| xxdannyx | 10.09.2013 16:48 |
Trojaner? TR/fakeadb.A'
Hey seit einigen tagen wird mir von avira immer folgende meldung gezeigt TR/fakeadb.A'
was muss ich jetzt machen?
LG
Hier das Logfile : Anhang 60023 |
Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
- Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
- Starte die AdwCleaner.exe mit einem Doppelklick.
- Stimme den Nutzungsbedingungen zu.
- Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
- Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
- Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
- Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
- Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade  Junkware Removal Tool auf Deinen Desktop - Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
- Drücke eine beliebige Taste, um das Tool zu starten.
- Je nach System kann der Scan eine Weile dauern.
- Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
- Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.
3. Schritt: Frisches Log mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
|
| xxdannyx | 10.09.2013 16:56 |
Hallo erstmal danke !
Muss ich nach jedem Schritt hier posten oder alle schritte erst machen?
LG
Edit:
Sorry ist eigentlich klar ! |
| xxdannyx | 10.09.2013 18:15 |
|
Nein, so die Logs nicht posten  Lesestoff: Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor: - Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
- Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
- Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
- Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307 |
| xxdannyx | 10.09.2013 19:59 |
jo sorry
zu 1. : Code:
# AdwCleaner v3.003 - Bericht erstellt am 10/09/2013 um 18:20:54
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Danny - DANNY-HP
# Gestartet von : C:\Users\Danny\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : BrowserProtect
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FoxyDeal
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\FoxyDeal
Ordner Gelöscht : C:\Users\Danny\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Danny\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Danny\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Danny\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Danny\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Danny\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Danny\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan
Ordner Gelöscht : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aiennapmieppnpfhhogglccgepbdajan
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
zu 2. : Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Professional x64
Ran by Danny on 10.09.2013 at 18:31:20,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-23783275-2463274722-3724743137-1002\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{84C021DA-3C78-4312-9F25-B27ECB5F81AD}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho1859.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2F40.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho408D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4B51.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5F16.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5F72.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho63DA.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6610.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6B5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6C01.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8708.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho96FB.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA26B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA64A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA82C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB5CF.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBC0F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBCB.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBDE7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC24A.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Danny\appdata\local\apn"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"
Successfully deleted: [Empty Folder] C:\Users\Danny\appdata\local\{A17DDF31-F792-4A05-A6B9-861D3657DCEB}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.09.2013 at 18:48:52,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3. FRST :
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by Danny (administrator) on DANNY-HP on 10-09-2013 19:03:10
Running from C:\Users\Danny\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Delta Search) - hxxp://www.google.com
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Ratchet & Clank Future 2) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [163328 2013-05-28] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-07] ()
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-25] (Xobni Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [1161376 2012-06-19] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [1161376 2012-06-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120815.002\IDSvia64.sys [509088 2012-06-14] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120815.002\IDSvia64.sys [509088 2012-06-14] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120817.003\ENG64.SYS [120440 2012-07-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120817.003\ENG64.SYS [120440 2012-07-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120817.003\EX64.SYS [2068600 2012-07-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120817.003\EX64.SYS [2068600 2012-07-13] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-06-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 19:02 - 2013-09-10 19:02 - 01949196 _____ (Farbar) C:\Users\Danny\Downloads\FRST64.exe
2013-09-10 18:48 - 2013-09-10 18:59 - 00002832 _____ C:\Users\Danny\Desktop\JRT.txt
2013-09-10 18:31 - 2013-09-10 18:31 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 18:29 - 2013-09-10 18:29 - 01029490 _____ (Thisisu) C:\Users\Danny\Downloads\JRT.exe
2013-09-10 18:24 - 2013-09-10 18:24 - 00008289 _____ C:\Users\Danny\Desktop\AdwCleaner[S0].txt
2013-09-10 18:19 - 2013-09-10 18:21 - 00000000 ____D C:\AdwCleaner
2013-09-10 18:17 - 2013-09-10 18:17 - 01037278 _____ C:\Users\Danny\Downloads\adwcleaner.exe
2013-09-10 17:49 - 2013-09-10 17:49 - 00047944 _____ C:\Users\Danny\Downloads\Ereignisse.txt
2013-09-10 17:45 - 2013-09-10 17:45 - 00047944 _____ C:\Users\Danny\Desktop\Ereignisse.txt
2013-09-07 23:28 - 2013-09-07 23:28 - 00000778 _____ C:\Windows\PFRO.log
2013-09-02 10:43 - 2013-09-02 10:43 - 00000000 ____D C:\Program Files (x86)\Tor
2013-08-27 20:41 - 2013-09-10 18:58 - 00003584 _____ C:\Windows\setupact.log
2013-08-27 20:41 - 2013-08-27 20:41 - 00000000 _____ C:\Windows\setuperr.log
2013-08-24 21:26 - 2013-08-24 21:26 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2013-08-18 15:43 - 2013-08-18 15:43 - 00126353 _____ C:\Users\Danny\Downloads\Handout.odt
2013-08-18 15:40 - 2013-08-18 15:40 - 00318976 _____ C:\Users\Danny\Downloads\Klassik PPP.ppt
2013-08-18 15:40 - 2013-08-18 15:40 - 00318976 _____ C:\Users\Danny\Downloads\Klassik PPP (1).ppt
2013-08-17 21:50 - 2013-08-17 21:50 - 00031766 _____ C:\Users\Danny\Downloads\Klassik (1).odt
2013-08-17 21:49 - 2013-08-17 21:49 - 00023110 _____ C:\Users\Danny\Downloads\Klassik.odt
2013-08-15 23:15 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 23:15 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 23:15 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 23:15 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 23:15 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 23:15 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 23:15 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 23:15 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 23:15 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 23:15 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 23:15 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 23:15 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 23:15 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 23:15 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 16:13 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 16:13 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 16:12 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 16:12 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 16:12 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 16:12 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 16:12 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 16:12 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 16:12 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 16:12 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 16:12 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 16:12 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 16:12 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 16:12 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 16:12 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 16:11 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 16:11 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 16:11 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 16:11 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 16:11 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 16:11 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 16:11 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 16:11 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 16:11 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 16:11 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 16:11 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 16:11 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-12 18:10 - 2013-08-12 18:11 - 00232448 _____ C:\Users\Danny\Documents\Basiskonzept Information Und Kommunikation.ppt
==================== One Month Modified Files and Folders =======
2013-09-10 19:03 - 2013-09-10 19:03 - 00000000 ____D C:\FRST
2013-09-10 19:02 - 2013-09-10 19:02 - 01949196 _____ (Farbar) C:\Users\Danny\Downloads\FRST64.exe
2013-09-10 18:59 - 2013-09-10 18:48 - 00002832 _____ C:\Users\Danny\Desktop\JRT.txt
2013-09-10 18:58 - 2013-08-27 20:41 - 00003584 _____ C:\Windows\setupact.log
2013-09-10 18:58 - 2011-12-10 02:06 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-09-10 18:58 - 2011-12-10 01:23 - 02095380 _____ C:\Windows\WindowsUpdate.log
2013-09-10 18:46 - 2012-07-11 14:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-10 18:34 - 2009-07-14 06:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 18:34 - 2009-07-14 06:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 18:31 - 2013-09-10 18:31 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 18:31 - 2012-07-11 14:23 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-10 18:29 - 2013-09-10 18:29 - 01029490 _____ (Thisisu) C:\Users\Danny\Downloads\JRT.exe
2013-09-10 18:29 - 2013-06-24 14:45 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
2013-09-10 18:27 - 2011-08-02 13:31 - 00000000 ____D C:\ProgramData\PDFC
2013-09-10 18:24 - 2013-09-10 18:24 - 00008289 _____ C:\Users\Danny\Desktop\AdwCleaner[S0].txt
2013-09-10 18:24 - 2012-07-11 14:23 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-10 18:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 18:21 - 2013-09-10 18:19 - 00000000 ____D C:\AdwCleaner
2013-09-10 18:17 - 2013-09-10 18:17 - 01037278 _____ C:\Users\Danny\Downloads\adwcleaner.exe
2013-09-10 17:55 - 2012-07-08 21:56 - 00000000 ____D C:\Users\Danny\AppData\Roaming\Skype
2013-09-10 17:49 - 2013-09-10 17:49 - 00047944 _____ C:\Users\Danny\Downloads\Ereignisse.txt
2013-09-10 17:45 - 2013-09-10 17:45 - 00047944 _____ C:\Users\Danny\Desktop\Ereignisse.txt
2013-09-10 14:21 - 2013-06-10 15:24 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{69071049-1978-43D2-AD02-58CB3E635B46}
2013-09-07 23:28 - 2013-09-07 23:28 - 00000778 _____ C:\Windows\PFRO.log
2013-09-02 10:43 - 2013-09-02 10:43 - 00000000 ____D C:\Program Files (x86)\Tor
2013-08-31 18:53 - 2013-06-01 21:05 - 00000292 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2013-08-28 19:03 - 2013-06-01 21:05 - 00000276 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2013-08-28 18:59 - 2012-06-19 22:51 - 00000000 ____D C:\Users\Danny\AppData\Local\CrashDumps
2013-08-27 20:41 - 2013-08-27 20:41 - 00000000 _____ C:\Windows\setuperr.log
2013-08-24 21:26 - 2013-08-24 21:26 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2013-08-24 12:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-24 11:50 - 2007-01-02 03:25 - 00000000 ____D C:\Windows\Panther
2013-08-20 20:07 - 2011-08-02 22:29 - 00699420 _____ C:\Windows\system32\perfh007.dat
2013-08-20 20:07 - 2011-08-02 22:29 - 00149186 _____ C:\Windows\system32\perfc007.dat
2013-08-20 20:07 - 2009-07-14 07:13 - 01614852 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-18 15:43 - 2013-08-18 15:43 - 00126353 _____ C:\Users\Danny\Downloads\Handout.odt
2013-08-18 15:40 - 2013-08-18 15:40 - 00318976 _____ C:\Users\Danny\Downloads\Klassik PPP.ppt
2013-08-18 15:40 - 2013-08-18 15:40 - 00318976 _____ C:\Users\Danny\Downloads\Klassik PPP (1).ppt
2013-08-17 21:50 - 2013-08-17 21:50 - 00031766 _____ C:\Users\Danny\Downloads\Klassik (1).odt
2013-08-17 21:49 - 2013-08-17 21:49 - 00023110 _____ C:\Users\Danny\Downloads\Klassik.odt
2013-08-16 22:31 - 2012-06-19 17:24 - 00000000 ____D C:\Users\Danny\Documents\Bluetooth Folder
2013-08-16 21:56 - 2012-06-19 23:06 - 00007602 _____ C:\Users\Danny\AppData\Local\Resmon.ResmonCfg
2013-08-12 18:11 - 2013-08-12 18:10 - 00232448 _____ C:\Users\Danny\Documents\Basiskonzept Information Und Kommunikation.ppt
Files to move or delete:
====================
C:\Users\Danny\AppData\Local\Temp\Quarantine.exe
C:\Users\Danny\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-15 17:16
==================== End Of Log ============================
--- --- ---
3. Addition : Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01
Ran by Danny at 2013-09-10 19:05:23
Running from C:\Users\Danny\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Shockwave Player (x32 Version: 10.1.4.020)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0705.1115.18310)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Driver Installation Program (x32 Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Avira Free Antivirus (x32 Version: 12.1.9.2500)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Big Rig Europe (x32 Version: 2.2.0.95)
Bing Bar (x32 Version: 7.0.610.0)
Blasterball 3 (x32 Version: 2.2.0.95)
Bluetooth Win7 Suite (64) (Version: 7.02.000.55)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (x32 Version: 2.2.0.95)
Bruteforce Save Data (x32)
Cake Mania (x32 Version: 2.2.0.95)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310)
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310)
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310)
CCC Help Czech (x32 Version: 2011.0705.1114.18310)
CCC Help Danish (x32 Version: 2011.0705.1114.18310)
CCC Help Dutch (x32 Version: 2011.0705.1114.18310)
CCC Help English (x32 Version: 2011.0705.1114.18310)
CCC Help Finnish (x32 Version: 2011.0705.1114.18310)
CCC Help French (x32 Version: 2011.0705.1114.18310)
CCC Help German (x32 Version: 2011.0705.1114.18310)
CCC Help Greek (x32 Version: 2011.0705.1114.18310)
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310)
CCC Help Italian (x32 Version: 2011.0705.1114.18310)
CCC Help Japanese (x32 Version: 2011.0705.1114.18310)
CCC Help Korean (x32 Version: 2011.0705.1114.18310)
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310)
CCC Help Polish (x32 Version: 2011.0705.1114.18310)
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310)
CCC Help Russian (x32 Version: 2011.0705.1114.18310)
CCC Help Spanish (x32 Version: 2011.0705.1114.18310)
CCC Help Swedish (x32 Version: 2011.0705.1114.18310)
CCC Help Thai (x32 Version: 2011.0705.1114.18310)
CCC Help Turkish (x32 Version: 2011.0705.1114.18310)
ccc-utility64 (Version: 2011.0705.1115.18310)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95)
CyberLink YouCam (x32 Version: 3.2.1.3726)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
Dll-Files Fixer (x32 Version: 1.0)
eaner (Version: 3.27)
Energy Star Digital Logo (x32 Version: 1.0.1)
ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.95)
Fishdom (x32 Version: 2.2.0.95)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Google Chrome (x32 Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
HP Auto (Version: 1.0.12935.3667)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Documentation (x32 Version: 1.1.0.0)
HP Games (x32 Version: 1.0.2.4)
HP On Screen Display (x32 Version: 1.0.7)
HP Power Manager (x32 Version: 1.2.1)
HP Quick Launch (x32 Version: 2.3.6)
HP Setup (x32 Version: 8.5.4526.3645)
HP Wireless Assistant (Version: 4.0.10.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 6 (x32 Version: 7.0.60)
Java Auto Updater (x32 Version: 2.1.9.0)
Java(TM) 6 Update 22 (64-bit) (Version: 6.0.220)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
Mah Jong Medley (x32 Version: 2.2.0.95)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC90_CRT_x86 (x32 Version: 1.0.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95)
Norton Internet Security (x32 Version: 18.7.2.3)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Pando Media Booster (x32 Version: 2.6.0.7)
PDF Complete Special Edition (x32 Version: 4.0.34)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.95)
Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6287)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77)
Recovery Manager (x32 Version: 1.0.22)
Skype™ 6.3 (x32 Version: 6.3.107)
Slingo Deluxe (x32 Version: 2.2.0.95)
Synaptics Pointing Device Driver (Version: 15.2.4.3)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update Installer for WildTangent Games App (x32)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
Wedding Dash (x32 Version: 2.2.0.95)
WildTangent Games App (x32 Version: 4.0.8.7)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinZip 17.5 (Version: 17.5.10480)
Xobni (x32 Version: 1.9.5.13209)
Xobni Core (x32 Version: 1.0.0)
Zuma Deluxe (x32 Version: 2.2.0.95)
==================== Restore Points =========================
13-07-2013 00:26:05 Windows Update
13-07-2013 12:34:36 Windows Update
15-08-2013 21:03:47 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0330B44B-A12D-4B83-885F-F08586058881} - System32\Tasks\User_Feed_Synchronization-{69071049-1978-43D2-AD02-58CB3E635B46} => C:\Windows\system32\msfeedssync.exe [2013-06-02] (Microsoft Corporation)
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {11CC717C-7EA8-428A-8524-447F9A1DB1BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] ()
Task: {14A4367A-CE66-4CFA-9F30-A5D3D75058D1} - \Scheduled Update for Ask Toolbar No Task File
Task: {217EA279-F3EC-475D-91ED-3E0EEBD8DC24} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {2FBED6F0-1D0E-4D21-8283-5EDCE314BE2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-11] (Google Inc.)
Task: {3A97B278-82E1-4750-BAD2-AE158DA39C45} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B12CA61-9D4C-4B08-B032-24F32A9ACDAE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {60389BBE-17E8-4D3C-963F-9305E588E2F5} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {635A33AA-1158-43BA-B902-ED288168AFED} - System32\Tasks\{B694724D-3135-4A51-8C3F-E1C193AFBC4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/abandoninstall?page=tsProgressBar
Task: {6EBDCB93-E0EC-4287-8605-2A596317458D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] ()
Task: {7A30D7FC-D7FE-4EBF-82EB-57CCE4DE5CE3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {98522142-D0FA-4CEA-AD5D-51FF208E233B} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {A53CAB50-5596-48E3-A8BE-8EC14F0DAF89} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] ()
Task: {B0934C86-C221-430E-8834-BCFFC4D7A025} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com
Task: {B2025A7B-79BC-4CE1-BF20-6CEAE6885B85} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {BFB36291-51DA-4460-B1BD-9922099E37B9} - System32\Tasks\WPD\SqmUpload_S-1-5-21-23783275-2463274722-3724743137-1002 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)
Task: {C012ADFA-0C35-4AEA-BE48-13FD7438D0D2} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com
Task: {C965D342-803D-4D46-B9B1-B976389A0DA7} - System32\Tasks\{3FD1E705-46F0-4032-9155-11A0631A18EE} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.115&LastError=404
Task: {D54ACAEC-AB0F-4FB7-BEE6-C7A64FC123DB} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {EB6995FB-60F6-41BE-BDC3-D84ABBFCB8F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-11] (Google Inc.)
Task: {EED93AF1-7F09-48ED-97C1-91804C2E4ABB} - \EPUpdater No Task File
Task: {F2362A5D-B6B9-4831-8580-C15E7FC52F17} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com
Task: {F6E576B6-ED24-403A-AB03-4CB9F74CDFC0} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-12-10 01:26 - 2010-11-04 04:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2011-12-10 01:26 - 2011-01-12 01:26 - 02838120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2010-12-21 02:19 - 2010-12-21 02:19 - 00404776 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2010-12-21 02:20 - 2010-12-21 02:20 - 00216360 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00028216 _____ (Root-Project) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\LocalizeExtension.dll
2011-08-02 13:44 - 2011-08-02 13:44 - 00236600 _____ (Hewlett-Packard Development Company, L.P.) C:\Windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2011-07-05 12:10 - 2011-07-05 12:10 - 00290816 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-07-05 12:10 - 2011-07-05 12:10 - 00167936 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2009-01-20 14:51 - 2009-01-20 14:51 - 00007168 _____ ( ) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-07-05 12:27 - 2011-07-05 12:27 - 00036864 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2011-07-05 12:27 - 2011-07-05 12:27 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-07-05 12:14 - 2011-07-05 12:14 - 00027648 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2011-07-05 12:13 - 2011-07-05 12:13 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 14:42 - 2011-06-17 14:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-06-22 23:19 - 2011-04-17 02:57 - 01031040 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine64\18.7.2.3\ccL100U.dll
2012-06-22 23:19 - 2011-04-17 02:45 - 00113536 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine64\18.7.2.3\ccVrTrst.dll
2012-06-22 23:19 - 2011-06-01 18:16 - 00086952 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine64\18.7.2.3\EFACli64.dll
2012-06-22 23:19 - 2011-04-17 02:45 - 00420224 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine64\18.7.2.3\ccSet.dll
2012-08-18 22:39 - 2012-07-18 18:04 - 00058320 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cfglib.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00405200 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccguard.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00031952 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgrdrc.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00235216 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgrdw.dll
2012-08-18 22:39 - 2012-07-18 18:04 - 00221432 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\gpipc.dll
2012-08-18 22:39 - 2012-07-18 18:04 - 00471800 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrd.dll
2012-08-18 22:38 - 2012-11-14 19:35 - 00755744 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgen.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00052432 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgenrc.dll
2012-08-18 22:39 - 2012-07-18 18:04 - 00279248 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccupdate.dll
2012-08-18 22:39 - 2012-07-18 18:04 - 00031480 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccupdrc.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00128208 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cclic.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00012496 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cclicrc.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00231672 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmsg.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00011472 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmsgrc.dll
2012-08-18 22:38 - 2012-07-18 18:04 - 00016592 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmainrc.dll
2012-06-22 23:20 - 2011-04-17 02:57 - 00675712 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccL100U.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2012-06-22 23:20 - 2011-04-17 02:45 - 00085376 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccVrTrst.dll
2012-06-22 23:19 - 2011-06-01 18:16 - 00064936 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\EFACli.dll
2012-06-22 23:20 - 2011-04-17 02:45 - 00141184 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvc.dll
2012-06-22 23:20 - 2011-04-05 03:25 - 00389560 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\srtsp32.dll
2012-06-22 23:20 - 2011-04-17 02:45 - 00158592 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccIPC.dll
2012-06-22 23:19 - 2012-06-08 02:02 - 00368088 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\NPCTRAY.DLL
2012-06-22 23:20 - 2011-04-17 02:45 - 00268672 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSet.dll
2012-06-22 23:20 - 2012-06-08 02:02 - 00413144 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\ASHELPER.DLL
2012-06-22 23:20 - 2012-06-08 02:02 - 00413144 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\ASOEHOOK.DLL
2012-06-22 23:20 - 2012-06-08 02:02 - 00733656 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\isDataPr.dll
2012-06-22 23:20 - 2012-06-08 02:02 - 00386008 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\AVPAPP32.DLL
2012-06-22 23:20 - 2011-04-17 02:45 - 00387968 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\CCJOBMGR.DLL
2012-06-22 23:20 - 2012-01-06 18:51 - 00838088 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\CLTALDIS.DLL
2012-06-20 13:53 - 2012-02-08 13:21 - 01045432 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\MUI\18.7.0.13\07\01\cltRes.loc
2012-06-22 23:20 - 2012-06-08 02:02 - 00471512 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\AVIfc.dll
2012-06-22 23:20 - 2012-06-08 02:02 - 00573912 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\NPCStats.dll
2012-06-22 23:19 - 2011-03-02 23:24 - 02698680 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SYMHTML.DLL
2012-06-22 23:20 - 2012-06-08 02:02 - 00122328 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\hsui.dll
2012-06-22 23:20 - 2012-06-08 02:02 - 00292312 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\FWSESAL.DLL
2012-06-22 23:20 - 2012-06-07 14:46 - 00388064 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\CODATAPR.DLL
2012-06-22 23:19 - 2012-06-07 14:46 - 01207776 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\ACCTMGR.DLL
2012-06-22 23:20 - 2011-02-16 12:18 - 00338360 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\SDKCMN.DLL
2012-06-22 23:20 - 2012-01-06 18:51 - 00126920 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\CLTLMC.DLL
2012-06-22 23:20 - 2012-06-08 02:03 - 00650712 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.7.2.3\UIALERT.DLL
2012-06-22 23:20 - 2012-01-06 18:51 - 00151496 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltElPrv.dll
2012-06-22 23:20 - 2011-04-17 02:45 - 00291712 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccGEvt.dll
2012-06-22 23:20 - 2012-06-08 02:02 - 00110040 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\isPwd.dll
2012-06-22 23:20 - 2012-01-06 18:52 - 00137672 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltWzHlp.dll
2011-12-10 01:55 - 2010-12-04 18:25 - 00913848 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\CLT\cltLMSx.dll
2012-06-22 23:20 - 2012-01-06 18:51 - 00052680 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\cltRDUrl.dll
2012-06-22 23:20 - 2012-06-08 02:03 - 00518104 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\RuleUI.dll
2012-06-22 23:20 - 2011-04-01 03:47 - 00293304 ____R (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diStRptr.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/10/2013 06:57:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15631
Error: (09/10/2013 06:57:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15631
Error: (09/10/2013 06:57:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (09/10/2013 06:58:29 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (09/10/2013 06:57:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15631
Error: (09/10/2013 06:57:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15631
Error: (09/10/2013 06:57:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2013-01-12 23:00:17.752
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-01-12 23:00:17.602
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 63%
Total physical RAM: 1642.91 MB
Available physical RAM: 605.7 MB
Total Pagefile: 3285.81 MB
Available Pagefile: 1660.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:282.39 GB) (Free:228.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.41 GB) (Free:1.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 0EFD49B7)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=282 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End Of Log ============================
LG |
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!
Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner - Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
- Lade und starte
Eset Online Scanner - Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
- Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
- Klicke auf Starten.
- Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
- Klicke am Ende des Suchlaufs auf Fertig stellen.
- Schließe das Fenster von ESET.
- Explorer öffnen.
- C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
- Logfile hier posten.
- Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
- Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
|
| xxdannyx | 10.09.2013 20:49 |
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.09.10.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Danny :: DANNY-HP [Administrator]
Schutz: Aktiviert
10.09.2013 21:38:15
mbam-log-2013-09-10 (21-38-15).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 216425
Laufzeit: 9 Minute(n), 15 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
nichts böses gefunden ;) muss der eset noch? |
| xxdannyx | 11.09.2013 18:02 |
Code:
0000000003: 2013-09-11 19:00:04:249 Display: LOG is at your service!
Debug Called by: ATI.ACE.LOG.EXE.LogManager::Main processID:06596 threadID:(Main ) domainName:(LOG.exe ) assemblyName:(LOG, Version=3.5.4203.18344, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
Ist das das richtige?
Und ergänzend: Ich bekomme immer nach Avira meldungen mit TR/fakeadb.A' :( |
Falsches Log
Und solche Angaben von Avira hilft niemandem weiter du musst schon das Log posten! |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 21:30 Uhr. | |
Copyright ©2000-2025, Trojaner-Board
Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.
