Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Community Alerts + Babylon + Deltatoolbar entfernen (https://www.trojaner-board.de/150110-community-alerts-babylon-deltatoolbar-entfernen.html)

bammpi 21.02.2014 17:21
Community Alerts + Babylon + Deltatoolbar entfernen
 
Hallo
Ich habe seit einiger Zeit etwas Probleme mit meinem Rechner und deswegen mit Malwarebytes Antimalware mal einen Vollscan gemacht. Dabei hatte ich dann auch einige Funde. Wollte jetzt aber erstmal nichts auf eigene Faust unternehmenn und hoffe dass mir einer von euch bei der Entfernung helfen kann :)

Hier der MBAM Log:
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.21.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
 [Administrator]

21.02.2014 14:51:39
MBAM-log-2014-02-21 (17-01-23).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra |

HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 451550
Laufzeit: 1 Stunde(n), 28 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir

(PUP.Optional.Conduit) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\delta\delta\1.8.24.6\deltaApp.dll.vir (PUP.Optional.Delta)

-> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\delta\delta\1.8.24.6\deltaEng.dll.vir (PUP.Optional.Delta)

-> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\delta\delta\1.8.24.6\deltasrv.exe.vir (PUP.Optional.Delta)

-> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\delta\delta\1.8.24.6\deltaTlbr.dll.vir (PUP.Optional.Delta)

-> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\delta\delta\1.8.24.6\bh\delta.dll.vir (PUP.Optional.Delta)

-> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Users\JG\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir

(PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.

(Ende)

schrauber 21.02.2014 20:24
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


bammpi 22.02.2014 22:40
Hallo, vielen Dank für deine Hilfe und entschuldige bitte, dass ich mich jetzt erst melde; der Tag war leider ziemlich vollgepackt.

FRST.txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014 01
Ran by HW (administrator) on HW on 22-02-2014 22:23:41
Running from C:\Users\HW\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nalpeiron Ltd.) C:\windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\PreSonus\AudioBox\AudioBox.exe
(Evoluent) C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\HW\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform

\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates

Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08]

(Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA

\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager

\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-21]

(AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

[254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files

(x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [AudioBox VSL] - C:\Program Files\PreSonus

\AudioBox\AudioBox.exe [7591424 2012-05-24] ()
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: G - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {1f2c8d4b-9637-11e2-bea8-84a6c81a5184}

- "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {1f2c8d76-9637-11e2-bea8-84a6c81a5184}

- "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {cd707c88-5cba-11e2-be8e-84a6c81a5184}

- "F:\setup.exe"
AppInit_DLLs-x32: c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll => File Not Found
Startup: C:\Users\HW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\HW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com
SearchScopes: HKLM - DefaultScope {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?

q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q=

{searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q=

{searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKCU - DefaultScope {02AD5EBA-914C-4966-BD12-E97E305516F5} URL =
SearchScopes: HKCU - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software

\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell

\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft

Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software

\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft

Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell

\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell

\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files

(x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software

\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files

(x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files

(x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell

\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST

Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic

Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST

Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files

\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files

\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default
FF user.js: detected! => C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\user.js
FF Homepage: user_pref("browser.startup.homepage", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight

\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft

Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities

\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files

(x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files

(x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin

\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel

\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R)

Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin

\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin

\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight

\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

(Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

(Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM

\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\searchplugins

\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default

\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-06]

Chrome:
=======

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-21] (AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13]

(Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

[165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08]

()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel®

Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-21] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-29] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-21] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-21] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-18] (DT Soft Ltd)
S3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys [25144 2010-06-

23] (Evoluent)
R3 EvoMouseDriverMini; C:\Windows\system32\drivers\EvoMouseDriverMini.sys [22584 2010-06-23] ()
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20848 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 paeusbaudio; C:\Windows\System32\drivers\paeusbaudio_x64.sys [252280 2012-05-24] ()
S3 paeusbaudiodsp; C:\Windows\System32\drivers\paeusbaudiodsp_x64.sys [71544 2012-05-24] ()
S3 paeusbaudioks; C:\Windows\system32\DRIVERS\paeusbaudioks_x64.sys [53112 2012-05-24] ()
S3 SNP2UVC; \SystemRoot\system32\DRIVERS\snp2uvc.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-22 22:23 - 2014-02-22 22:23 - 00015989 _____ () C:\Users\HW\Desktop\FRST.txt
2014-02-22 22:23 - 2014-02-22 22:23 - 00000000 ____D () C:\FRST
2014-02-22 22:21 - 2014-02-22 22:21 - 02154496 _____ (Farbar) C:\Users\HW\Desktop\FRST64.exe
2014-02-22 11:58 - 2014-02-22 11:58 - 00000453 _____ () C:\windows\AutoKMS.log
2014-02-21 16:58 - 2014-02-21 16:58 - 01241888 _____ () C:\Users\HW\Desktop\adwcleaner_3.0.1.9.exe
2014-02-21 14:58 - 2014-02-22 11:14 - 00292411 _____ () C:\windows\WindowsUpdate.log
2014-02-21 14:43 - 2014-02-21 14:46 - 00000000 ____D () C:\Users\HW\Desktop\Neuer Ordner
2014-02-21 11:30 - 2014-02-21 11:30 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers

\aswStm.sys
2014-02-20 00:02 - 2014-02-20 00:03 - 00000000 ____D () C:\windows\rescache
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Nitro
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\FileOpen
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-19 00:36 - 2014-02-19 00:36 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-19 00:34 - 2014-02-19 00:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Downloaded

Installations
2014-02-18 17:56 - 2014-02-18 18:11 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-BMP-Format -

Voreinstellungen
2014-02-15 17:18 - 2014-02-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 22:27 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows

\system32\ie4uinit.exe
2014-02-12 22:27 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 22:27 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows

\system32\uxtheme.dll
2014-02-12 22:27 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-12 22:27 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows

\system32\msrating.dll
2014-02-12 22:27 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows

\system32\iernonce.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows

\SysWOW64\wininet.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows

\SysWOW64\ieframe.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows

\SysWOW64\msfeeds.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows

\SysWOW64\msrating.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iesysprep.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iesetup.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows

\SysWOW64\jsproxy.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iernonce.dll
2014-02-12 22:27 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 22:27 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows

\SysWOW64\uxtheme.dll
2014-02-12 22:27 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows

\system32\d3d10warp.dll
2014-02-12 22:27 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows

\SysWOW64\d3d10warp.dll
2014-02-12 22:27 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows

\SysWOW64\vbscript.dll
2014-02-12 22:27 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows

\system32\vbscript.dll
2014-02-12 22:27 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-12 22:27 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-12 22:27 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-12 22:27 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-12 22:27 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-12 22:27 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers

\hidclass.sys
2014-02-12 22:27 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 22:27 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-12 22:27 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers

\tcpip.sys
2014-02-12 22:26 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows

\system32\wininet.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows

\system32\ieframe.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows

\system32\jscript9.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows

\system32\iertutil.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows

\system32\jscript.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows

\system32\msfeeds.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows

\system32\iesysprep.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows

\system32\iesetup.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows

\system32\jsproxy.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows

\SysWOW64\jscript9.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iertutil.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows

\SysWOW64\jscript.dll
2014-02-12 22:26 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-04 00:36 - 2014-02-04 00:36 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-01 20:30 - 2014-02-01 20:30 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-GIF-Format -

Voreinstellungen

==================== One Month Modified Files and Folders =======

2014-02-22 22:23 - 2014-02-22 22:23 - 00015989 _____ () C:\Users\HW\Desktop\FRST.txt
2014-02-22 22:23 - 2014-02-22 22:23 - 00000000 ____D () C:\FRST
2014-02-22 22:21 - 2014-02-22 22:21 - 02154496 _____ (Farbar) C:\Users\HW\Desktop\FRST64.exe
2014-02-22 22:20 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-02-22 12:48 - 2013-09-15 22:09 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-22 11:58 - 2014-02-22 11:58 - 00000453 _____ () C:\windows\AutoKMS.log
2014-02-22 11:58 - 2012-12-24 18:05 - 00003470 _____ () C:\windows\System32\Tasks\AutoKMS
2014-02-22 11:14 - 2014-02-21 14:58 - 00292411 _____ () C:\windows\WindowsUpdate.log
2014-02-22 08:55 - 2012-12-24 18:27 - 00000000 ____D () C:\Users\HW\AppData\Local\Adobe
2014-02-21 23:22 - 2013-07-16 17:20 - 00000000 ____D () C:\Users\HW\Desktop\Planung
2014-02-21 23:08 - 2013-01-15 01:06 - 06509056 ___SH () C:\Users\HW\Desktop\Thumbs.db
2014-02-21 16:58 - 2014-02-21 16:58 - 01241888 _____ () C:\Users\HW\Desktop\adwcleaner_3.0.1.9.exe
2014-02-21 16:58 - 2012-12-24 18:14 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-02-21 16:57 - 2012-12-24 18:14 - 00000000 ____D () C:\ProgramData\Nero
2014-02-21 14:58 - 2012-08-28 13:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation

Information
2014-02-21 14:57 - 2012-08-28 13:33 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-21 14:49 - 2012-12-24 03:20 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-21 14:48 - 2013-09-15 22:09 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player

Updater
2014-02-21 14:48 - 2013-01-12 13:54 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-21 14:48 - 2012-12-24 03:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 14:46 - 2014-02-21 14:43 - 00000000 ____D () C:\Users\HW\Desktop\Neuer Ordner
2014-02-21 14:43 - 2013-05-31 14:19 - 00000000 ___RD () C:\Users\HW\Desktop\Dropbox
2014-02-21 14:43 - 2013-05-31 14:15 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Dropbox
2014-02-21 12:06 - 2012-12-24 03:24 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache

Files-S-1-5-21-1713619076-4280536991-235341648-1001
2014-02-21 11:55 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-21 11:53 - 2013-02-03 16:43 - 00000000 ____D () C:\Users\HW\AppData\Roaming\uTorrent
2014-02-21 11:35 - 2013-01-13 20:15 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Media Player Classic
2014-02-21 11:35 - 2013-01-12 15:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Winamp
2014-02-21 11:30 - 2014-02-21 11:30 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers

\aswStm.sys
2014-02-21 11:30 - 2013-03-10 09:53 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-21 11:30 - 2013-02-06 15:46 - 00421704 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-02-21 11:30 - 2013-02-06 15:46 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-21 11:30 - 2013-02-06 15:45 - 01038072 _____ (AVAST Software) C:\windows\system32\Drivers

\aswSnx.sys
2014-02-21 11:30 - 2013-02-06 15:45 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers

\aswMonFlt.sys
2014-02-21 11:30 - 2013-02-06 15:45 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-21 11:30 - 2013-01-11 01:17 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-02-21 11:29 - 2013-02-06 15:45 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-02-21 11:09 - 2012-08-03 16:12 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-02-21 11:09 - 2012-08-03 16:12 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-02-21 11:09 - 2012-07-26 08:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-21 11:05 - 2013-02-05 15:12 - 00003918 _____ () C:\windows\System32\Tasks

\User_Feed_Synchronization-{06BCBD27-4109-4442-8DCC-CF3CE5631EC2}
2014-02-20 00:03 - 2014-02-20 00:02 - 00000000 ____D () C:\windows\rescache
2014-02-19 15:27 - 2013-01-11 09:29 - 00005296 _____ () C:\Users\HW\Desktop\Neu.txt
2014-02-19 10:16 - 2013-01-11 00:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-19 10:15 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Nitro
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\FileOpen
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-19 00:36 - 2014-02-19 00:36 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-19 00:34 - 2014-02-19 00:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Downloaded

Installations
2014-02-18 18:11 - 2014-02-18 17:56 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-BMP-Format -

Voreinstellungen
2014-02-18 10:43 - 2013-08-07 10:50 - 00000000 ____D () C:\windows\system32\MRT
2014-02-18 10:41 - 2012-12-24 03:36 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2013-11-29 11:48 - 00694240 _____ (Adobe Systems Incorporated) C:\windows

\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-29 11:48 - 00078304 _____ (Adobe Systems Incorporated) C:\windows

\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 22:33 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-02-15 17:18 - 2014-02-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 16:46 - 2012-12-24 17:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-15 16:39 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini
2014-02-11 16:17 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-02-06 02:31 - 2013-01-12 14:00 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Defense
2014-02-04 00:36 - 2014-02-04 00:36 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-04 00:35 - 2013-07-17 00:54 - 00000000 ____D () C:\Users\HW\AppData\Roaming\vlc
2014-02-01 20:30 - 2014-02-01 20:30 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-GIF-Format -

Voreinstellungen
2014-02-01 10:20 - 2014-02-12 22:27 - 00051712 _____ (Microsoft Corporation) C:\windows

\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-12 22:27 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-12 22:27 - 00915968 _____ (Microsoft Corporation) C:\windows

\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-12 22:27 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-01 10:19 - 2014-02-12 22:26 - 02241536 _____ (Microsoft Corporation) C:\windows

\system32\wininet.dll
2014-02-01 10:18 - 2014-02-12 22:27 - 00197120 _____ (Microsoft Corporation) C:\windows

\system32\msrating.dll
2014-02-01 10:18 - 2014-02-12 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows

\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 15403520 _____ (Microsoft Corporation) C:\windows

\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 03960320 _____ (Microsoft Corporation) C:\windows

\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 02648576 _____ (Microsoft Corporation) C:\windows

\system32\iertutil.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00855552 _____ (Microsoft Corporation) C:\windows

\system32\jscript.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00603136 _____ (Microsoft Corporation) C:\windows

\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00136704 _____ (Microsoft Corporation) C:\windows

\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00067072 _____ (Microsoft Corporation) C:\windows

\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00053760 _____ (Microsoft Corporation) C:\windows

\system32\jsproxy.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 01767936 _____ (Microsoft Corporation) C:\windows

\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 13760512 _____ (Microsoft Corporation) C:\windows

\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00493056 _____ (Microsoft Corporation) C:\windows

\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00163840 _____ (Microsoft Corporation) C:\windows

\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00109056 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00061440 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows

\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00033280 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 02877952 _____ (Microsoft Corporation) C:\windows

\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 02049024 _____ (Microsoft Corporation) C:\windows

\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 00690688 _____ (Microsoft Corporation) C:\windows

\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-12 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-12 22:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-12 22:27 - 00534528 _____ (Microsoft Corporation) C:\windows

\SysWOW64\uxtheme.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 18:27

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2014 01
Ran by HW at 2014-02-22 22:24:31
Running from C:\Users\HW\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{629C521E-5C03-4A17-9851-F8313A41BB20}) (Version: 9.0.0.0 - Ableton)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
AllSync (HKLM-x32\...\AllSync_is1) (Version: 3.5.12 - Michael Thummerer Software Design)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
AudioBox version 1.2 (HKLM\...\{554BB593-3543-4AEB-A192-2AC87EC3FF31}_is1) (Version: 1.2 - PreSonus)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.0 - Nik Software, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3823EC5A-1CA4-42CA-9D5B-F94ABD65410D}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Evoluent Mouse Manager (HKLM\...\{0F8F4447-1F0B-4703-9BD5-53F0274CE856}) (Version: 4.0.0 - Evoluent)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.1.0.0 - FUJITSU LIMITED)
Fujitsu BIOS Driver (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
Google Earth (HKLM-x32\...\{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}) (Version: 7.0.1.8244 - Google)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}) (Version: 4.0.4 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team)
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Noise Reduction Plug-in 2.0 (HKLM-x32\...\{BF4742B0-7A7B-11E1-AFD0-F04DA23A5C58}) (Version: 2.0.471 - Sony)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke)
Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 2.0.0.0 - FUJITSU LIMITED) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Sound Forge Pro 10.0 (HKLM-x32\...\{B0E59B80-7A77-11E1-A6FE-F04DA23A5C58}) (Version: 10.0.503 - Sony)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs, LLC)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FF62F7C1-9491-457C-BBAE-DBC6FD1DB968}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{BA61259D-63F0-4177-A0E1-E4064EC2B470}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version:  - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System  (06/09/2012 1.23) (HKLM\...\7D737DCFBBA92B6A4335FA93E0B846D9D2DE908E) (Version: 06/09/2012 1.23 - FUJITSU LIMITED)
Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System  (06/22/2012 1.30.0.0) (HKLM\...\3DCA6835C7741E181396F76FD94C05C19F4124A9) (Version: 06/22/2012 1.30.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.0.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (Version: 1.0.0.0 - FUJITSU LIMITED) Hidden

==================== Restore Points  =========================

21-02-2014 10:28:38 avast! antivirus system restore point

==================== Hosts content: ==========================

2012-07-26 06:26 - 2014-02-21 14:46 - 00503682 ___RA C:\windows\system32\Drivers\etc\hosts
127.0.0.1        localhost
127.0.0.1        ___id___.c.mystat-in.net
127.0.0.1        0.datacollector.coin.scribol.com
127.0.0.1        0.r.msn.com
127.0.0.1        005.free-counter.co.uk
127.0.0.1        006.free-counter.co.uk
127.0.0.1        007.free-counter.co.uk
127.0.0.1        008.free-counter.co.uk
127.0.0.1        008.free-counters.co.uk
127.0.0.1        00fun.com
127.0.0.1        011707160008.c.mystat-in.net
127.0.0.1        032439.com
127.0.0.1        061606084448.c.mystat-in.net
127.0.0.1        064bdf.r.axf8.net
127.0.0.1        070806142521.c.mystat-in.net
127.0.0.1        090906042103.c.mystat-in.net
127.0.0.1        092706152958.c.mystat-in.net
127.0.0.1        0d7292.r.axf8.net
127.0.0.1        0f36f3.r.axf8.net
127.0.0.1        1.adbrite.com
127.0.0.1        1.datacollector.coin.scribol.com
127.0.0.1        1.googlenews.xorg.pl
127.0.0.1        1.hot-dances.com
127.0.0.1        1.marketbanker.com
127.0.0.1        1.ofsnetwork.com
127.0.0.1        1.oz-over.com
127.0.0.1        1.sharkadnetwork.com
127.0.0.1        100.mbn.com.ua
127.0.0.1        100.topnews.ru

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1F0BF170-BBC3-4904-9036-8AA037F4FE50} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3483C260-35C2-4692-BA69-535A53FC2C7E} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {47E7770C-276D-4C0D-9E89-2130464DA03A} - \EPUpdater No Task File
Task: {5245786E-B1EA-4B10-BF74-3AF37BA0DCBB} - \BrowserDefendert No Task File
Task: {61B526D4-F7FF-4338-808D-D1C547658896} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {71398B44-1B1E-4839-9213-45939D4FA6D5} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {79BA8219-8C36-457E-94AF-0AF69A73F895} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {A3BBEDDA-6B42-4DBF-8211-D9106F0E37E8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB4FAEAB-478E-48C2-99CD-91E3C3D3C7EC} - System32\Tasks\AdobeAAMUpdater-1.0-HW-HW => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CF6937D2-D695-4C96-BDD5-9181F4336E32} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-21] (AVAST Software)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FD7F8562-D29D-4EF1-9ECA-DC8688A9BD6C} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe [2013-07-23] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-10-08 16:04 - 2012-10-08 16:04 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-08-14 12:31 - 2012-08-07 08:14 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-06-07 12:27 - 2012-05-24 12:47 - 07591424 _____ () C:\Program Files\PreSonus\AudioBox\AudioBox.exe
2014-02-21 11:14 - 2014-02-21 09:33 - 02181120 _____ () C:\Program Files\AVAST Software\Avast\defs\14022100\algo.dll
2013-06-07 12:27 - 2012-05-22 11:07 - 00176128 _____ () C:\Program Files\PreSonus\AudioBox\paeusbaudioapi.dll
2013-11-29 16:29 - 2013-11-29 16:29 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\HW\AppData\Roaming\Dropbox\bin\libcef.dll
2012-08-28 13:12 - 2012-06-25 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-15 17:18 - 2014-02-15 17:18 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\HW\Desktop\One Piece Movie 10.mkv:com.dropbox.attributes
AlternateDataStreams: C:\Users\HW\AppData\Local\Temp:3dC0G7pdRH2Ga88pELltIX
AlternateDataStreams: C:\Users\HW\AppData\Local\Temp:40RM7MAF3hCNMCyk1wgG1eY4Bk83

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2014 01:11:04 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (02/18/2014 11:58:45 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Photoshop.exe, Version: 13.0.1.0, Zeitstempel: 0x5022da9d
Name des fehlerhaften Moduls: Photoshop.exe, Version: 13.0.1.0, Zeitstempel: 0x5022da9d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000134159b
ID des fehlerhaften Prozesses: 0xbc4
Startzeit der fehlerhaften Anwendung: 0xPhotoshop.exe0
Pfad der fehlerhaften Anwendung: Photoshop.exe1
Pfad des fehlerhaften Moduls: Photoshop.exe2
Berichtskennung: Photoshop.exe3
Vollständiger Name des fehlerhaften Pakets: Photoshop.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Photoshop.exe5

Error: (02/16/2014 07:48:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile  SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/16/2014 07:44:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile  SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/16/2014 07:07:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile  SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/15/2014 04:35:28 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (02/13/2014 02:47:55 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (02/11/2014 10:25:56 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (02/10/2014 05:45:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile  SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/09/2014 10:16:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2" in Zeile  SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition: SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (02/22/2014 10:08:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2835364)

Error: (02/22/2014 10:08:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2822241)

Error: (02/22/2014 10:05:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2785094)

Error: (02/22/2014 10:02:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2876415)

Error: (02/22/2014 09:31:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2835364)

Error: (02/22/2014 09:31:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2822241)

Error: (02/22/2014 09:30:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2785094)

Error: (02/22/2014 09:29:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2876415)

Error: (02/22/2014 09:09:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2835364)

Error: (02/22/2014 09:09:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2822241)


Microsoft Office Sessions:
=========================
Error: (02/19/2014 01:11:04 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (02/18/2014 11:58:45 PM) (Source: Application Error)(User: )
Description: Photoshop.exe13.0.1.05022da9dPhotoshop.exe13.0.1.05022da9dc0000005000000000134159bbc401cf2cf95a310083C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exeC:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe37a9a978-98f0-11e3-bee8-84a6c81a5184

Error: (02/16/2014 07:48:20 PM) (Source: SideBySide)(User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (02/16/2014 07:44:44 PM) (Source: SideBySide)(User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (02/16/2014 07:07:42 PM) (Source: SideBySide)(User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (02/15/2014 04:35:28 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (02/13/2014 02:47:55 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (02/11/2014 10:25:56 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (02/10/2014 05:45:31 PM) (Source: SideBySide)(User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (02/09/2014 10:16:17 AM) (Source: SideBySide)(User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3954.06 MB
Available physical RAM: 2394.33 MB
Total Pagefile: 4786.06 MB
Available Pagefile: 3090.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:75 GB) (Free:13.38 GB) NTFS
Drive d: (Ablage) (Fixed) (Total:606.51 GB) (Free:219.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: CC98CC98)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 23.02.2014 16:57
MBAM Funde löschen lassen. AdwCleaner vom Desktop löschen


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

bammpi 23.02.2014 20:33
Alles klar, hier die neuen Logs. Ich hoffe ich hab alles richtig gemacht.

AdwCleaner[S1].txt:
Code:
# AdwCleaner v3.019 - Bericht erstellt am 23/02/2014 um 19:53:27
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : HW - HW
# Gestartet von : C:\Users\HW\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Users\HW\AppData\Local\PackageAware
Datei Gelöscht : C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Softonic

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "ce681d1e0000000000002cd4449128de");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16028");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.26.814:40:00");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Zeile gelöscht : user_pref("iminent.LayoutId", "28");
Zeile gelöscht : user_pref("iminent.version", "7.43.4.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.43.4.1\",\"InstallEventCTime\":1384868413964,\"InstallEvent\":\"True\"}");

-\\ Google Chrome v

[ Datei : C:\Users\HW\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13145 octets] - [02/09/2013 22:52:03]
AdwCleaner[R1].txt - [3225 octets] - [23/02/2014 17:48:01]
AdwCleaner[R2].txt - [3285 octets] - [23/02/2014 19:52:23]
AdwCleaner[S0].txt - [12703 octets] - [02/09/2013 22:52:54]
AdwCleaner[S1].txt - [3155 octets] - [23/02/2014 19:53:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3215 octets] ##########
JRT.txt:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by HW on 23.02.2014 at 20:02:37,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1713619076-4280536991-235341648-1001\Software\sweetim



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\HW\AppData\Roaming\mozilla\firefox\profiles\f9hql90j.default\minidumps [32 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.02.2014 at 20:11:59,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 01
Ran by HW (administrator) on HW on 23-02-2014 20:24:29
Running from C:\Users\HW\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nalpeiron Ltd.) C:\windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files\PreSonus\AudioBox\AudioBox.exe
(Evoluent) C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
(Dropbox, Inc.) C:\Users\HW\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-21] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [AudioBox VSL] - C:\Program Files\PreSonus\AudioBox\AudioBox.exe [7591424 2012-10-09] ()
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: G - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {1f2c8d4b-9637-11e2-bea8-84a6c81a5184} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {1f2c8d76-9637-11e2-bea8-84a6c81a5184} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {cd707c88-5cba-11e2-be8e-84a6c81a5184} - "F:\setup.exe"
Startup: C:\Users\HW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\HW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com
SearchScopes: HKLM - DefaultScope {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKCU - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default
FF Homepage: user_pref("browser.startup.homepage", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-06]

Chrome:
=======

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-21] (AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-21] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-29] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-21] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-21] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-18] (DT Soft Ltd)
S3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys [25144 2010-06-23] (Evoluent)
R3 EvoMouseDriverMini; C:\Windows\system32\drivers\EvoMouseDriverMini.sys [22584 2010-06-23] ()
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20848 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 paeusbaudio; C:\Windows\System32\drivers\paeusbaudio_x64.sys [250728 2012-10-09] ()
S3 paeusbaudiodsp; C:\Windows\System32\drivers\paeusbaudiodsp_x64.sys [69992 2012-10-09] ()
S3 paeusbaudioks; C:\Windows\system32\DRIVERS\paeusbaudioks_x64.sys [51560 2012-10-09] ()
S3 SNP2UVC; \SystemRoot\system32\DRIVERS\snp2uvc.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-23 20:24 - 2014-02-23 20:24 - 00015572 _____ () C:\Users\HW\Desktop\FRST.txt
2014-02-23 20:23 - 2014-02-23 20:24 - 02155520 _____ (Farbar) C:\Users\HW\Desktop\FRST64.exe
2014-02-23 20:11 - 2014-02-23 20:20 - 00001157 _____ () C:\Users\HW\Desktop\JRT.txt
2014-02-23 20:02 - 2014-02-23 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-02-23 20:01 - 2014-02-23 20:01 - 01037734 _____ (Thisisu) C:\Users\HW\Desktop\JRT.exe
2014-02-23 19:55 - 2014-02-23 19:59 - 00003293 _____ () C:\Users\HW\Desktop\AdwCleaner[S1].txt
2014-02-23 19:51 - 2014-02-23 19:51 - 01241834 _____ () C:\Users\HW\Desktop\adwcleaner.exe
2014-02-23 19:47 - 2014-02-23 19:47 - 00002556 _____ () C:\windows\PFRO.log
2014-02-22 23:21 - 2014-02-22 23:21 - 04967024 _____ () C:\windows\system32\FNTCACHE.DAT
2014-02-22 23:18 - 2014-02-22 23:18 - 00000103 _____ () C:\windows\setupact.log
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 ____D () C:\Program Files\PreSonus
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:18 - 2012-10-09 12:06 - 00250728 _____ () C:\windows\system32\Drivers\paeusbaudio_x64.sys
2014-02-22 23:18 - 2012-10-09 12:06 - 00069992 _____ () C:\windows\system32\Drivers\paeusbaudiodsp_x64.sys
2014-02-22 23:18 - 2012-10-09 12:06 - 00051560 _____ () C:\windows\system32\Drivers\paeusbaudioks_x64.sys
2014-02-22 22:23 - 2014-02-23 20:22 - 00000000 ____D () C:\FRST
2014-02-22 11:58 - 2014-02-23 19:55 - 00001812 _____ () C:\windows\AutoKMS.log
2014-02-21 14:58 - 2014-02-23 19:47 - 00588308 _____ () C:\windows\WindowsUpdate.log
2014-02-21 14:43 - 2014-02-21 14:46 - 00000000 ____D () C:\Users\HW\Desktop\Neuer Ordner
2014-02-21 11:30 - 2014-02-21 11:30 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-20 00:02 - 2014-02-20 00:03 - 00000000 ____D () C:\windows\rescache
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Nitro
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\FileOpen
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-19 00:36 - 2014-02-19 00:36 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-19 00:34 - 2014-02-19 00:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Downloaded Installations
2014-02-18 17:56 - 2014-02-18 18:11 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2014-02-15 17:18 - 2014-02-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 22:27 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-12 22:27 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 22:27 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-12 22:27 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-12 22:27 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-12 22:27 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-12 22:27 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 22:27 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-12 22:27 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-12 22:27 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-12 22:27 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-12 22:27 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-12 22:27 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-12 22:27 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-12 22:27 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-12 22:27 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-12 22:27 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-12 22:27 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-12 22:27 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 22:27 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-12 22:27 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-12 22:26 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-12 22:26 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-04 00:36 - 2014-02-04 00:36 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-01 20:30 - 2014-02-01 20:30 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen

==================== One Month Modified Files and Folders =======

2014-02-23 20:24 - 2014-02-23 20:24 - 00015572 _____ () C:\Users\HW\Desktop\FRST.txt
2014-02-23 20:24 - 2014-02-23 20:23 - 02155520 _____ (Farbar) C:\Users\HW\Desktop\FRST64.exe
2014-02-23 20:24 - 2014-02-22 22:23 - 00000000 ____D () C:\FRST
2014-02-23 20:21 - 2013-01-11 09:29 - 00005296 _____ () C:\Users\HW\Desktop\Neu.txt
2014-02-23 20:20 - 2014-02-23 20:11 - 00001157 _____ () C:\Users\HW\Desktop\JRT.txt
2014-02-23 20:12 - 2012-12-24 03:24 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1713619076-4280536991-235341648-1001
2014-02-23 20:02 - 2014-02-23 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-02-23 20:01 - 2014-02-23 20:01 - 01037734 _____ (Thisisu) C:\Users\HW\Desktop\JRT.exe
2014-02-23 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-02-23 19:59 - 2014-02-23 19:55 - 00003293 _____ () C:\Users\HW\Desktop\AdwCleaner[S1].txt
2014-02-23 19:57 - 2013-05-31 14:19 - 00000000 ___RD () C:\Users\HW\Desktop\Dropbox
2014-02-23 19:57 - 2013-05-31 14:15 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Dropbox
2014-02-23 19:57 - 2013-02-06 15:45 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-23 19:55 - 2014-02-22 11:58 - 00001812 _____ () C:\windows\AutoKMS.log
2014-02-23 19:55 - 2012-12-24 18:05 - 00003468 _____ () C:\windows\System32\Tasks\AutoKMS
2014-02-23 19:54 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-23 19:53 - 2013-09-02 22:51 - 00000000 ____D () C:\AdwCleaner
2014-02-23 19:51 - 2014-02-23 19:51 - 01241834 _____ () C:\Users\HW\Desktop\adwcleaner.exe
2014-02-23 19:47 - 2014-02-23 19:47 - 00002556 _____ () C:\windows\PFRO.log
2014-02-23 19:47 - 2014-02-21 14:58 - 00588308 _____ () C:\windows\WindowsUpdate.log
2014-02-23 18:48 - 2013-09-15 22:09 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 17:25 - 2012-08-03 16:12 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-02-23 17:25 - 2012-08-03 16:12 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-02-23 17:25 - 2012-07-26 08:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-23 17:13 - 2013-01-15 01:06 - 06520832 ___SH () C:\Users\HW\Desktop\Thumbs.db
2014-02-23 09:53 - 2012-12-24 18:27 - 00000000 ____D () C:\Users\HW\AppData\Local\Adobe
2014-02-22 23:28 - 2013-02-05 15:12 - 00003918 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{06BCBD27-4109-4442-8DCC-CF3CE5631EC2}
2014-02-22 23:21 - 2014-02-22 23:21 - 04967024 _____ () C:\windows\system32\FNTCACHE.DAT
2014-02-22 23:18 - 2014-02-22 23:18 - 00000103 _____ () C:\windows\setupact.log
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 ____D () C:\Program Files\PreSonus
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:18 - 2013-06-07 12:26 - 00000717 _____ () C:\Users\Public\Desktop\AudioBox.lnk
2014-02-22 23:17 - 2013-01-12 15:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Winamp
2014-02-21 23:22 - 2013-07-16 17:20 - 00000000 ____D () C:\Users\HW\Desktop\Planung
2014-02-21 16:58 - 2012-12-24 18:14 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-02-21 16:57 - 2012-12-24 18:14 - 00000000 ____D () C:\ProgramData\Nero
2014-02-21 14:58 - 2012-08-28 13:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-21 14:57 - 2012-08-28 13:33 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-21 14:49 - 2012-12-24 03:20 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-21 14:48 - 2013-09-15 22:09 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:48 - 2013-01-12 13:54 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-21 14:48 - 2012-12-24 03:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 14:46 - 2014-02-21 14:43 - 00000000 ____D () C:\Users\HW\Desktop\Neuer Ordner
2014-02-21 11:53 - 2013-02-03 16:43 - 00000000 ____D () C:\Users\HW\AppData\Roaming\uTorrent
2014-02-21 11:35 - 2013-01-13 20:15 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Media Player Classic
2014-02-21 11:30 - 2014-02-21 11:30 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-21 11:30 - 2013-03-10 09:53 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-21 11:30 - 2013-02-06 15:46 - 00421704 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-02-21 11:30 - 2013-02-06 15:46 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-21 11:30 - 2013-02-06 15:45 - 01038072 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-02-21 11:30 - 2013-02-06 15:45 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-02-21 11:30 - 2013-01-11 01:17 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-02-21 11:29 - 2013-02-06 15:45 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-02-20 00:03 - 2014-02-20 00:02 - 00000000 ____D () C:\windows\rescache
2014-02-19 10:16 - 2013-01-11 00:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-19 10:15 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Nitro
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\FileOpen
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-19 00:36 - 2014-02-19 00:36 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-19 00:34 - 2014-02-19 00:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Downloaded Installations
2014-02-18 18:11 - 2014-02-18 17:56 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2014-02-18 10:43 - 2013-08-07 10:50 - 00000000 ____D () C:\windows\system32\MRT
2014-02-18 10:41 - 2012-12-24 03:36 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2013-11-29 11:48 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-29 11:48 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 22:33 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-02-15 17:18 - 2014-02-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 16:46 - 2012-12-24 17:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-15 16:39 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini
2014-02-11 16:17 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-02-06 02:31 - 2013-01-12 14:00 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defense
2014-02-04 00:36 - 2014-02-04 00:36 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-04 00:35 - 2013-07-17 00:54 - 00000000 ____D () C:\Users\HW\AppData\Roaming\vlc
2014-02-01 20:30 - 2014-02-01 20:30 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2014-02-01 10:20 - 2014-02-12 22:27 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-12 22:27 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-12 22:27 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-12 22:27 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-01 10:19 - 2014-02-12 22:26 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-01 10:18 - 2014-02-12 22:27 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-12 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-12 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-12 22:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-12 22:27 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll

Some content of TEMP:
====================
C:\Users\HW\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 18:27

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 24.02.2014 18:31

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

bammpi 25.02.2014 23:19
Bislang sind keine Probleme mehr aufgetreten :)

Eset Log
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d23389472d6e3244b042f13ae033b3c0
# engine=17208
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-24 11:11:46
# local_time=2014-02-25 12:11:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 85 77 304736 308523 0 0
# compatibility_mode=5893 16776574 100 94 16694872 52789617 0 0
# scanned=120725
# found=1
# cleaned=0
# scan_time=4230
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d23389472d6e3244b042f13ae033b3c0
# engine=17217
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-25 04:21:25
# local_time=2014-02-25 05:21:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 85 77 370115 370302 0 0
# compatibility_mode=5893 16776574 100 94 16756651 52851396 0 0
# scanned=330823
# found=1
# cleaned=0
# scan_time=9285
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
Security Check
Code:
Results of screen317's Security Check version 0.99.79 
  x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
avast! Antivirus 
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 45 
 Java version out of Date!
 Adobe Flash Player        12.0.0.70 
 Mozilla Firefox (27.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST.txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014 01
Ran by HW (administrator) on HW on 25-02-2014 23:09:22
Running from C:\Users\HW\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nalpeiron Ltd.) C:\windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\PreSonus\AudioBox\AudioBox.exe
(Evoluent) C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\HW\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-21] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\Run: [AudioBox VSL] - C:\Program Files\PreSonus\AudioBox\AudioBox.exe [7591424 2012-10-09] ()
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: G - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {1f2c8d4b-9637-11e2-bea8-84a6c81a5184} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {1f2c8d76-9637-11e2-bea8-84a6c81a5184} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1713619076-4280536991-235341648-1001\...\MountPoints2: {cd707c88-5cba-11e2-be8e-84a6c81a5184} - "F:\setup.exe"
Startup: C:\Users\HW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\HW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com
SearchScopes: HKLM - DefaultScope {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKCU - {02AD5EBA-914C-4966-BD12-E97E305516F5} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default
FF Homepage: user_pref("browser.startup.homepage", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\HW\AppData\Roaming\Mozilla\Firefox\Profiles\f9hql90j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-06]

Chrome:
=======

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-21] (AVAST Software)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-21] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-29] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-21] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-21] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-18] (DT Soft Ltd)
S3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys [25144 2010-06-23] (Evoluent)
R3 EvoMouseDriverMini; C:\Windows\system32\drivers\EvoMouseDriverMini.sys [22584 2010-06-23] ()
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20848 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 paeusbaudio; C:\Windows\System32\drivers\paeusbaudio_x64.sys [250728 2012-10-09] ()
S3 paeusbaudiodsp; C:\Windows\System32\drivers\paeusbaudiodsp_x64.sys [69992 2012-10-09] ()
S3 paeusbaudioks; C:\Windows\system32\DRIVERS\paeusbaudioks_x64.sys [51560 2012-10-09] ()
S3 SNP2UVC; \SystemRoot\system32\DRIVERS\snp2uvc.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-25 23:09 - 2014-02-25 23:09 - 00015597 _____ () C:\Users\HW\Desktop\FRST.txt
2014-02-25 23:08 - 2014-02-25 23:08 - 02156032 _____ (Farbar) C:\Users\HW\Desktop\FRST64.exe
2014-02-25 23:03 - 2014-02-25 23:03 - 00000919 _____ () C:\Users\HW\Desktop\checkup.txt
2014-02-23 20:02 - 2014-02-23 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-02-23 19:47 - 2014-02-23 19:47 - 00002556 _____ () C:\windows\PFRO.log
2014-02-22 23:21 - 2014-02-22 23:21 - 04967024 _____ () C:\windows\system32\FNTCACHE.DAT
2014-02-22 23:18 - 2014-02-22 23:18 - 00000103 _____ () C:\windows\setupact.log
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 ____D () C:\Program Files\PreSonus
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:18 - 2012-10-09 12:06 - 00250728 _____ () C:\windows\system32\Drivers\paeusbaudio_x64.sys
2014-02-22 23:18 - 2012-10-09 12:06 - 00069992 _____ () C:\windows\system32\Drivers\paeusbaudiodsp_x64.sys
2014-02-22 23:18 - 2012-10-09 12:06 - 00051560 _____ () C:\windows\system32\Drivers\paeusbaudioks_x64.sys
2014-02-22 22:23 - 2014-02-23 20:25 - 00000000 ____D () C:\FRST
2014-02-22 11:58 - 2014-02-25 19:56 - 00002718 _____ () C:\windows\AutoKMS.log
2014-02-21 14:58 - 2014-02-25 17:44 - 00954416 _____ () C:\windows\WindowsUpdate.log
2014-02-21 14:43 - 2014-02-21 14:46 - 00000000 ____D () C:\Users\HW\Desktop\Neuer Ordner
2014-02-21 11:30 - 2014-02-21 11:30 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-20 00:02 - 2014-02-20 00:03 - 00000000 ____D () C:\windows\rescache
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Nitro
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\FileOpen
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-19 00:36 - 2014-02-19 00:36 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-19 00:34 - 2014-02-19 00:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Downloaded Installations
2014-02-18 17:56 - 2014-02-18 18:11 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2014-02-15 17:18 - 2014-02-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 22:27 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-12 22:27 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 22:27 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-12 22:27 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-12 22:27 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-12 22:27 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 22:27 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-12 22:27 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-12 22:27 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 22:27 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-12 22:27 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-12 22:27 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-12 22:27 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-12 22:27 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-12 22:27 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-12 22:27 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-12 22:27 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-12 22:27 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-12 22:27 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-12 22:27 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-12 22:27 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 22:27 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-12 22:27 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-12 22:26 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-12 22:26 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-12 22:26 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-12 22:26 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-04 00:36 - 2014-02-04 00:36 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-01 20:30 - 2014-02-01 20:30 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen

==================== One Month Modified Files and Folders =======

2014-02-25 23:09 - 2014-02-25 23:09 - 00015597 _____ () C:\Users\HW\Desktop\FRST.txt
2014-02-25 23:09 - 2014-02-22 22:23 - 00000000 ____D () C:\FRST
2014-02-25 23:08 - 2014-02-25 23:08 - 02156032 _____ (Farbar) C:\Users\HW\Desktop\FRST64.exe
2014-02-25 23:03 - 2014-02-25 23:03 - 00000919 _____ () C:\Users\HW\Desktop\checkup.txt
2014-02-25 23:02 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-02-25 22:53 - 2013-01-11 09:29 - 00005566 _____ () C:\Users\HW\Desktop\Neu.txt
2014-02-25 22:48 - 2013-09-15 22:09 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-25 19:56 - 2014-02-22 11:58 - 00002718 _____ () C:\windows\AutoKMS.log
2014-02-25 19:56 - 2012-12-24 18:05 - 00003466 _____ () C:\windows\System32\Tasks\AutoKMS
2014-02-25 17:44 - 2014-02-21 14:58 - 00954416 _____ () C:\windows\WindowsUpdate.log
2014-02-25 14:47 - 2012-08-03 16:12 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-02-25 14:47 - 2012-08-03 16:12 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-02-25 14:47 - 2012-07-26 08:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-25 13:50 - 2013-05-31 14:19 - 00000000 ___RD () C:\Users\HW\Desktop\Dropbox
2014-02-25 13:50 - 2013-05-31 14:15 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Dropbox
2014-02-25 13:46 - 2013-07-16 17:20 - 00000000 ____D () C:\Users\HW\Desktop\Planung
2014-02-25 13:05 - 2012-12-24 03:24 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1713619076-4280536991-235341648-1001
2014-02-25 12:56 - 2012-12-24 18:27 - 00000000 ____D () C:\Users\HW\AppData\Local\Adobe
2014-02-24 16:18 - 2013-02-06 15:45 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-24 00:57 - 2013-02-05 15:12 - 00003918 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{06BCBD27-4109-4442-8DCC-CF3CE5631EC2}
2014-02-23 20:02 - 2014-02-23 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-02-23 19:54 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-23 19:53 - 2013-09-02 22:51 - 00000000 ____D () C:\AdwCleaner
2014-02-23 19:47 - 2014-02-23 19:47 - 00002556 _____ () C:\windows\PFRO.log
2014-02-23 17:13 - 2013-01-15 01:06 - 06520832 ___SH () C:\Users\HW\Desktop\Thumbs.db
2014-02-22 23:21 - 2014-02-22 23:21 - 04967024 _____ () C:\windows\system32\FNTCACHE.DAT
2014-02-22 23:18 - 2014-02-22 23:18 - 00000103 _____ () C:\windows\setupact.log
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 ____D () C:\Program Files\PreSonus
2014-02-22 23:18 - 2014-02-22 23:18 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:18 - 2013-06-07 12:26 - 00000717 _____ () C:\Users\Public\Desktop\AudioBox.lnk
2014-02-22 23:17 - 2013-01-12 15:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Winamp
2014-02-21 16:58 - 2012-12-24 18:14 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-02-21 16:57 - 2012-12-24 18:14 - 00000000 ____D () C:\ProgramData\Nero
2014-02-21 14:58 - 2012-08-28 13:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-21 14:57 - 2012-08-28 13:33 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-21 14:49 - 2012-12-24 03:20 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-21 14:48 - 2013-09-15 22:09 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:48 - 2013-01-12 13:54 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-21 14:48 - 2012-12-24 03:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 14:46 - 2014-02-21 14:43 - 00000000 ____D () C:\Users\HW\Desktop\Neuer Ordner
2014-02-21 11:53 - 2013-02-03 16:43 - 00000000 ____D () C:\Users\HW\AppData\Roaming\uTorrent
2014-02-21 11:35 - 2013-01-13 20:15 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Media Player Classic
2014-02-21 11:30 - 2014-02-21 11:30 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-21 11:30 - 2013-03-10 09:53 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-21 11:30 - 2013-02-06 15:46 - 00421704 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-02-21 11:30 - 2013-02-06 15:46 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-21 11:30 - 2013-02-06 15:45 - 01038072 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-02-21 11:30 - 2013-02-06 15:45 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-02-21 11:30 - 2013-01-11 01:17 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-02-21 11:29 - 2013-02-06 15:45 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-02-20 00:03 - 2014-02-20 00:02 - 00000000 ____D () C:\windows\rescache
2014-02-19 10:16 - 2013-01-11 00:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-19 10:15 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Nitro
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\Users\HW\AppData\Roaming\FileOpen
2014-02-19 00:38 - 2014-02-19 00:38 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-19 00:36 - 2014-02-19 00:36 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-19 00:34 - 2014-02-19 00:34 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Downloaded Installations
2014-02-18 18:11 - 2014-02-18 17:56 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2014-02-18 10:43 - 2013-08-07 10:50 - 00000000 ____D () C:\windows\system32\MRT
2014-02-18 10:41 - 2012-12-24 03:36 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2013-11-29 11:48 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-29 11:48 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 22:33 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-02-15 17:18 - 2014-02-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 16:46 - 2012-12-24 17:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-15 16:39 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini
2014-02-11 16:17 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-02-06 02:31 - 2013-01-12 14:00 - 00000000 ____D () C:\Users\HW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defense
2014-02-04 00:36 - 2014-02-04 00:36 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-04 00:35 - 2013-07-17 00:54 - 00000000 ____D () C:\Users\HW\AppData\Roaming\vlc
2014-02-01 20:30 - 2014-02-01 20:30 - 00000132 _____ () C:\Users\HW\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2014-02-01 10:20 - 2014-02-12 22:27 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-12 22:27 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-12 22:27 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-12 22:27 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-01 10:19 - 2014-02-12 22:26 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-01 10:18 - 2014-02-12 22:27 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-12 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-12 22:26 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-12 22:27 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-12 22:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-12 22:26 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-12 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-12 22:26 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-12 22:27 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll

Some content of TEMP:
====================
C:\Users\HW\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 18:27

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 26.02.2014 16:35
Java updaten.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

bammpi 27.02.2014 01:36
Vielen herzlichen Dank! :) Find ich ganz toll, dass ihr immer so hilfsbereit seid.

schrauber 27.02.2014 18:40
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131