe
2014-05-14 11:19 - 2014-05-14 11:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-14 11:17 - 2014-05-14 11:18 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\ProgramData\ATI
2014-05-14 10:21 - 2014-05-14 10:21 - 00000000 ____D () C:\Users\xxxx\AppData\Local\AppEx Networks
2014-05-14 10:15 - 2014-05-14 10:15 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Raptr
2014-05-14 10:15 - 2014-05-14 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-05-14 10:15 - 2014-05-14 10:15 - 00000000 ____D () C:\Program Files\Raptr
2014-05-14 10:14 - 2014-05-14 10:15 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-05-14 10:14 - 2014-05-14 10:14 - 00059870 _____ () C:\Windows\system32\CCCInstall_201405141014308821.log
2014-05-14 10:14 - 2014-05-14 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-05-14 10:14 - 2014-05-14 10:14 - 00000000 ____D () C:\Program Files\AMD AVT
2014-05-14 10:14 - 2014-03-28 11:52 - 00184032 _____ (AppEx Networks Corporation) C:\Windows\system32\Drivers\appexDrv.sys
2014-05-14 10:10 - 2014-05-14 10:14 - 00000000 ____D () C:\Program Files\AMD
2014-05-14 10:08 - 2014-05-14 10:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-14 10:04 - 2014-05-14 10:04 - 00000000 ____D () C:\AMD
2014-05-14 10:00 - 2014-05-14 10:00 - 00000000 __SHD () C:\Users\xxxx\AppData\Local\EmieUserList
2014-05-14 10:00 - 2014-05-14 10:00 - 00000000 __SHD () C:\Users\xxxx\AppData\Local\EmieSiteList
2014-05-14 09:48 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 09:48 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 09:48 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 09:47 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 09:47 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-14 09:47 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 09:47 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 09:47 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 09:46 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 09:46 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 09:46 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 09:46 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 09:46 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 09:46 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 09:46 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 09:46 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 09:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 09:46 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 09:46 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 09:37 - 2014-05-14 09:37 - 00008931 _____ () C:\ComboFix.txt
2014-05-14 09:11 - 2014-05-14 09:11 - 05200050 ____R (Swearware) C:\Users\xxxx\Downloads\ComboFix.exe
2014-05-12 09:51 - 2014-05-12 09:56 - 00018095 _____ () C:\Users\xxxx\Downloads\Addition.txt
2014-05-12 09:50 - 2014-05-16 08:47 - 00009430 _____ () C:\Users\xxxx\Downloads\FRST.txt
2014-05-12 09:50 - 2014-05-16 08:47 - 00000000 ____D () C:\FRST
2014-05-12 09:49 - 2014-05-16 08:47 - 01056768 _____ (Farbar) C:\Users\xxxx\Downloads\FRST.exe
2014-05-12 09:35 - 2014-05-12 09:36 - 00004410 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 09:33 - 2014-05-14 10:26 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-12 09:33 - 2014-05-12 09:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-12 09:33 - 2014-05-12 09:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-11 11:52 - 2014-05-11 11:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 11:40 - 2014-05-14 09:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-24 16:45 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-24 16:45 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-24 16:45 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-24 16:45 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-24 16:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-24 16:45 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-24 16:45 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-24 16:45 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-24 16:45 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-24 16:45 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-24 16:45 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-24 16:45 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-24 16:45 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-24 16:45 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-24 16:45 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-24 16:45 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-24 16:45 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-24 16:45 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-24 16:45 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-24 16:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-24 16:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-24 16:44 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-24 16:44 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-24 16:44 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 04:43 - 2014-04-18 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll
2014-04-18 04:43 - 2014-04-18 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2014-04-18 04:35 - 2014-04-18 04:35 - 13515264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-18 04:23 - 2014-04-18 04:23 - 00200704 _____ () C:\Windows\system32\clinfo.exe
2014-04-18 04:22 - 2014-04-18 04:22 - 00995342 _____ () C:\Windows\system32\amdocl_as32.exe
2014-04-18 04:22 - 2014-04-18 04:22 - 00798734 _____ () C:\Windows\system32\amdocl_ld32.exe
2014-04-18 04:22 - 2014-04-18 04:22 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo.dll
2014-04-18 04:22 - 2014-04-18 04:22 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode.dll
2014-04-18 04:19 - 2014-04-18 04:19 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2014-04-18 04:17 - 2014-04-18 04:17 - 00058880 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-18 04:13 - 2014-04-18 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle32.dll
2014-04-18 03:58 - 2014-04-18 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle32.dll
2014-04-18 03:51 - 2014-04-18 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll
2014-04-18 03:46 - 2014-04-18 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-18 03:46 - 2014-04-18 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-18 03:46 - 2014-04-18 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll
2014-04-18 03:46 - 2014-04-18 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll
2014-04-18 03:45 - 2014-04-18 03:45 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl32.dll
2014-04-18 03:42 - 2014-04-18 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll
2014-04-18 03:33 - 2014-04-18 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2014-04-18 03:30 - 2014-04-18 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-18 03:29 - 2014-04-18 03:29 - 00491520 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-18 03:29 - 2014-04-18 03:29 - 00208896 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-18 03:29 - 2014-04-18 03:29 - 00030720 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-18 03:28 - 2014-04-18 03:28 - 00164352 _____ (AMD) C:\Windows\system32\atitmmxx.dll
2014-04-18 03:21 - 2014-04-18 03:21 - 00616960 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-18 03:17 - 2014-04-18 03:17 - 03471376 _____ () C:\Windows\system32\atiumdva.cap
2014-04-18 03:14 - 2014-04-18 03:14 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-04-18 03:14 - 2014-04-18 03:14 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-04-18 03:08 - 2014-04-18 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-04-18 03:07 - 2014-04-18 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll
2014-04-18 03:07 - 2014-04-18 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-18 03:06 - 2014-04-18 03:06 - 00512000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-18 03:04 - 2014-04-18 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-17 22:28 - 2014-04-17 22:28 - 00038912 _____ () C:\Windows\system32\kdbsdk32.dll

==================== One Month Modified Files and Folders =======

2014-05-16 08:48 - 2014-05-12 09:50 - 00009430 _____ () C:\Users\xxxx\Downloads\FRST.txt
2014-05-16 08:47 - 2014-05-16 08:47 - 00000000 ____D () C:\Users\xxxx\Downloads\FRST-OlderVersion
2014-05-16 08:47 - 2014-05-12 09:50 - 00000000 ____D () C:\FRST
2014-05-16 08:47 - 2014-05-12 09:49 - 01056768 _____ (Farbar) C:\Users\xxxx\Downloads\FRST.exe
2014-05-16 08:44 - 2012-05-11 00:29 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Skype
2014-05-16 08:44 - 2012-05-11 00:10 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-05-16 08:43 - 2012-05-11 00:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-15 16:19 - 2014-05-15 16:19 - 00001499 _____ () C:\Users\xxxx\Desktop\AdwCleaner[S0].txt
2014-05-15 16:19 - 2014-05-15 16:16 - 00000862 _____ () C:\Users\xxxx\Desktop\JRT.txt
2014-05-15 16:13 - 2009-07-14 06:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-15 16:13 - 2009-07-14 06:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-15 16:09 - 2012-05-10 19:50 - 01879055 _____ () C:\Windows\WindowsUpdate.log
2014-05-15 16:09 - 2010-11-20 23:01 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-15 16:08 - 2014-05-15 16:08 - 01016261 _____ (Thisisu) C:\Users\xxxx\Downloads\JRT.exe
2014-05-15 16:08 - 2014-05-15 16:08 - 00000000 ____D () C:\Windows\ERUNT
2014-05-15 16:05 - 2014-05-15 16:05 - 00000306 _____ () C:\Windows\PFRO.log
2014-05-15 16:05 - 2014-05-15 15:29 - 00000112 _____ () C:\Windows\setupact.log
2014-05-15 16:05 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-15 16:03 - 2014-05-15 16:02 - 00000000 ____D () C:\AdwCleaner
2014-05-15 16:01 - 2014-05-15 16:01 - 01325827 _____ () C:\Users\xxxx\Downloads\adwcleaner_3.208.exe
2014-05-15 16:01 - 2014-05-15 16:01 - 00001703 _____ () C:\Users\xxxx\Desktop\mbam.txt
2014-05-15 15:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-15 15:36 - 2014-05-15 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 15:36 - 2012-05-10 23:50 - 00064768 _____ () C:\Users\xxxx\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-15 15:35 - 2014-05-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-15 15:35 - 2014-05-15 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 15:35 - 2014-05-15 15:35 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-15 15:35 - 2014-05-15 15:34 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\xxxx\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-15 15:29 - 2014-05-15 15:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-15 15:29 - 2009-07-14 06:33 - 00299512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-14 12:31 - 2014-05-14 12:31 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-14 12:31 - 2012-05-10 23:02 - 00000000 ____D () C:\Program Files\TeamViewer
2014-05-14 12:27 - 2014-05-14 12:27 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-14 12:27 - 2013-11-06 11:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-14 12:26 - 2014-05-14 12:27 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-14 12:26 - 2014-05-14 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-14 12:26 - 2014-05-14 12:26 - 00000000 ____D () C:\Program Files\Java
2014-05-14 11:29 - 2012-05-10 20:46 - 00000000 ____D () C:\Windows\Panther
2014-05-14 11:27 - 2014-05-14 11:27 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Oracle
2014-05-14 11:20 - 2014-05-14 11:20 - 00000000 ____D () C:\Users\xxxx\AppData\Local\Adobe
2014-05-14 11:20 - 2012-05-11 00:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 11:20 - 2012-05-11 00:42 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 11:19 - 2014-05-14 11:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-14 11:18 - 2014-05-14 11:17 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-05-14 11:16 - 2012-05-10 23:00 - 00000000 ____D () C:\Program Files\OpenOffice.org 3
2014-05-14 10:41 - 2013-06-06 10:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-14 10:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-14 10:26 - 2014-05-12 09:33 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-14 10:26 - 2012-05-10 23:05 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-14 10:26 - 2012-05-10 23:05 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-14 10:22 - 2014-05-14 10:22 - 00000000 ____D () C:\ProgramData\ATI
2014-05-14 10:21 - 2014-05-14 10:21 - 00000000 ____D () C:\Users\xxxx\AppData\Local\AppEx Networks
2014-05-14 10:15 - 2014-05-14 10:15 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Raptr
2014-05-14 10:15 - 2014-05-14 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-05-14 10:15 - 2014-05-14 10:15 - 00000000 ____D () C:\Program Files\Raptr
2014-05-14 10:15 - 2014-05-14 10:14 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-05-14 10:14 - 2014-05-14 10:14 - 00059870 _____ () C:\Windows\system32\CCCInstall_201405141014308821.log
2014-05-14 10:14 - 2014-05-14 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-05-14 10:14 - 2014-05-14 10:14 - 00000000 ____D () C:\Program Files\AMD AVT
2014-05-14 10:14 - 2014-05-14 10:10 - 00000000 ____D () C:\Program Files\AMD
2014-05-14 10:14 - 2012-05-10 23:41 - 00000000 ____D () C:\ProgramData\AMD
2014-05-14 10:14 - 2012-05-10 23:39 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-14 10:08 - 2014-05-14 10:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-14 10:04 - 2014-05-14 10:04 - 00000000 ____D () C:\AMD
2014-05-14 10:00 - 2014-05-14 10:00 - 00000000 __SHD () C:\Users\xxxx\AppData\Local\EmieUserList
2014-05-14 10:00 - 2014-05-14 10:00 - 00000000 __SHD () C:\Users\xxxx\AppData\Local\EmieSiteList
2014-05-14 09:55 - 2012-05-10 22:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-14 09:54 - 2014-05-11 11:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 09:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-14 09:52 - 2013-08-20 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 09:50 - 2012-05-11 00:47 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 09:37 - 2014-05-14 09:37 - 00008931 _____ () C:\ComboFix.txt
2014-05-14 09:37 - 2013-06-06 10:09 - 00000000 ____D () C:\Qoobox
2014-05-14 09:33 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-05-14 09:11 - 2014-05-14 09:11 - 05200050 ____R (Swearware) C:\Users\xxxx\Downloads\ComboFix.exe
2014-05-12 09:56 - 2014-05-12 09:51 - 00018095 _____ () C:\Users\xxxx\Downloads\Addition.txt
2014-05-12 09:47 - 2014-03-06 15:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-05-12 09:36 - 2014-05-12 09:35 - 00004410 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-12 09:34 - 2013-11-06 11:48 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-12 09:33 - 2014-05-12 09:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-12 09:33 - 2014-05-12 09:33 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-12 09:33 - 2013-04-02 12:30 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-12 09:33 - 2013-04-02 12:30 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-12 09:33 - 2012-05-10 23:05 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400055992270
2014-05-12 09:33 - 2012-05-10 23:05 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400055992270
2014-05-12 09:33 - 2012-05-10 23:05 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-12 09:33 - 2012-05-10 23:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-12 09:33 - 2012-05-10 23:04 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-11 11:52 - 2014-05-11 11:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 09:06 - 2014-05-14 09:46 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-14 09:46 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 05:25 - 2014-05-14 09:48 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-14 09:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-14 09:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-18 04:43 - 2014-04-18 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll
2014-04-18 04:43 - 2014-04-18 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2014-04-18 04:42 - 2011-07-05 23:12 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx32.dll
2014-04-18 04:42 - 2011-07-05 23:04 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx32.dll
2014-04-18 04:42 - 2011-07-05 22:45 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdag.dll
2014-04-18 04:42 - 2011-07-05 22:45 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdva.dll
2014-04-18 04:42 - 2011-07-05 22:31 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxpag.dll
2014-04-18 04:42 - 2011-07-05 22:31 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9pag.dll
2014-04-18 04:35 - 2014-04-18 04:35 - 13515264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-18 04:23 - 2014-04-18 04:23 - 00200704 _____ () C:\Windows\system32\clinfo.exe
2014-04-18 04:22 - 2014-04-18 04:22 - 00995342 _____ () C:\Windows\system32\amdocl_as32.exe
2014-04-18 04:22 - 2014-04-18 04:22 - 00798734 _____ () C:\Windows\system32\amdocl_ld32.exe
2014-04-18 04:22 - 2014-04-18 04:22 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo.dll
2014-04-18 04:22 - 2014-04-18 04:22 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode.dll
2014-04-18 04:19 - 2014-04-18 04:19 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2014-04-18 04:17 - 2014-04-18 04:17 - 00058880 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-18 04:13 - 2014-04-18 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle32.dll
2014-04-18 03:58 - 2014-04-18 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle32.dll
2014-04-18 03:51 - 2014-04-18 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll
2014-04-18 03:46 - 2014-04-18 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-18 03:46 - 2014-04-18 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-18 03:46 - 2014-04-18 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll
2014-04-18 03:46 - 2014-04-18 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll
2014-04-18 03:45 - 2014-04-18 03:45 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl32.dll
2014-04-18 03:42 - 2014-04-18 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll
2014-04-18 03:33 - 2014-04-18 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2014-04-18 03:30 - 2014-04-18 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-18 03:29 - 2014-04-18 03:29 - 00491520 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-18 03:29 - 2014-04-18 03:29 - 00208896 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-18 03:29 - 2014-04-18 03:29 - 00030720 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-18 03:28 - 2014-04-18 03:28 - 00164352 _____ (AMD) C:\Windows\system32\atitmmxx.dll
2014-04-18 03:21 - 2014-04-18 03:21 - 00616960 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-18 03:17 - 2014-04-18 03:17 - 03471376 _____ () C:\Windows\system32\atiumdva.cap
2014-04-18 03:14 - 2014-04-18 03:14 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-04-18 03:14 - 2014-04-18 03:14 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-04-18 03:08 - 2014-04-18 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-04-18 03:07 - 2014-04-18 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll
2014-04-18 03:07 - 2014-04-18 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-18 03:06 - 2014-04-18 03:06 - 00512000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-18 03:04 - 2014-04-18 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-17 22:28 - 2014-04-17 22:28 - 00038912 _____ () C:\Windows\system32\kdbsdk32.dll

Some content of TEMP:
====================
C:\Users\xxxx\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-32-dd-ccc-whql.exe
C:\Users\xxxx\AppData\Local\Temp\devcon.exe
C:\Users\xxxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxxx\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-14 09:46] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-11-11 15:25

==================== End Of Log ============================
--- --- ---

schrauber 17.05.2014 12:56

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:05 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19