Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Firefox stürzt ständig ab/System voll mit Malware (https://www.trojaner-board.de/152349-firefox-stuerzt-staendig-ab-system-voll-malware.html)

pc-idiot 11.04.2014 06:48
Firefox stürzt ständig ab/System voll mit Malware
 
Hallo,

folgendes Problem:

Seit 2 tagen stürzt mein Firefox Browser ohne erkennbaren ständig ab.

Ferner hab ich festgestellt, dass beim Anzeigen von Webseiten ständig Werbung platziert wurde und irgendwelche Banner aufpoppten oder ganze Seiten neu aufgingen.
Bei den Add ons gab es irgendein Shopping Tool, was sich erst nicht löschen ließ, jetzt aber verschwunden zu sein scheint (allein ich glaub nicht dran). Die Werbebanner sind aber noch da.

Das System ist langsam und insbesondere beim surfen hängt es ständig.

Ich habe eine Kaufversion von Avast Internet Security installiert, die nichts angezeigt hat. Ich habe den Suchlauf aber bisher nicht gestartet (dauert ewig).

Stattdessen habe ich mit CCleaner und mit Malwarebytes gearbeitet. Ohne erkennbaren Erfolg. Dann habe ich mir Spyhunter runtergeladen, das System gescannt. Dieses Programm hat jede Menge Malware gefunden. Erst nach dem Suchlauf habe ich entdeckt, dass es sich bei diesem Programm selbst um einen Schädling handelt.

Also wie bekomme ich meinen Laptop wieder sauber und diese ganze Malware runter?

Für entsprechende Hilfe wäre ich sehr dankbar!

LG

schrauber 11.04.2014 06:58
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


pc-idiot 12.04.2014 15:19
FRST:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by Martin (administrator) on MARTIN-PC on 11-04-2014 08:39:45
Running from C:\Users\Martin\Documents\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(TODO: <公司名稱>) C:\Program Files\OEM\OSD_1.12\OsdService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(délaçais) C:\Users\Martin\AppData\Local\Genesis\Genesis.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [fsc-reg] - C:\ProgramData\fsc-reg\fscreg.exe [381200 2008-05-29] (Fujitsu Siemens)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
AppInit_DLLs: c:\progra~1\amazon\amazon~1\\amazon~1.dll => c:\progra~1\amazon\amazon~1\\amazon~1.dll File Not Found
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk
ShortcutTarget: genesis.lnk -> C:\Users\Martin\AppData\Local\Genesis\Genesis.exe (délaçais)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dip5cxyu.default-1391602220364
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.1: Amazon
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_8013d9c514a841419eaebb6cba155fb0_39_1007_20140217_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.UtilityChest_49.com/Plugin - C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-22]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-02-17]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (registryAccess) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodiijipkjcmlclfmdmcoakmloobh\7.14.1.0_0\background/registryAccess.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (downloadUpdater) - C:\Program Files\Mozilla Firefox\plugins\npdnu.dll No File
CHR Plugin: (downloadUpdater2) - C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (HTTPS Everywhere) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-01-23]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-23]
CHR Extension: (avast! Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-06]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-28] (AVAST Software)
S2 gupdate1c9b622bf6eb280; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-05] (Google Inc.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OsdService; C:\Program Files\OEM\OSD_1.12\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [69632 2008-05-13] (Ralink Technology, Corp.)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)

==================== Drivers (Whitelisted) ====================

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-28] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-28] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-28] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2007-11-21] ()
R3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
S3 s716bus; C:\Windows\System32\DRIVERS\s716bus.sys [83208 2007-06-28] (MCCI Corporation)
S3 s716mdfl; C:\Windows\System32\DRIVERS\s716mdfl.sys [15112 2007-06-28] (MCCI Corporation)
S3 s716mdm; C:\Windows\System32\DRIVERS\s716mdm.sys [108552 2007-06-28] (MCCI Corporation)
S3 s716obex; C:\Windows\System32\DRIVERS\s716obex.sys [98568 2007-06-28] (MCCI Corporation)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [51984 2011-02-22] (PC Tools)
S3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [33552 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [69392 2011-02-22] (PC Tools)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-11 08:39 - 2014-04-11 08:39 - 00000000 ____D () C:\FRST
2014-04-11 07:23 - 2014-04-11 07:23 - 00000000 ____D () C:\Users\Martin\Documents\Simply Super Software
2014-04-11 07:22 - 2014-04-10 22:20 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:42 - 2014-04-11 07:18 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 21:53 - 2014-04-11 07:40 - 00047082 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 21:49 - 2014-04-11 07:33 - 00052902 _____ () C:\Windows\PFRO.log
2014-04-10 21:44 - 2014-04-11 07:31 - 00000000 ____D () C:\AdwCleaner
2014-04-10 21:41 - 2014-04-10 21:41 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-09 20:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 20:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 20:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 20:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 20:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 20:06 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 20:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 20:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 20:05 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 20:05 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 20:05 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 20:05 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 20:05 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 20:05 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 20:05 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 20:05 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 12:53 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 09:22 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-09 09:22 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-09 09:22 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-09 09:22 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-09 09:20 - 2014-04-09 09:22 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-08 21:41 - 2014-04-11 08:40 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-04-06 13:20 - 2014-04-06 13:20 - 00374272 _____ () C:\Users\Martin\Desktop\Jahrbuch_2013_-_SJ_2013-2014.xls
2014-03-29 12:05 - 2014-04-10 21:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa
2014-03-17 12:08 - 2014-02-07 12:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-17 12:08 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-17 12:08 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-17 12:08 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-11 08:40 - 2014-04-08 21:41 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-04-11 08:39 - 2014-04-11 08:39 - 00000000 ____D () C:\FRST
2014-04-11 08:39 - 2009-07-21 13:31 - 00000398 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job
2014-04-11 08:36 - 2012-09-30 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-11 08:26 - 2009-07-02 19:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 08:18 - 2012-05-01 18:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 07:56 - 2010-11-02 12:57 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2014-04-11 07:52 - 2008-10-06 16:08 - 00225280 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-11 07:40 - 2014-04-10 21:53 - 00047082 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 07:36 - 2013-01-10 21:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-11 07:36 - 2009-07-02 19:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-11 07:36 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.dat
2014-04-11 07:36 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.001
2014-04-11 07:33 - 2014-04-10 21:49 - 00052902 _____ () C:\Windows\PFRO.log
2014-04-11 07:33 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 07:33 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 07:33 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 07:32 - 2006-11-02 15:01 - 00001520 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-11 07:31 - 2014-04-10 21:44 - 00000000 ____D () C:\AdwCleaner
2014-04-11 07:23 - 2014-04-11 07:23 - 00000000 ____D () C:\Users\Martin\Documents\Simply Super Software
2014-04-11 07:18 - 2014-04-10 22:42 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 23:42 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:20 - 2014-04-11 07:22 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2012-03-10 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 21:49 - 2012-05-05 12:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-10 21:46 - 2013-01-22 16:42 - 00001033 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-10 21:46 - 2009-03-04 01:28 - 00000000 ____D () C:\Users\Martin\Desktop\Diss
2014-04-10 21:41 - 2014-04-10 21:41 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-10 21:41 - 2014-03-29 12:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-10 21:07 - 2008-07-03 15:25 - 00000000 ____D () C:\Windows\Panther
2014-04-10 17:50 - 2006-11-02 14:47 - 00370072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-10 09:06 - 2008-10-06 15:48 - 00103568 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 20:05 - 2013-08-14 20:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:01 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 14:00 - 2008-01-21 09:16 - 00006606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 09:22 - 2014-04-09 09:20 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-09 09:22 - 2008-10-07 12:25 - 00000000 ____D () C:\Program Files\Java
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-07 21:32 - 2013-04-24 09:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spotify
2014-04-07 19:08 - 2013-04-24 09:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\Spotify
2014-04-06 13:20 - 2014-04-06 13:20 - 00374272 _____ () C:\Users\Martin\Desktop\Jahrbuch_2013_-_SJ_2013-2014.xls
2014-04-03 09:51 - 2014-04-10 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2009-10-03 10:08 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-28 13:52 - 2013-03-06 10:26 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-28 13:52 - 2013-03-06 10:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-28 13:52 - 2012-03-08 21:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-28 13:51 - 2014-02-03 11:02 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-03-28 13:51 - 2013-03-25 10:31 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa
2014-03-18 14:55 - 2009-11-25 15:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 10:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-03-18 10:19 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-17 13:18 - 2012-05-01 18:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-17 13:18 - 2011-09-05 10:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\Quarantine.exe
C:\Users\Martin\AppData\Local\temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-11 07:42

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


AdditionFRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Martin at 2014-04-11 08:41:37
Running from C:\Users\Martin\Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Genesis (HKCU\...\genesis) (Version:  - )
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)

==================== Restore Points  =========================

09-04-2014 07:07:12 Removed Shopping Helper Smartbar
09-04-2014 07:17:24 Installed Java 7 Update 51
09-04-2014 07:46:24 Windows Live Call wird entfernt
09-04-2014 07:49:35 Removed Shopping Helper Smartbar
09-04-2014 07:54:49 Removed Shopping Helper Smartbar
09-04-2014 18:00:22 Windows Update
10-04-2014 07:11:26 Removed Shopping Helper Smartbar
10-04-2014 10:36:16 Removed Shopping Helper Smartbar
10-04-2014 19:01:35 „Shopping Helper Smartbar“ jetzt mit Total Uninstall deinstallieren
10-04-2014 19:02:06 Removed Shopping Helper Smartbar
10-04-2014 19:06:20 „Shopping Helper Smartbar“ jetzt mit Total Uninstall deinstallieren
10-04-2014 20:42:24 Installed SpyHunter
11-04-2014 05:17:08 Removed SpyHunter

==================== Hosts content: ==========================

2006-11-02 12:23 - 2013-01-10 17:42 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1C72CD8E-0236-4394-9A3F-669065EFB29B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {47897B13-D344-48DB-BB66-752AD747D308} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {616F1AF5-A5E7-4D10-9184-F3A20D88937B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-28] (AVAST Software)
Task: {61C21370-C395-4485-8741-0024F5CF4D16} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {68D25620-A461-43B0-AD2E-6CA9BD926759} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-05] (Google Inc.)
Task: {763BC915-6359-42CE-9B15-C3ADD2926C16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-05] (Google Inc.)
Task: {8F9701E7-A59A-4957-A507-53FA6DA34CCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-17] (Adobe Systems Incorporated)
Task: {9C2757B0-757F-457D-B938-30FE5EB5F48A} - System32\Tasks\{F7578855-42A6-4B46-87FF-0462B47D86C2} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {9D2F2EAA-0636-45D9-BF7A-353CB7616582} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C7888E91-9388-45F2-9071-F569FF30BDA3} - System32\Tasks\Microsoft\Windows\RestartManager\{5111FF7E-8300-4057-8406-49335B54E634} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {C9CDC831-091B-4159-9437-B88600B9C9D5} - System32\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}
Task: {D9C3849E-809D-48C2-8CF7-DE5550D8E349} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {DA4DAB99-93E9-418A-8ADB-1256D023285F} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F105FB34-3F2E-4161-AD75-2447FF0C7881} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {FB6F00A5-6F3A-4ABE-B152-BD465F1BF010} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Martin => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {FDB1B7BC-7284-472F-8F49-7F8AFC855965} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2014-04-10 20:55 - 2014-04-10 20:55 - 02193408 _____ () C:\Program Files\AVAST Software\Avast\defs\14041001\algo.dll
2009-05-14 13:09 - 2005-10-30 15:24 - 00081920 _____ () C:\Windows\System32\cpwmon2k.dll
2008-10-07 11:07 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-02-03 11:15 - 2014-02-03 11:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-17 12:28 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-17 12:28 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-17 12:28 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-17 12:28 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-17 12:28 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
2014-04-10 21:41 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-03-17 13:18 - 2014-03-17 13:18 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR162 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR210 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR250 => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Martin\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: FSCRecovery => c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: PMBVolumeWatcher => "C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
MSCONFIG\startupreg: sidebar.exe => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spotify => "C:\Users\Martin\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2014 07:37:58 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 28.0.0.5186, Zeitstempel 0x53240e37, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000374, Fehleroffset 0x000b06fc,
Prozess-ID 0x498, Anwendungsstartzeit firefox.exe0.

Error: (04/11/2014 07:34:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2014 01:38:19 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 28.0.0.5186, Zeitstempel 0x53240e37, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x10003a34,
Prozess-ID 0x12ec, Anwendungsstartzeit firefox.exe0.

Error: (04/10/2014 11:56:43 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 28.0.0.5186, Zeitstempel 0x53240e37, fehlerhaftes Modul xul.dll, Version 28.0.0.5186, Zeitstempel 0x53240e04, Ausnahmecode 0xc0000005, Fehleroffset 0x00184729,
Prozess-ID 0x12bc, Anwendungsstartzeit firefox.exe0.

Error: (04/10/2014 11:45:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2014 10:02:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\7> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\7> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\6> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\6> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (04/11/2014 07:37:58 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.0.6002.1888151da3e27c0000374000b06fc49801cf554800cab2de

Error: (04/11/2014 07:34:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2014 01:38:19 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37unknown0.0.0.000000000c000000510003a3412ec01cf550a0c8dd3d7

Error: (04/10/2014 11:56:43 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c00000050018472912bc01cf5507a63df127

Error: (04/10/2014 11:45:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2014 10:02:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\7

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\7

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\6

Error: (04/10/2014 09:54:59 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\DIP5CXYU.DEFAULT-1391602220364\CACHE\6


CodeIntegrity Errors:
===================================
  Date: 2014-04-11 08:41:16.778
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:16.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:15.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:14.999
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:14.582
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:14.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:13.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:41:13.215
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 08:36:57.729
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-11 07:35:57.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 64%
Total physical RAM: 3065.74 MB
Available physical RAM: 1103.38 MB
Total Pagefile: 6332.45 MB
Available Pagefile: 4161.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.98 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:94.16 GB) (Free:4.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:195.14 GB) (Free:0.88 GB) NTFS
Drive e: (ST2013) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 219045B7)
Partition 1: (Not Active) - (Size=9 GB) - (Type=27)
Partition 2: (Active) - (Size=94 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Wie geht es weiter?

manche seiten lassen sich heute nun gar nicht mehr öffnen. es läd und läd aber nix passiert

hey schrauber ... wo bist du?

schrauber 13.04.2014 16:52
man sollte mal in meine Signatur schauen.





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

pc-idiot 13.04.2014 19:30
Code:
ComboFix 14-04-12.01 - Martin 13.04.2014  19:07:23.2.2 - x86
  6.0.6002.2.1252.49.1031.18.3066.1552 [GMT 2:00]
ausgeführt von:: c:\users\Martin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-03-13 bis 2014-04-13  ))))))))))))))))))))))))))))))
.
.
2014-04-13 17:28 . 2014-04-13 17:28        --------        d-----w-        c:\users\Public\AppData\Local\temp
2014-04-13 17:28 . 2014-04-13 17:28        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-04-13 07:07 . 2014-04-13 07:07        62576        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{057D3077-6CAC-496C-B447-CA5637C55593}\offreg.dll
2014-04-12 05:41 . 2014-03-07 04:35        7969936        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{057D3077-6CAC-496C-B447-CA5637C55593}\mpengine.dll
2014-04-11 06:39 . 2014-04-11 06:44        --------        d-----w-        C:\FRST
2014-04-10 20:46 . 2014-04-10 20:46        --------        d-----w-        c:\program files\Enigma Software Group
2014-04-10 20:42 . 2014-04-11 05:18        --------        d-----w-        c:\windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 20:41 . 2014-04-10 20:41        --------        d-----w-        c:\program files\Common Files\Wise Installation Wizard
2014-04-10 20:08 . 2014-04-10 20:08        --------        d-----w-        c:\program files\Malwarebytes Anti-Malware
2014-04-10 20:08 . 2014-04-03 07:51        51416        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-04-10 20:08 . 2014-04-03 07:51        73432        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-04-10 20:08 . 2014-04-03 07:50        23256        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-04-10 19:44 . 2014-04-11 05:31        --------        d-----w-        C:\AdwCleaner
2014-04-09 18:05 . 2014-03-07 23:12        1806848        ----a-w-        c:\windows\system32\jscript9.dll
2014-04-09 18:05 . 2014-03-08 00:04        757488        ----a-w-        c:\program files\Internet Explorer\iexplore.exe
2014-04-09 18:05 . 2014-03-07 23:03        387584        ----a-w-        c:\program files\Internet Explorer\jsdbgui.dll
2014-04-09 18:05 . 2014-03-07 23:03        104448        ----a-w-        c:\program files\Internet Explorer\jsdebuggeride.dll
2014-04-09 18:05 . 2014-03-07 23:04        678912        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll
2014-04-09 18:05 . 2014-03-07 23:02        1427968        ----a-w-        c:\windows\system32\inetcpl.cpl
2014-04-09 07:22 . 2013-12-18 19:10        94632        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2014-04-08 20:05 . 2014-04-08 20:05        --------        d-----w-        c:\program files\Uninstaller
2014-04-08 19:55 . 2014-04-08 19:55        --------        d-----w-        c:\users\Martin\AppData\Local\com
2014-04-08 19:41 . 2014-04-13 16:54        --------        d-----w-        c:\users\Martin\AppData\Local\Genesis
2014-03-28 11:52 . 2014-03-28 11:52        43152        ----a-w-        c:\windows\avastSS.scr
2014-03-17 10:08 . 2014-02-07 10:38        2050560        ----a-w-        c:\windows\system32\win32k.sys
2014-03-17 10:08 . 2014-02-03 10:37        505344        ----a-w-        c:\windows\system32\qedit.dll
2014-03-17 10:08 . 2014-01-30 07:46        876032        ----a-w-        c:\windows\system32\wer.dll
2014-03-17 10:08 . 2013-11-13 00:30        2048        ----a-w-        c:\windows\system32\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-13 16:33 . 2012-09-30 13:36        107736        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-31 07:35 . 2009-10-03 08:08        231584        ------w-        c:\windows\system32\MpSigStub.exe
2014-03-28 11:52 . 2013-03-06 08:26        180760        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2014-03-28 11:52 . 2013-01-22 12:28        57672        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2014-03-28 11:52 . 2013-01-22 12:28        776976        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2014-03-28 11:52 . 2013-03-06 08:26        49944        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2014-03-28 11:52 . 2013-01-22 12:28        411552        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2014-03-28 11:52 . 2013-01-22 12:28        67824        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2014-03-28 11:52 . 2013-01-22 12:28        54832        ----a-w-        c:\windows\system32\drivers\aswRdr.sys
2014-03-28 11:52 . 2012-03-08 19:18        271264        ----a-w-        c:\windows\system32\aswBoot.exe
2014-03-28 11:51 . 2013-03-25 08:31        26136        ----a-w-        c:\windows\system32\drivers\aswKbd.sys
2014-03-28 11:51 . 2014-02-03 09:02        252208        ----a-w-        c:\windows\system32\drivers\aswNdis2.sys
2014-03-17 11:18 . 2012-05-01 16:46        692616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2014-03-17 11:18 . 2011-09-05 08:53        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-17 11:11 . 2013-05-31 14:49        4621313        ----a-w-        c:\windows\system32\~.tmp
2014-01-22 14:52 . 2014-02-03 09:02        104752        ----a-w-        c:\windows\system32\drivers\aswFW.sys
2014-01-16 00:40 . 2014-01-16 00:40        487016        ----a-w-        C:\SecurityScanner.dll
2007-03-12 16:59 . 2007-03-12 16:59        299008        ----a-w-        c:\program files\navigram_register.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-03-28 11:52        260976        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        130736        ----a-w-        c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05        579400        ----a-w-        c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05        579400        ----a-w-        c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05        579400        ----a-w-        c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05        579400        ----a-w-        c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05        579400        ----a-w-        c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05        579400        ----a-w-        c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-25 6111232]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-28 3854640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"fsc-reg"="c:\programdata\fsc-reg\fscreg.exe" [2008-05-29 381200]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
genesis.lnk - c:\users\Martin\AppData\Local\Genesis\Genesis.exe /r [2014-4-8 3084288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe -s [2008-10-6 1777664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57        959904        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2007-09-13 16:50        1603152        ----a-w-        c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2007-10-25 16:10        652624        ----a-w-        c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25        125952        ----a-w-        c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FSCRecovery]
2008-05-08 08:59        268096        ----a-w-        c:\program files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-09-01 01:10        13797992        ----a-w-        c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
2013-10-01 03:41        2346008        ----a-w-        c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sidebar.exe]
2009-04-11 06:28        1233920        ----a-w-        c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 15:42        20584608        ----a-r-        c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-04-07 17:08        6118400        ----a-w-        c:\users\Martin\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-04-07 17:08        1171968        ----a-w-        c:\users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 08:16        254336        ----a-w-        c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51        17408        ----a-w-        c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"dcomnatt"=rundll32 "c:\users\Martin\AppData\Local\Temp\ipcoPost.dll",ClientDllStartup
"KiesAirMessage"=c:\program files\Samsung\Kies\KiesAirMessage.exe -startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AllShareAgent"=c:\program files\Samsung\AllShare\AllShareAgent.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - MBAMWEBACCESSCONTROL
*Deregistered* - MBAMWebAccessControl
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-11 18:31        1077576        ----a-w-        c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 11:18]
.
2014-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-05 19:14]
.
2014-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-05 19:14]
.
2014-04-13 c:\windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job
- c:\windows\system32\msfeedssync.exe [2011-04-10 19:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mWindow Title = Arcor AG & Co. KG
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dip5cxyu.default-1391602220364\
FF - prefs.js: keyword.URL - hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_8013d9c514a841419eaebb6cba155fb0_39_1007_20140217_DE_ff_ab_&query=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Browser Infrastructure Helper - c:\users\Martin\AppData\Local\Smartbar\Application\Smartbar.exe
MSConfigStartUp-KiesPreload - c:\program files\Samsung\Kies\Kies.exe
MSConfigStartUp-KiesTrayAgent - c:\program files\Samsung\Kies\KiesTrayAgent.exe
MSConfigStartUp-Optimizer Pro - c:\program files\Optimizer Pro\OptProLauncher.exe
MSConfigStartUp-Samsung Link - c:\program files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-04-13 19:29
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
C:\avast! sandbox
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2844)
c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
Zeit der Fertigstellung: 2014-04-13  19:36:03
ComboFix-quarantined-files.txt  2014-04-13 17:35
.
Vor Suchlauf: 3.491.164.160 Bytes frei
Nach Suchlauf: 4.967.723.008 Bytes frei
.
- - End Of File - - B82C49DC0ECB17DD94C8D093F828CD59
5C616939100B85E558DA92B899A0FC36
Sorry .. hatte die Signatur nicht gesehen, aber deine Abwesenheit aufgrund des WEs ja schon vermutet.

Ich hoffe ich hab das soweit mit der combofix.txt richtig gemacht

schrauber 14.04.2014 15:07
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

pc-idiot 14.04.2014 19:49
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 14.04.2014
Suchlauf-Zeit: 18:27:14
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.14.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Martin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 259717
Verstrichene Zeit: 1 Std, 22 Min, 10 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
# AdwCleaner v3.023 - Bericht erstellt am 14/04/2014 um 19:22:04
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Martin - MARTIN-PC
# Gestartet von : C:\Users\Martin\Documents\Downloads\adwcleaner3023.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dip5cxyu.default-1391602220364\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [16083 octets] - [10/04/2014 21:44:21]
AdwCleaner[R1].txt - [1095 octets] - [10/04/2014 21:57:42]
AdwCleaner[R2].txt - [1215 octets] - [10/04/2014 22:03:30]
AdwCleaner[R3].txt - [1276 octets] - [11/04/2014 07:25:41]
AdwCleaner[R4].txt - [1396 octets] - [14/04/2014 18:45:42]
AdwCleaner[R5].txt - [1456 octets] - [14/04/2014 19:19:22]
AdwCleaner[S0].txt - [12636 octets] - [10/04/2014 21:46:34]
AdwCleaner[S1].txt - [1157 octets] - [10/04/2014 21:58:52]
AdwCleaner[S2].txt - [1337 octets] - [11/04/2014 07:31:45]
AdwCleaner[S3].txt - [1377 octets] - [14/04/2014 19:22:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1437 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Martin on 14.04.2014 at 19:48:11,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "\big fish games"



~~~ FireFox

Emptied folder: C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\dip5cxyu.default-1391602220364\minidumps [22 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.04.2014 at 19:54:29,33
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-04-2014
Ran by Martin (administrator) on MARTIN-PC on 14-04-2014 20:44:53
Running from C:\Users\Martin\Documents\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(délaçais) C:\Users\Martin\AppData\Local\Genesis\Genesis.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(TODO: <公司名稱>) C:\Program Files\OEM\OSD_1.12\OsdService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [fsc-reg] => C:\ProgramData\fsc-reg\fscreg.exe [381200 2008-05-29] (Fujitsu Siemens)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk
ShortcutTarget: genesis.lnk -> C:\Users\Martin\AppData\Local\Genesis\Genesis.exe (délaçais)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dip5cxyu.default-1391602220364
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.1: Amazon
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_8013d9c514a841419eaebb6cba155fb0_39_1007_20140217_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.UtilityChest_49.com/Plugin - C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-22]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-02-17]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (registryAccess) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodiijipkjcmlclfmdmcoakmloobh\7.14.1.0_0\background/registryAccess.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (downloadUpdater) - C:\Program Files\Mozilla Firefox\plugins\npdnu.dll No File
CHR Plugin: (downloadUpdater2) - C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (HTTPS Everywhere) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-01-23]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-23]
CHR Extension: (avast! Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-06]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-28] (AVAST Software)
S2 gupdate1c9b622bf6eb280; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-05] (Google Inc.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OsdService; C:\Program Files\OEM\OSD_1.12\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [69632 2008-05-13] (Ralink Technology, Corp.)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)

==================== Drivers (Whitelisted) ====================

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-28] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-28] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-28] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2007-11-21] ()
R3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
S3 s716bus; C:\Windows\System32\DRIVERS\s716bus.sys [83208 2007-06-28] (MCCI Corporation)
S3 s716mdfl; C:\Windows\System32\DRIVERS\s716mdfl.sys [15112 2007-06-28] (MCCI Corporation)
S3 s716mdm; C:\Windows\System32\DRIVERS\s716mdm.sys [108552 2007-06-28] (MCCI Corporation)
S3 s716obex; C:\Windows\System32\DRIVERS\s716obex.sys [98568 2007-06-28] (MCCI Corporation)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [51984 2011-02-22] (PC Tools)
S3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [33552 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [69392 2011-02-22] (PC Tools)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-14 19:54 - 2014-04-14 19:54 - 00000857 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:27 - 2014-04-14 19:30 - 00001517 _____ () C:\Users\Martin\Desktop\AdwCleaner[S3].txt
2014-04-14 18:34 - 2014-04-14 18:34 - 00001159 _____ () C:\Users\Martin\Desktop\mbam.txt
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\Qoobox
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\ComboFix
2014-04-13 19:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-13 19:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-13 19:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-13 18:54 - 2014-04-13 18:55 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-11 08:39 - 2014-04-14 20:44 - 00000000 ____D () C:\FRST
2014-04-11 07:22 - 2014-04-10 22:20 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:42 - 2014-04-11 07:18 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 21:53 - 2014-04-14 20:29 - 00138225 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 21:49 - 2014-04-13 20:33 - 00053454 _____ () C:\Windows\PFRO.log
2014-04-10 21:44 - 2014-04-14 19:22 - 00000000 ____D () C:\AdwCleaner
2014-04-10 21:41 - 2014-04-10 21:41 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-09 20:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 20:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 20:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 20:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 20:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 20:06 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 20:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 20:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 20:05 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 20:05 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 20:05 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 20:05 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 20:05 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 20:05 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 20:05 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 20:05 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 12:53 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 09:22 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-09 09:22 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-09 09:22 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-09 09:22 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-09 09:20 - 2014-04-09 09:22 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-08 21:41 - 2014-04-14 19:32 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-03-29 12:05 - 2014-04-10 21:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa
2014-03-17 12:08 - 2014-02-07 12:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-17 12:08 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-17 12:08 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-17 12:08 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-14 20:44 - 2014-04-11 08:39 - 00000000 ____D () C:\FRST
2014-04-14 20:44 - 2009-07-21 13:31 - 00000398 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job
2014-04-14 20:29 - 2014-04-10 21:53 - 00138225 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 20:26 - 2009-07-02 19:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 20:18 - 2012-05-01 18:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 19:58 - 2012-09-30 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-14 19:54 - 2014-04-14 19:54 - 00000857 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-04-14 19:47 - 2013-01-10 21:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-14 19:47 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 19:47 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 19:46 - 2009-07-02 19:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 19:45 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.dat
2014-04-14 19:45 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.001
2014-04-14 19:45 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 19:39 - 2006-11-02 15:01 - 00003032 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 19:32 - 2014-04-08 21:41 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:30 - 2014-04-14 19:27 - 00001517 _____ () C:\Users\Martin\Desktop\AdwCleaner[S3].txt
2014-04-14 19:22 - 2014-04-10 21:44 - 00000000 ____D () C:\AdwCleaner
2014-04-14 18:34 - 2014-04-14 18:34 - 00001159 _____ () C:\Users\Martin\Desktop\mbam.txt
2014-04-14 17:53 - 2010-11-02 12:57 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2014-04-13 20:33 - 2014-04-10 21:49 - 00053454 _____ () C:\Windows\PFRO.log
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\Qoobox
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\ComboFix
2014-04-13 19:29 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-04-13 18:59 - 2009-03-04 01:28 - 00000000 ____D () C:\Users\Martin\Desktop\Diss
2014-04-13 18:55 - 2014-04-13 18:54 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-13 18:53 - 2008-01-21 09:16 - 00006606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 14:57 - 2010-02-27 13:03 - 00000000 ____D () C:\Users\Martin\Documents\Bewerbung
2014-04-11 20:49 - 2013-01-22 16:42 - 00001929 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-11 10:31 - 2008-10-06 16:08 - 00237056 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-11 07:18 - 2014-04-10 22:42 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 23:42 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:20 - 2014-04-11 07:22 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2012-03-10 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 21:49 - 2012-05-05 12:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-10 21:41 - 2014-04-10 21:41 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-10 21:41 - 2014-03-29 12:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-10 21:07 - 2008-07-03 15:25 - 00000000 ____D () C:\Windows\Panther
2014-04-10 17:50 - 2006-11-02 14:47 - 00370072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-10 09:06 - 2008-10-06 15:48 - 00103568 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 20:05 - 2013-08-14 20:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:01 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 09:22 - 2014-04-09 09:20 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-09 09:22 - 2008-10-07 12:25 - 00000000 ____D () C:\Program Files\Java
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-07 21:32 - 2013-04-24 09:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spotify
2014-04-07 19:08 - 2013-04-24 09:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\Spotify
2014-04-03 09:51 - 2014-04-10 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2009-10-03 10:08 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-28 13:52 - 2013-03-06 10:26 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-28 13:52 - 2013-03-06 10:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-28 13:52 - 2012-03-08 21:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-28 13:51 - 2014-02-03 11:02 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-03-28 13:51 - 2013-03-25 10:31 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa
2014-03-18 14:55 - 2009-11-25 15:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 10:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-03-18 10:19 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-17 13:18 - 2012-05-01 18:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-17 13:18 - 2011-09-05 10:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-14 19:52

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 15.04.2014 14:19

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

pc-idiot 16.04.2014 16:20
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=527ab5887ea4de4aa294a001e9753c45
# engine=17907
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-16 10:38:09
# local_time=2014-04-16 12:38:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=772 16777213 83 80 1635825 7246023 0 0
# compatibility_mode=5892 16776573 100 100 230754 235177417 0 0
# scanned=212590
# found=5
# cleaned=0
# scan_time=7974
sh=2D7F3C5FDAB7E8048C27FED716D009EEE6BFBDF5 ft=1 fh=5e4e868c91d55080 vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptimizerPro.exe.vir"
sh=DB187018E12209259D33448C66F354F98FE2E8FD ft=1 fh=642a0fb9252ec458 vn="a variant of Win32/AdWare.SpeedingUpMyPC.D application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptProLauncher.exe.vir"
sh=75A5C5BD9847AECD4D230E8B8916C053A51E7894 ft=1 fh=3d5c39c0ed8f6238 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptProSmartScan.exe.vir"
sh=BDA0A4F7F6E2D53F3F7CED3E341B6EDD9FDB9D7E ft=1 fh=d28d59a27dcd01c7 vn="a variant of Win32/Skintrim.MG trojan" ac=I fn="C:\Users\Martin\AppData\Local\Genesis\Genesis.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="multiple threats" ac=I fn="${Memory}"
Code:
Results of screen317's Security Check version 0.99.81 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java version out of Date!
 Adobe Flash Player        12.0.0.77 
 Mozilla Firefox (28.0)
 Google Chrome 33.0.1750.154 
 Google Chrome 34.0.1847.116 
````````Process Check: objlist.exe by Laurent```````` 
 system32 AvastSvc.exe -?- 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
[CODE][
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-04-2014
Ran by Martin (administrator) on MARTIN-PC on 16-04-2014 14:18:33
Running from C:\Users\Martin\Documents\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(TODO: <公司名稱>) C:\Program Files\OEM\OSD_1.12\OsdService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(délaçais) C:\Users\Martin\AppData\Local\Genesis\Genesis.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\system32\mspaint.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [fsc-reg] => C:\ProgramData\fsc-reg\fscreg.exe [381200 2008-05-29] (Fujitsu Siemens)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [genesis] => c:\users\martin\appdata\local\genesis\genesis.exe [3084288 2014-04-08] (délaçais)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk
ShortcutTarget: genesis.lnk -> C:\Users\Martin\AppData\Local\Genesis\Genesis.exe (délaçais)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dip5cxyu.default-1391602220364
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.1: Amazon
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_8013d9c514a841419eaebb6cba155fb0_39_1007_20140217_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.UtilityChest_49.com/Plugin - C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-22]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-02-17]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (registryAccess) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodiijipkjcmlclfmdmcoakmloobh\7.14.1.0_0\background/registryAccess.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (downloadUpdater) - C:\Program Files\Mozilla Firefox\plugins\npdnu.dll No File
CHR Plugin: (downloadUpdater2) - C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (HTTPS Everywhere) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-01-23]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-23]
CHR Extension: (avast! Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-06]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-28] (AVAST Software)
S2 gupdate1c9b622bf6eb280; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-05] (Google Inc.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OsdService; C:\Program Files\OEM\OSD_1.12\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [69632 2008-05-13] (Ralink Technology, Corp.)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)

==================== Drivers (Whitelisted) ====================

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-28] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-28] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-28] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2007-11-21] ()
R3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
S3 s716bus; C:\Windows\System32\DRIVERS\s716bus.sys [83208 2007-06-28] (MCCI Corporation)
S3 s716mdfl; C:\Windows\System32\DRIVERS\s716mdfl.sys [15112 2007-06-28] (MCCI Corporation)
S3 s716mdm; C:\Windows\System32\DRIVERS\s716mdm.sys [108552 2007-06-28] (MCCI Corporation)
S3 s716obex; C:\Windows\System32\DRIVERS\s716obex.sys [98568 2007-06-28] (MCCI Corporation)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [51984 2011-02-22] (PC Tools)
S3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [33552 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [69392 2011-02-22] (PC Tools)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 14:03 - 2014-04-16 14:03 - 00000880 _____ () C:\Users\Martin\Desktop\checkup.txt
2014-04-16 13:39 - 2014-04-16 13:39 - 00987448 _____ () C:\Users\Martin\Desktop\SecurityCheck.exe
2014-04-16 10:20 - 2014-04-16 10:20 - 00000000 ____D () C:\Program Files\ESET
2014-04-16 09:25 - 2014-04-16 09:27 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2014-04-14 20:45 - 2014-04-14 20:45 - 00031406 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-04-14 19:54 - 2014-04-14 19:54 - 00000857 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:27 - 2014-04-14 19:30 - 00001517 _____ () C:\Users\Martin\Desktop\AdwCleaner[S3].txt
2014-04-14 18:34 - 2014-04-14 18:34 - 00001159 _____ () C:\Users\Martin\Desktop\mbam.txt
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\Qoobox
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\ComboFix
2014-04-13 19:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-13 19:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-13 19:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-13 18:54 - 2014-04-13 18:55 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-11 08:39 - 2014-04-16 14:18 - 00000000 ____D () C:\FRST
2014-04-11 07:22 - 2014-04-10 22:20 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:42 - 2014-04-11 07:18 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 21:53 - 2014-04-16 13:22 - 00232109 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 21:49 - 2014-04-13 20:33 - 00053454 _____ () C:\Windows\PFRO.log
2014-04-10 21:44 - 2014-04-14 19:22 - 00000000 ____D () C:\AdwCleaner
2014-04-10 21:41 - 2014-04-10 21:41 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-09 20:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 20:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 20:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 20:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 20:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 20:06 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 20:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 20:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 20:05 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 20:05 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 20:05 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 20:05 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 20:05 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 20:05 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 20:05 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 20:05 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 12:53 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 09:22 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-09 09:22 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-09 09:22 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-09 09:22 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-09 09:20 - 2014-04-09 09:22 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-08 21:41 - 2014-04-16 14:15 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-03-29 12:05 - 2014-04-10 21:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa
2014-03-17 12:08 - 2014-02-07 12:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-17 12:08 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-17 12:08 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-17 12:08 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-16 14:19 - 2009-07-21 13:31 - 00000398 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job
2014-04-16 14:18 - 2014-04-11 08:39 - 00000000 ____D () C:\FRST
2014-04-16 14:18 - 2012-05-01 18:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 14:15 - 2014-04-08 21:41 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-04-16 14:12 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 14:12 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 14:03 - 2014-04-16 14:03 - 00000880 _____ () C:\Users\Martin\Desktop\checkup.txt
2014-04-16 13:39 - 2014-04-16 13:39 - 00987448 _____ () C:\Users\Martin\Desktop\SecurityCheck.exe
2014-04-16 13:26 - 2009-07-02 19:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 13:22 - 2014-04-10 21:53 - 00232109 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 12:51 - 2008-10-06 16:08 - 00240128 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 12:44 - 2010-11-02 12:57 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2014-04-16 10:20 - 2014-04-16 10:20 - 00000000 ____D () C:\Program Files\ESET
2014-04-16 10:15 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.dat
2014-04-16 10:15 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.001
2014-04-16 10:14 - 2013-01-10 21:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-16 10:14 - 2012-09-30 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-16 10:12 - 2009-07-02 19:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 10:12 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 09:27 - 2014-04-16 09:25 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2014-04-14 20:45 - 2014-04-14 20:45 - 00031406 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-04-14 19:54 - 2014-04-14 19:54 - 00000857 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-04-14 19:39 - 2006-11-02 15:01 - 00003292 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:30 - 2014-04-14 19:27 - 00001517 _____ () C:\Users\Martin\Desktop\AdwCleaner[S3].txt
2014-04-14 19:22 - 2014-04-10 21:44 - 00000000 ____D () C:\AdwCleaner
2014-04-14 18:34 - 2014-04-14 18:34 - 00001159 _____ () C:\Users\Martin\Desktop\mbam.txt
2014-04-13 20:33 - 2014-04-10 21:49 - 00053454 _____ () C:\Windows\PFRO.log
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\Qoobox
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\ComboFix
2014-04-13 19:29 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-04-13 18:59 - 2009-03-04 01:28 - 00000000 ____D () C:\Users\Martin\Desktop\Diss
2014-04-13 18:55 - 2014-04-13 18:54 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-13 18:53 - 2008-01-21 09:16 - 00006606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 14:57 - 2010-02-27 13:03 - 00000000 ____D () C:\Users\Martin\Documents\Bewerbung
2014-04-11 20:49 - 2013-01-22 16:42 - 00001929 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-11 07:18 - 2014-04-10 22:42 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 23:42 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:20 - 2014-04-11 07:22 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2012-03-10 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 21:49 - 2012-05-05 12:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-10 21:41 - 2014-04-10 21:41 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-10 21:41 - 2014-03-29 12:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-10 21:07 - 2008-07-03 15:25 - 00000000 ____D () C:\Windows\Panther
2014-04-10 17:50 - 2006-11-02 14:47 - 00370072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-10 09:06 - 2008-10-06 15:48 - 00103568 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 20:05 - 2013-08-14 20:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:01 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 09:22 - 2014-04-09 09:20 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-09 09:22 - 2008-10-07 12:25 - 00000000 ____D () C:\Program Files\Java
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-07 21:32 - 2013-04-24 09:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spotify
2014-04-07 19:08 - 2013-04-24 09:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\Spotify
2014-04-03 09:51 - 2014-04-10 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2009-10-03 10:08 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-28 13:52 - 2013-03-06 10:26 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-28 13:52 - 2013-03-06 10:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-28 13:52 - 2012-03-08 21:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-28 13:51 - 2014-02-03 11:02 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-03-28 13:51 - 2013-03-25 10:31 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa
2014-03-18 14:55 - 2009-11-25 15:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 10:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-03-18 10:19 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-17 13:18 - 2012-05-01 18:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-17 13:18 - 2011-09-05 10:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-16 10:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---
/CODE]

Probleme sind noch da. Vielleicht nicht mehr so schlimm wie am anfang, aber die browser stürzen manchmal immer noch ab. Manche seiten laden ewig oder öffnen sich nie

zudem poppen immer noch voll viele werbeseiten auf oder dieser werbebanner "ads by browser extension" ist immer noch da

schrauber 17.04.2014 10:15
Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Martin\AppData\Local\Genesis
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [genesis] => c:\users\martin\appdata\local\genesis\genesis.exe [3084288 2014-04-08] (délaçais)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk
ShortcutTarget: genesis.lnk -> C:\Users\Martin\AppData\Local\Genesis\Genesis.exe (délaçais)
Tcpip\..\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

pc-idiot 18.04.2014 15:03
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014 01
Ran by Martin (administrator) on MARTIN-PC on 18-04-2014 15:20:13
Running from C:\Users\Martin\Documents\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(TODO: <公司名稱>) C:\Program Files\OEM\OSD_1.12\OsdService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(délaçais) C:\Users\Martin\AppData\Local\Genesis\Genesis.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [fsc-reg] => C:\ProgramData\fsc-reg\fscreg.exe [381200 2008-05-29] (Fujitsu Siemens)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [genesis] => c:\users\martin\appdata\local\genesis\genesis.exe [3084288 2014-04-08] (délaçais)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk
ShortcutTarget: genesis.lnk -> C:\Users\Martin\AppData\Local\Genesis\Genesis.exe (délaçais)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\jyrcqkl0.default-1397809753620
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.UtilityChest_49.com/Plugin - C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (registryAccess) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodiijipkjcmlclfmdmcoakmloobh\7.14.1.0_0\background/registryAccess.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (downloadUpdater) - C:\Program Files\Mozilla Firefox\plugins\npdnu.dll No File
CHR Plugin: (downloadUpdater2) - C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (HTTPS Everywhere) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-01-23]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-01-23]
CHR Extension: (avast! Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-06]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-28] (AVAST Software)
S2 gupdate1c9b622bf6eb280; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-05] (Google Inc.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OsdService; C:\Program Files\OEM\OSD_1.12\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [69632 2008-05-13] (Ralink Technology, Corp.)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)

==================== Drivers (Whitelisted) ====================

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-28] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-28] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-28] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2007-11-21] ()
R3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
S3 s716bus; C:\Windows\System32\DRIVERS\s716bus.sys [83208 2007-06-28] (MCCI Corporation)
S3 s716mdfl; C:\Windows\System32\DRIVERS\s716mdfl.sys [15112 2007-06-28] (MCCI Corporation)
S3 s716mdm; C:\Windows\System32\DRIVERS\s716mdm.sys [108552 2007-06-28] (MCCI Corporation)
S3 s716obex; C:\Windows\System32\DRIVERS\s716obex.sys [98568 2007-06-28] (MCCI Corporation)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [51984 2011-02-22] (PC Tools)
S3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [33552 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [69392 2011-02-22] (PC Tools)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-18 12:06 - 2014-04-18 12:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 11:59 - 2014-04-18 11:59 - 00921512 _____ (Oracle Corporation) C:\Users\Martin\Desktop\jxpiinstall.exe
2014-04-18 10:46 - 2014-04-18 10:46 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:21 - 2014-04-18 12:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-18 10:21 - 2014-04-18 12:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-18 10:21 - 2014-04-18 11:57 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-18 10:19 - 2014-04-18 10:19 - 00283192 _____ (Mozilla) C:\Users\Martin\Desktop\Firefox Setup Stub 28.0.exe
2014-04-18 09:43 - 2014-04-18 09:43 - 00001023 _____ () C:\Users\Martin\Desktop\Revo Uninstaller.lnk
2014-04-18 09:43 - 2014-04-18 09:43 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-18 09:41 - 2014-04-18 09:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Martin\Desktop\revosetup95.exe
2014-04-18 09:36 - 2014-04-18 09:36 - 00000584 _____ () C:\Users\Martin\Desktop\Fixlist.txt
2014-04-17 10:05 - 2014-04-07 15:14 - 06265344 _____ (Geek Uninstaller) C:\Users\Martin\Desktop\geek.exe
2014-04-16 14:03 - 2014-04-16 14:03 - 00000880 _____ () C:\Users\Martin\Desktop\checkup.txt
2014-04-16 13:39 - 2014-04-16 13:39 - 00987448 _____ () C:\Users\Martin\Desktop\SecurityCheck.exe
2014-04-16 09:25 - 2014-04-16 09:27 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2014-04-14 20:45 - 2014-04-18 09:41 - 00032358 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-04-14 19:54 - 2014-04-14 19:54 - 00000857 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:27 - 2014-04-14 19:30 - 00001517 _____ () C:\Users\Martin\Desktop\AdwCleaner[S3].txt
2014-04-14 18:34 - 2014-04-14 18:34 - 00001159 _____ () C:\Users\Martin\Desktop\mbam.txt
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\Qoobox
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\ComboFix
2014-04-13 19:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-13 19:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-13 19:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-13 18:54 - 2014-04-13 18:55 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-11 08:39 - 2014-04-18 15:20 - 00000000 ____D () C:\FRST
2014-04-11 07:22 - 2014-04-10 22:20 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:42 - 2014-04-11 07:18 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 21:53 - 2014-04-18 13:48 - 00297838 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 21:49 - 2014-04-18 12:59 - 00058834 _____ () C:\Windows\PFRO.log
2014-04-10 21:44 - 2014-04-14 19:22 - 00000000 ____D () C:\AdwCleaner
2014-04-09 20:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 20:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 20:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 20:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 20:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 20:06 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 20:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 20:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 20:05 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 20:05 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 20:05 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 20:05 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 20:05 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 20:05 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 20:05 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 20:05 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 12:53 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 09:20 - 2014-04-09 09:22 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-08 21:41 - 2014-04-18 15:20 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa

==================== One Month Modified Files and Folders =======

2014-04-18 15:20 - 2014-04-11 08:39 - 00000000 ____D () C:\FRST
2014-04-18 15:20 - 2014-04-08 21:41 - 00000000 ____D () C:\Users\Martin\AppData\Local\Genesis
2014-04-18 15:19 - 2009-07-21 13:31 - 00000398 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job
2014-04-18 15:18 - 2012-05-01 18:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-18 14:59 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 14:59 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 14:26 - 2009-07-02 19:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 14:26 - 2009-07-02 19:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 13:48 - 2014-04-10 21:53 - 00297838 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 13:02 - 2013-01-10 21:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-18 13:02 - 2012-09-30 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-18 13:00 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.dat
2014-04-18 13:00 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.001
2014-04-18 12:59 - 2014-04-18 10:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-18 12:59 - 2014-04-18 10:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-18 12:59 - 2014-04-10 21:49 - 00058834 _____ () C:\Windows\PFRO.log
2014-04-18 12:59 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 12:58 - 2006-11-02 15:01 - 00004426 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-18 12:57 - 2013-11-02 14:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 12:57 - 2010-11-02 12:57 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2014-04-18 12:04 - 2014-04-18 12:06 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 11:59 - 2014-04-18 11:59 - 00921512 _____ (Oracle Corporation) C:\Users\Martin\Desktop\jxpiinstall.exe
2014-04-18 11:57 - 2014-04-18 10:21 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-18 10:46 - 2014-04-18 10:46 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:46 - 2008-10-07 12:25 - 00000000 ____D () C:\Program Files\Java
2014-04-18 10:19 - 2014-04-18 10:19 - 00283192 _____ (Mozilla) C:\Users\Martin\Desktop\Firefox Setup Stub 28.0.exe
2014-04-18 09:43 - 2014-04-18 09:43 - 00001023 _____ () C:\Users\Martin\Desktop\Revo Uninstaller.lnk
2014-04-18 09:43 - 2014-04-18 09:43 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-18 09:42 - 2014-04-18 09:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Martin\Desktop\revosetup95.exe
2014-04-18 09:41 - 2014-04-14 20:45 - 00032358 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-04-18 09:36 - 2014-04-18 09:36 - 00000584 _____ () C:\Users\Martin\Desktop\Fixlist.txt
2014-04-17 17:29 - 2008-10-06 16:08 - 00243712 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-16 18:47 - 2009-03-04 01:28 - 00000000 ____D () C:\Users\Martin\Desktop\Diss
2014-04-16 14:03 - 2014-04-16 14:03 - 00000880 _____ () C:\Users\Martin\Desktop\checkup.txt
2014-04-16 13:39 - 2014-04-16 13:39 - 00987448 _____ () C:\Users\Martin\Desktop\SecurityCheck.exe
2014-04-16 09:27 - 2014-04-16 09:25 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2014-04-14 19:54 - 2014-04-14 19:54 - 00000857 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:30 - 2014-04-14 19:27 - 00001517 _____ () C:\Users\Martin\Desktop\AdwCleaner[S3].txt
2014-04-14 19:22 - 2014-04-10 21:44 - 00000000 ____D () C:\AdwCleaner
2014-04-14 18:34 - 2014-04-14 18:34 - 00001159 _____ () C:\Users\Martin\Desktop\mbam.txt
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\Qoobox
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\ComboFix
2014-04-13 19:29 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-04-13 18:55 - 2014-04-13 18:54 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-13 18:53 - 2008-01-21 09:16 - 00006606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 14:57 - 2010-02-27 13:03 - 00000000 ____D () C:\Users\Martin\Documents\Bewerbung
2014-04-11 20:49 - 2013-01-22 16:42 - 00001929 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-11 07:18 - 2014-04-10 22:42 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 23:42 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:20 - 2014-04-11 07:22 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2012-03-10 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 21:07 - 2008-07-03 15:25 - 00000000 ____D () C:\Windows\Panther
2014-04-10 17:50 - 2006-11-02 14:47 - 00370072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-10 09:06 - 2008-10-06 15:48 - 00103568 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 20:05 - 2013-08-14 20:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:01 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 09:22 - 2014-04-09 09:20 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-07 21:32 - 2013-04-24 09:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spotify
2014-04-07 19:08 - 2013-04-24 09:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\Spotify
2014-04-07 15:14 - 2014-04-17 10:05 - 06265344 _____ (Geek Uninstaller) C:\Users\Martin\Desktop\geek.exe
2014-04-03 09:51 - 2014-04-10 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2009-10-03 10:08 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-28 13:52 - 2013-03-06 10:26 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-28 13:52 - 2013-03-06 10:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-28 13:52 - 2012-03-08 21:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-28 13:51 - 2014-02-03 11:02 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-03-28 13:51 - 2013-03-25 10:31 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-18 13:06

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Probleme bestehen weiterhin

Firefox stürzt ständig ab

die anderen browser (chrome u explorer) hängen auch

zudem weiterhin dieses problem mit den ständig aufpoppenden seiten und der werbung

habe alles so gemacht wie du gesagt hast. habe firefox deinstalliert u wieder neu aufgespielt. zudem java aktualisiert

meine nerven liegen langsam blank

sorry ... ich habe das frst.logfile gepostet

du wolltest das fixlog.txt haben. hier ist es

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-04-2014 01
Ran by Martin at 2014-04-18 15:29:56 Run:1
Running from C:\Users\Martin\Documents\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\Martin\AppData\Local\Genesis
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [genesis] => c:\users\martin\appdata\local\genesis\genesis.exe [3084288 2014-04-08] (délaçais)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk
ShortcutTarget: genesis.lnk -> C:\Users\Martin\AppData\Local\Genesis\Genesis.exe (délaçais)
Tcpip\..\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
       
*****************


"C:\Users\Martin\AppData\Local\Genesis" directory move:

C:\Users\Martin\AppData\Local\Genesis\Genesis.exe => Moved successfully.
C:\Users\Martin\AppData\Local\Genesis\genesis.gdb => Moved successfully.
C:\Users\Martin\AppData\Local\Genesis\genesis.gss => Moved successfully.
Could not move "C:\Users\Martin\AppData\Local\Genesis" directory. => Scheduled to move on reboot.

HKU\S-1-5-21-825052527-3090018616-2224713232-1000\Software\Microsoft\Windows\CurrentVersion\Run\\genesis => Value deleted successfully.
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk => Moved successfully.
C:\Users\Martin\AppData\Local\Genesis\Genesis.exe not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A1A4037D-3BFC-4461-8658-BCCD6363A663}\\NameServer => Value deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-18 15:55:27)<=

C:\Users\Martin\AppData\Local\Genesis => Moved successfully.

==== End of Fixlog ====
hast du schon irgendwelche erkenntnisse was es für ein problem sein könnte?

schrauber 19.04.2014 09:34
Hast Du Firefox auch zurückgesetzt?
Ist das Scanlog frisch, sprich nach dem Fix?

pc-idiot 22.04.2014 08:13
hallo ... war über stern nicht da

ja, hatte firefox zurück gesetz

fixlog.txt war nach dem FRST

soll ich noch mal ein frisches FRST logfile machen?

Ich glaube, dass der rechner nun doch wieder läuft

schrauber 22.04.2014 18:55
Ja, ich brauch wenn dann ein frisches, damit ich sehe was der Fix gemacht hat :)

pc-idiot 22.04.2014 20:32
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2014
Ran by Martin (administrator) on MARTIN-PC on 22-04-2014 21:27:38
Running from C:\Users\Martin\Documents\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(TODO: <公司名稱>) C:\Program Files\OEM\OSD_1.12\OsdService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\WINWORD.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [fsc-reg] => C:\ProgramData\fsc-reg\fscreg.exe [381200 2008-05-29] (Fujitsu Siemens)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-825052527-3090018616-2224713232-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-17] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\jyrcqkl0.default-1397809753620
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.UtilityChest_49.com/Plugin - C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-28] (AVAST Software)
S2 gupdate1c9b622bf6eb280; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-05] (Google Inc.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 OsdService; C:\Program Files\OEM\OSD_1.12\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [69632 2008-05-13] (Ralink Technology, Corp.)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)

==================== Drivers (Whitelisted) ====================

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-28] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-28] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-28] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2007-11-21] ()
R3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
S3 s716bus; C:\Windows\System32\DRIVERS\s716bus.sys [83208 2007-06-28] (MCCI Corporation)
S3 s716mdfl; C:\Windows\System32\DRIVERS\s716mdfl.sys [15112 2007-06-28] (MCCI Corporation)
S3 s716mdm; C:\Windows\System32\DRIVERS\s716mdm.sys [108552 2007-06-28] (MCCI Corporation)
S3 s716obex; C:\Windows\System32\DRIVERS\s716obex.sys [98568 2007-06-28] (MCCI Corporation)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [51984 2011-02-22] (PC Tools)
S3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [33552 2011-02-22] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [69392 2011-02-22] (PC Tools)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-18 12:06 - 2014-04-18 12:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 11:59 - 2014-04-18 11:59 - 00921512 _____ (Oracle Corporation) C:\Users\Martin\Desktop\jxpiinstall.exe
2014-04-18 10:46 - 2014-04-18 10:46 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:21 - 2014-04-18 12:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-18 10:21 - 2014-04-18 12:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-18 10:21 - 2014-04-18 11:57 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-18 09:43 - 2014-04-18 09:43 - 00001023 _____ () C:\Users\Martin\Desktop\Revo Uninstaller.lnk
2014-04-18 09:43 - 2014-04-18 09:43 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-18 09:41 - 2014-04-18 09:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Martin\Desktop\revosetup95.exe
2014-04-17 10:05 - 2014-04-07 15:14 - 06265344 _____ (Geek Uninstaller) C:\Users\Martin\Desktop\geek.exe
2014-04-16 13:39 - 2014-04-16 13:39 - 00987448 _____ () C:\Users\Martin\Desktop\SecurityCheck.exe
2014-04-16 09:25 - 2014-04-16 09:27 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\Qoobox
2014-04-13 19:02 - 2014-04-13 19:36 - 00000000 ____D () C:\ComboFix
2014-04-13 19:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-13 19:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-13 19:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-13 19:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-13 18:54 - 2014-04-13 18:55 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-11 08:39 - 2014-04-22 21:27 - 00000000 ____D () C:\FRST
2014-04-11 07:22 - 2014-04-10 22:20 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:42 - 2014-04-11 07:18 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 22:08 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 22:08 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 21:53 - 2014-04-22 20:00 - 00383116 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 21:49 - 2014-04-18 15:35 - 00059166 _____ () C:\Windows\PFRO.log
2014-04-10 21:44 - 2014-04-14 19:22 - 00000000 ____D () C:\AdwCleaner
2014-04-09 20:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 20:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 20:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 20:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 20:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 20:06 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 20:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 20:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 20:05 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 20:05 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 20:05 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 20:05 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 20:05 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 20:05 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 20:05 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 20:05 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 12:53 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 09:20 - 2014-04-09 09:22 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa

==================== One Month Modified Files and Folders =======

2014-04-22 21:29 - 2009-07-21 13:31 - 00000398 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{E5B4FF3C-941E-437A-8FC3-EEC1EDA584BF}.job
2014-04-22 21:27 - 2014-04-11 08:39 - 00000000 ____D () C:\FRST
2014-04-22 21:26 - 2009-07-02 19:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 21:18 - 2012-05-01 18:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-22 20:00 - 2014-04-10 21:53 - 00383116 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 19:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 19:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 19:39 - 2009-03-04 01:28 - 00000000 ____D () C:\Users\Martin\Desktop\Diss
2014-04-22 18:42 - 2012-09-30 15:36 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-22 18:26 - 2010-11-02 12:57 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2014-04-22 17:52 - 2009-07-02 19:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 17:43 - 2008-10-06 16:08 - 00244736 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-22 17:43 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.dat
2014-04-22 17:43 - 2008-07-03 06:11 - 00126990 _____ () C:\ProgramData\nvModes.001
2014-04-22 09:04 - 2013-01-10 21:04 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-22 09:01 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 16:36 - 2008-10-06 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Google
2014-04-18 16:36 - 2008-10-06 14:40 - 00000000 ____D () C:\Program Files\Google
2014-04-18 15:35 - 2014-04-10 21:49 - 00059166 _____ () C:\Windows\PFRO.log
2014-04-18 15:34 - 2006-11-02 15:01 - 00006104 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-18 12:59 - 2014-04-18 10:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-18 12:59 - 2014-04-18 10:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-18 12:57 - 2013-11-02 14:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 12:04 - 2014-04-18 12:06 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 12:04 - 2014-04-18 12:04 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 11:59 - 2014-04-18 11:59 - 00921512 _____ (Oracle Corporation) C:\Users\Martin\Desktop\jxpiinstall.exe
2014-04-18 11:57 - 2014-04-18 10:21 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-18 10:46 - 2014-04-18 10:46 - 00000000 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:46 - 2008-10-07 12:25 - 00000000 ____D () C:\Program Files\Java
2014-04-18 09:43 - 2014-04-18 09:43 - 00001023 _____ () C:\Users\Martin\Desktop\Revo Uninstaller.lnk
2014-04-18 09:43 - 2014-04-18 09:43 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-18 09:42 - 2014-04-18 09:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Martin\Desktop\revosetup95.exe
2014-04-16 13:39 - 2014-04-16 13:39 - 00987448 _____ () C:\Users\Martin\Desktop\SecurityCheck.exe
2014-04-16 09:27 - 2014-04-16 09:25 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2014-04-14 19:31 - 2014-04-14 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-04-14 19:22 - 2014-04-10 21:44 - 00000000 ____D () C:\AdwCleaner
2014-04-13 19:36 - 2014-04-13 19:36 - 00019367 _____ () C:\ComboFix.txt
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\Qoobox
2014-04-13 19:36 - 2014-04-13 19:02 - 00000000 ____D () C:\ComboFix
2014-04-13 19:29 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-04-13 18:55 - 2014-04-13 18:54 - 05194807 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2014-04-13 18:53 - 2008-01-21 09:16 - 00006606 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 14:57 - 2010-02-27 13:03 - 00000000 ____D () C:\Users\Martin\Documents\Bewerbung
2014-04-11 07:18 - 2014-04-10 22:42 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-04-10 23:42 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-10 22:46 - 2014-04-10 22:46 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-10 22:41 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-10 22:20 - 2014-04-11 07:22 - 00000426 _____ () C:\AVScanner.ini
2014-04-10 22:08 - 2014-04-10 22:08 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 22:08 - 2014-04-10 22:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 22:08 - 2012-03-10 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 21:07 - 2008-07-03 15:25 - 00000000 ____D () C:\Windows\Panther
2014-04-10 17:50 - 2006-11-02 14:47 - 00370072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-10 09:06 - 2008-10-06 15:48 - 00103568 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 20:05 - 2013-08-14 20:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:01 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 09:22 - 2014-04-09 09:20 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 21:55 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\Martin\AppData\Local\com
2014-04-07 21:32 - 2013-04-24 09:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spotify
2014-04-07 19:08 - 2013-04-24 09:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\Spotify
2014-04-07 15:14 - 2014-04-17 10:05 - 06265344 _____ (Geek Uninstaller) C:\Users\Martin\Desktop\geek.exe
2014-04-03 09:51 - 2014-04-10 22:08 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 22:08 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 22:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2009-10-03 10:08 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-28 13:54 - 2014-03-28 13:54 - 00001845 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-28 13:52 - 2014-03-28 13:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-28 13:52 - 2013-03-06 10:26 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-28 13:52 - 2013-03-06 10:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-28 13:52 - 2013-01-22 14:28 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-28 13:52 - 2012-03-08 21:18 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-28 13:51 - 2014-02-03 11:02 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-03-28 13:51 - 2013-03-25 10:31 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-25 18:36 - 2014-03-25 18:36 - 00000000 ____D () C:\Users\Martin\Desktop\Fotos Sofa

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-22 21:20

==================== End Of Log ============================
--- --- ---

--- --- ---


ganz frisch :-)


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:28 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131