Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Werbung Vrius

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.08.2013, 16:16   #1
Ole101
 
Werbung Vrius - Standard

Werbung Vrius



Hallo,
Ich habe ein Browser Problem. Und zwar wenn ich im Internet unterwegs bin Leuchtet die Schrift manchmal grün und wenn ich rauf gehe werde erscheint eine Seite mit "info.com" und schlägt mir vor Informationen zu dem Wort zu suchen.
Ich benutze Windows7. Ich war schonmal hier und mir wurde sehr gut geholfen ich weiß aber nicht wieso ich schon wieder ein Werbung Virus habe...
Danke im Vorraus

Alt 16.08.2013, 16:20   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung Vrius - Standard

Werbung Vrius



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 16.08.2013, 16:58   #3
Ole101
 
Werbung Vrius - Standard

Werbung Vrius



Danke für die schnelle Antwort , es hat sich nur die FRST.txt Datei geöffnet:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2013 01
Ran by Ole (administrator) on 16-08-2013 17:52:57
Running from C:\Users\Ole\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
(North Star com.) C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Users\Ole\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ole\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ole\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ole\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Ole\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2413128 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-06-11] (Logitech Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Ole\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-01-18] (Google Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
MountPoints2: {383fae04-49d0-11e1-b799-90fba6e2522b} - J:\Startme.exe
MountPoints2: {61c09c79-4daa-11e2-a657-90fba6e2522b} - J:\Startme.exe
MountPoints2: {b6be9d7e-7811-11e1-b56b-90fba6e2522b} - J:\LaunchU3.exe -a
MountPoints2: {e65fda7f-eeef-11e2-91e3-90fba6e2522b} - J:\Setup.exe
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-11-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-11-12] (Acer Corp.)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-12-07] (Nullsoft, Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM-x32\...\Run: [4StoryPrePatch] - C:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe [x]
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [RMAlert] - "C:\Program Files (x86)\Registry Mechanic\Alert.exe" /PRODUCT=RM /R [x]
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\UpdatusUser\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB [x]
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartCopy.lnk
ShortcutTarget: SmartCopy.lnk -> C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartLauncher.lnk
ShortcutTarget: SmartLauncher.lnk -> C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe (North Star com.)

==================== Internet (Whitelisted) ====================

URLSearchHook: (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR RestoreOnStartup: "https://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Ole\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Ole\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ole\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Ole\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0
CHR Extension: (Google Search) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Plus-HD-2.5) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.47_0
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk\1.7_0
CHR Extension: (Gmail) - C:\Users\Ole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4722728 2013-03-14] (INCA Internet Co., Ltd.)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-03-26] ()
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-27] (AVG Secure Search)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-07-10] (Taiwan Shui Mu Chih Ching Technology Limited.)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-27] (AVG Technologies)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-14 20:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 20:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 20:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 20:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 20:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 20:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 20:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 20:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 20:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 20:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 20:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 20:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 20:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 20:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 20:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 20:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 20:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 20:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 20:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 20:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 20:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 20:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 20:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 20:37 - 2013-08-14 20:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 18:52 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 18:52 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 18:52 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 18:52 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 18:52 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 18:52 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 18:52 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 18:52 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 18:52 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 18:52 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 18:52 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 18:52 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 18:52 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 18:52 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 18:50 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 18:50 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 18:50 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 18:50 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 18:50 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 18:50 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 18:50 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 18:50 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 18:50 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 18:50 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 18:50 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 18:50 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 18:50 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 18:50 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-14 18:50 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-14 18:50 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-14 18:50 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-14 18:50 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-14 18:50 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-14 18:50 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-14 18:50 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-10 12:20 - 2013-08-10 12:20 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-08-10 12:20 - 2013-03-14 02:00 - 04722728 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2013-08-10 12:20 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2013-08-10 12:20 - 2003-07-18 23:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2013-08-10 12:17 - 2013-08-10 12:17 - 00001569 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-08-10 12:12 - 2013-08-10 12:12 - 00000000 ____D C:\Program Files\gPotato.eu
2013-08-10 10:36 - 2013-08-10 11:16 - 1178892312 _____ (Gala Networks Europe Limited                                ) C:\Users\Ole\Downloads\Flyff_DE.exe
2013-08-03 12:57 - 2013-08-03 12:59 - 00000000 ____D C:\Users\Ole\Desktop\Cubeworld
2013-08-03 11:43 - 2013-08-03 11:43 - 00000000 ____D C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-03 11:43 - 2013-08-03 11:43 - 00000000 ____D C:\Program Files\WinRAR
2013-08-03 11:42 - 2013-08-03 11:42 - 01758824 _____ C:\Users\Ole\Downloads\winrar-x64-420d.exe
2013-08-02 21:56 - 2013-08-16 17:48 - 00000000 ____D C:\Users\Ole\AppData\Local\LogMeIn Hamachi
2013-08-02 21:56 - 2013-08-02 21:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-08-02 21:53 - 2013-08-02 21:53 - 04292608 _____ C:\Users\Ole\Downloads\hamachi_2.1.0.362 (1).msi
2013-07-29 18:55 - 2013-07-29 19:07 - 00003548 _____ C:\Users\Ole\Documents\TombRaider.log
2013-07-27 14:00 - 2013-07-27 14:00 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-27 14:00 - 2013-07-27 14:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-27 14:00 - 2013-07-27 14:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-27 14:00 - 2013-07-27 14:00 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-27 13:59 - 2013-07-27 13:59 - 00903080 _____ (Oracle Corporation) C:\Users\Ole\Downloads\chromeinstall-7u25.exe
2013-07-20 15:29 - 2013-07-20 15:29 - 00000222 _____ C:\Users\Ole\Desktop\Tomb Raider.url
2013-07-20 01:51 - 2013-07-20 01:51 - 00311608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00206648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00071480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2013-07-19 19:08 - 2013-07-19 19:08 - 00000222 _____ C:\Users\Ole\Desktop\Rayman Origins.url
2013-07-19 16:24 - 2013-07-19 16:24 - 00000222 _____ C:\Users\Ole\Desktop\Ace of Spades.url
2013-07-19 14:14 - 2013-07-19 14:14 - 00000222 _____ C:\Users\Ole\Desktop\Torchlight II.url
2013-07-18 17:28 - 2013-07-18 17:50 - 500526863 _____ C:\Users\Ole\Downloads\WoWp_0.5.0_eu_install.zip

==================== One Month Modified Files and Folders =======

2013-08-16 17:52 - 2011-05-01 17:46 - 00000000 ____D C:\games
2013-08-16 17:51 - 2013-08-16 17:51 - 01575798 _____ (Farbar) C:\Users\Ole\Desktop\FRST64.exe
2013-08-16 17:49 - 2013-07-10 20:35 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-08-16 17:49 - 2011-12-14 18:28 - 00000000 ____D C:\Users\Ole\AppData\Roaming\Skype
2013-08-16 17:48 - 2013-08-02 21:56 - 00000000 ____D C:\Users\Ole\AppData\Local\LogMeIn Hamachi
2013-08-16 17:47 - 2013-07-10 20:22 - 00001900 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-08-16 17:47 - 2013-07-10 20:22 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-08-16 17:47 - 2013-07-10 20:22 - 00001190 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-08-16 17:47 - 2013-07-10 20:22 - 00001094 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-08-16 17:47 - 2013-06-03 15:31 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-08-16 17:47 - 2011-07-05 19:20 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-16 17:46 - 2010-10-08 12:56 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-16 17:46 - 2010-10-08 12:46 - 00831158 _____ C:\Windows\PFRO.log
2013-08-16 17:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-16 17:46 - 2009-07-14 06:51 - 00153610 _____ C:\Windows\setupact.log
2013-08-16 17:45 - 2010-10-08 12:50 - 01878697 _____ C:\Windows\WindowsUpdate.log
2013-08-16 17:45 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-16 17:45 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-16 17:32 - 2012-12-24 14:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-16 17:30 - 2011-01-18 14:13 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1114314960-1703166307-1999351953-1000UA.job
2013-08-16 17:21 - 2012-06-01 13:05 - 00000000 ____D C:\Users\Ole\AppData\Local\PMB Files
2013-08-16 17:21 - 2012-06-01 13:05 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-16 14:30 - 2011-01-18 14:13 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1114314960-1703166307-1999351953-1000Core.job
2013-08-16 13:56 - 2011-01-18 14:20 - 00000000 ____D C:\ProgramData\MFAData
2013-08-15 19:00 - 2011-07-15 12:46 - 00000262 _____ C:\Windows\Tasks\RMSchedule.job
2013-08-14 20:40 - 2010-10-06 09:49 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-08-14 20:40 - 2010-10-06 09:49 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-08-14 20:40 - 2009-07-14 07:13 - 01633540 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-14 20:39 - 2013-08-14 20:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:37 - 2011-01-18 14:49 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 16:16 - 2011-01-18 14:23 - 00000000 ____D C:\Users\Ole\AppData\Roaming\Winamp
2013-08-10 12:20 - 2013-08-10 12:20 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2013-08-10 12:17 - 2013-08-10 12:17 - 00001569 _____ C:\Users\Public\Desktop\Flyff.lnk
2013-08-10 12:12 - 2013-08-10 12:12 - 00000000 ____D C:\Program Files\gPotato.eu
2013-08-10 11:16 - 2013-08-10 10:36 - 1178892312 _____ (Gala Networks Europe Limited                                ) C:\Users\Ole\Downloads\Flyff_DE.exe
2013-08-08 21:07 - 2012-04-06 13:33 - 00000000 ____D C:\Users\Ole\AppData\Roaming\TS3Client
2013-08-03 12:59 - 2013-08-03 12:57 - 00000000 ____D C:\Users\Ole\Desktop\Cubeworld
2013-08-03 11:43 - 2013-08-03 11:43 - 00000000 ____D C:\Users\Ole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-03 11:43 - 2013-08-03 11:43 - 00000000 ____D C:\Program Files\WinRAR
2013-08-03 11:42 - 2013-08-03 11:42 - 01758824 _____ C:\Users\Ole\Downloads\winrar-x64-420d.exe
2013-08-02 21:56 - 2013-08-02 21:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-08-02 21:53 - 2013-08-02 21:53 - 04292608 _____ C:\Users\Ole\Downloads\hamachi_2.1.0.362 (1).msi
2013-08-02 21:51 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-01 12:33 - 2011-01-18 14:13 - 00002360 _____ C:\Users\Ole\Desktop\Google Chrome.lnk
2013-07-30 18:01 - 2012-10-18 17:28 - 00000985 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-07-29 19:07 - 2013-07-29 18:55 - 00003548 _____ C:\Users\Ole\Documents\TombRaider.log
2013-07-27 14:00 - 2013-07-27 14:00 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-27 14:00 - 2013-07-27 14:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-27 14:00 - 2013-07-27 14:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-27 14:00 - 2013-07-27 14:00 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-27 14:00 - 2012-05-08 16:36 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-27 14:00 - 2011-08-21 19:46 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-27 13:59 - 2013-07-27 13:59 - 00903080 _____ (Oracle Corporation) C:\Users\Ole\Downloads\chromeinstall-7u25.exe
2013-07-26 07:13 - 2013-08-14 20:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:13 - 2013-08-14 20:41 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 20:41 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:12 - 2013-08-14 20:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-14 20:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-14 20:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 20:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 20:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 20:41 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 05:35 - 2013-08-14 20:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 20:41 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 20:41 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-14 20:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 20:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 20:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-14 20:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 20:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-14 20:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 05:11 - 2013-08-14 20:41 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 04:49 - 2013-08-14 20:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-14 20:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-14 20:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 20:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-25 18:56 - 2012-10-18 17:20 - 00000000 ____D C:\Users\Ole\AppData\Local\Avg2013
2013-07-25 11:25 - 2013-08-14 18:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 18:52 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-23 15:31 - 2012-01-18 21:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-23 15:31 - 2011-12-14 18:28 - 00000000 ____D C:\ProgramData\Skype
2013-07-21 19:33 - 2011-06-12 13:54 - 00000000 ____D C:\Users\Ole\Documents\My Games
2013-07-21 19:31 - 2010-10-08 13:09 - 00527583 _____ C:\Windows\DirectX.log
2013-07-20 15:29 - 2013-07-20 15:29 - 00000222 _____ C:\Users\Ole\Desktop\Tomb Raider.url
2013-07-20 01:51 - 2013-07-20 01:51 - 00311608 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00206648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00071480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2013-07-19 19:08 - 2013-07-19 19:08 - 00000222 _____ C:\Users\Ole\Desktop\Rayman Origins.url
2013-07-19 16:24 - 2013-07-19 16:24 - 00000222 _____ C:\Users\Ole\Desktop\Ace of Spades.url
2013-07-19 14:14 - 2013-07-19 14:14 - 00000222 _____ C:\Users\Ole\Desktop\Torchlight II.url
2013-07-19 03:58 - 2013-08-14 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-14 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-18 17:59 - 2012-03-27 16:48 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-18 17:51 - 2013-07-10 20:35 - 00000000 ____D C:\Users\Ole\AppData\Roaming\WinZipper
2013-07-18 17:50 - 2013-07-18 17:28 - 500526863 _____ C:\Users\Ole\Downloads\WoWp_0.5.0_eu_install.zip

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-03-02 19:43

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 16.08.2013, 17:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung Vrius - Standard

Werbung Vrius



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.08.2013, 11:01   #5
Ole101
 
Werbung Vrius - Standard

Werbung Vrius



Code:
ATTFilter
ComboFix 13-08-16.03 - Ole 16.08.2013  21:48:05.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6103.3985 [GMT 2:00]
ausgeführt von:: c:\users\Ole\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\Ole\AppData\Roaming\.#
c:\users\Ole\Favorites\Fraps 3.4.6.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\wininit.ini
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-16 bis 2013-08-16  ))))))))))))))))))))))))))))))
.
.
2013-08-16 19:54 . 2013-08-16 19:54	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-08-16 19:54 . 2013-08-16 19:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-14 18:41 . 2013-07-26 05:12	603136	----a-w-	c:\windows\system32\msfeeds.dll
2013-08-14 18:37 . 2013-08-14 18:39	--------	d-----w-	c:\windows\system32\MRT
2013-08-14 16:50 . 2013-07-09 06:03	5550528	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-10 10:20 . 2013-03-14 00:00	4722728	----a-w-	c:\windows\SysWow64\GameMon.des
2013-08-10 10:20 . 2005-01-02 12:43	4682	----a-w-	c:\windows\SysWow64\npptNT2.sys
2013-08-10 10:20 . 2003-07-18 21:17	5174	----a-w-	c:\windows\SysWow64\nppt9x.vxd
2013-08-10 10:20 . 2013-08-10 10:20	--------	d-----w-	c:\program files\Common Files\INCA Shared
2013-08-10 10:12 . 2013-08-10 10:12	--------	d-----w-	c:\program files\gPotato.eu
2013-08-03 09:43 . 2013-08-03 09:43	--------	d-----w-	c:\program files\WinRAR
2013-08-02 19:56 . 2013-08-16 19:38	--------	d-----w-	c:\users\Ole\AppData\Local\LogMeIn Hamachi
2013-08-02 19:56 . 2013-08-02 19:56	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-07-27 12:00 . 2013-07-27 12:00	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-07-27 12:00 . 2013-07-27 12:00	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-27 12:00 . 2013-07-27 12:00	--------	d-----w-	c:\program files (x86)\Java
2013-07-19 23:51 . 2013-07-19 23:51	311608	----a-w-	c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50	71480	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50	246072	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50	206648	----a-w-	c:\windows\system32\drivers\avgldx64.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-16 19:34 . 2012-02-16 17:39	79672	----a-w-	c:\windows\system32\drivers\AFD.SYS
2013-08-16 19:34 . 2009-07-14 00:10	79672	----a-w-	c:\windows\system32\drivers\WS2IFSL.SYS
2013-08-14 18:37 . 2011-01-18 12:49	78161360	----a-w-	c:\windows\system32\MRT.exe
2013-07-27 12:00 . 2012-05-08 14:36	867240	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-07-27 12:00 . 2011-08-21 17:46	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-15 15:42 . 2012-12-24 12:29	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-15 15:42 . 2012-10-14 15:59	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 23:32 . 2013-07-09 23:32	45880	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
2013-07-09 04:45 . 2013-08-14 16:50	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-06-30 23:45 . 2013-06-30 23:45	116536	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2013-06-27 17:01 . 2012-08-30 17:35	45856	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-06-24 21:26 . 2013-06-24 21:26	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-06-24 21:26 . 2013-06-24 21:26	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-06-24 21:26 . 2013-06-24 21:26	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-06-24 21:26 . 2013-06-24 21:26	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-06-24 21:26 . 2013-06-24 21:26	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-06-24 21:26 . 2013-06-24 21:26	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-06-24 21:26 . 2013-06-24 21:26	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-06-24 21:26 . 2013-06-24 21:26	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-06-24 21:26 . 2013-06-24 21:26	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-06-24 21:26 . 2013-06-24 21:26	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-06-24 21:26 . 2013-06-24 21:26	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-06-24 21:26 . 2013-06-24 21:26	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-06-24 21:26 . 2013-06-24 21:26	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-06-24 21:26 . 2013-06-24 21:26	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-06-24 21:26 . 2013-06-24 21:26	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-06-24 21:26 . 2013-06-24 21:26	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-06-24 21:26 . 2013-06-24 21:26	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-06-24 21:26 . 2013-06-24 21:26	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-06-24 21:26 . 2013-06-24 21:26	197120	----a-w-	c:\windows\system32\msrating.dll
2013-06-24 21:26 . 2013-06-24 21:26	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-06-24 21:26 . 2013-06-24 21:26	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-06-24 21:26 . 2013-06-24 21:26	81408	----a-w-	c:\windows\system32\icardie.dll
2013-06-24 21:26 . 2013-06-24 21:26	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-06-24 21:26 . 2013-06-24 21:26	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-06-24 21:26 . 2013-06-24 21:26	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-06-24 21:26 . 2013-06-24 21:26	441856	----a-w-	c:\windows\system32\html.iec
2013-06-24 21:26 . 2013-06-24 21:26	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-06-24 21:26 . 2013-06-24 21:26	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-06-24 21:26 . 2013-06-24 21:26	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-06-24 21:26 . 2013-06-24 21:26	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-06-24 21:26 . 2013-06-24 21:26	235008	----a-w-	c:\windows\system32\url.dll
2013-06-24 21:26 . 2013-06-24 21:26	216064	----a-w-	c:\windows\system32\msls31.dll
2013-06-24 21:26 . 2013-06-24 21:26	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-06-24 21:26 . 2013-06-24 21:26	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-06-24 21:26 . 2013-06-24 21:26	144896	----a-w-	c:\windows\system32\wextract.exe
2013-06-24 21:26 . 2013-06-24 21:26	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-06-24 21:26 . 2013-06-24 21:26	102912	----a-w-	c:\windows\system32\inseng.dll
2013-06-24 21:26 . 2013-06-24 21:26	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-06-24 21:26 . 2013-06-24 21:26	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-06-24 21:26 . 2013-06-24 21:26	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-06-24 21:26 . 2013-06-24 21:26	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-06-24 21:26 . 2013-06-24 21:26	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-06-24 21:26 . 2013-06-24 21:26	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-06-24 21:26 . 2013-06-24 21:26	149504	----a-w-	c:\windows\system32\occache.dll
2013-06-24 21:26 . 2013-06-24 21:26	13824	----a-w-	c:\windows\system32\mshta.exe
2013-06-24 21:26 . 2013-06-24 21:26	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-06-24 21:26 . 2013-06-24 21:26	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-06-24 21:26 . 2013-06-24 21:26	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-06-24 21:26 . 2013-06-24 21:26	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-06-24 21:25 . 2013-06-24 21:25	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-06-24 21:25 . 2013-06-24 21:25	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-06-24 21:25 . 2013-06-24 21:25	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-24 21:25 . 2013-06-24 21:25	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-06-24 21:25 . 2013-06-24 21:25	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-06-24 21:25 . 2013-06-24 21:25	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 21:25 . 2013-06-24 21:25	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-06-24 21:25 . 2013-06-24 21:25	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-06-24 21:25 . 2013-06-24 21:25	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-06-24 21:25 . 2013-06-24 21:25	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-06-24 21:25 . 2013-06-24 21:25	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-06-24 21:25 . 2013-06-24 21:25	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-06-24 21:25 . 2013-06-24 21:25	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-06-24 21:25 . 2013-06-24 21:25	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-06-24 21:25 . 2013-06-24 21:25	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-06-24 21:25 . 2013-06-24 21:25	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-06-24 21:25 . 2013-06-24 21:25	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-06-24 21:25 . 2013-06-24 21:25	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-06-24 21:25 . 2013-06-24 21:25	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-06-24 21:25 . 2013-06-24 21:25	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-06-24 21:25 . 2013-06-24 21:25	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-06-24 21:25 . 2013-06-24 21:25	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-06-24 21:25 . 2013-06-24 21:25	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-12 261888]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2010-08-04 611872]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-11-16 128296]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-11-12 181480]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-06 74752]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
"RoccatKoneXTD"="c:\program files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE" [2012-11-30 558944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SmartCopy.lnk - c:\program files (x86)\Northstar\SmartCopy\SmartCopy.exe [2010-10-8 319488]
SmartLauncher.lnk - c:\program files (x86)\Northstar\SmartLauncher\SmartLauncher.exe [2010-10-8 53760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\DRIVERS\s1029bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1029bus.sys [x]
R3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1029mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1029mdfl.sys [x]
R3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1029mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1029mdm.sys [x]
R3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1029mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1029mgmt.sys [x]
R3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1029nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1029nd5.sys [x]
R3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1029obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1029obex.sys [x]
R3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1029unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1029unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe;c:\oem\USBDECTION\USBS3S4Detection.exe [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-24 15:42]
.
2013-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1114314960-1703166307-1999351953-1000Core.job
- c:\users\Ole\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-18 12:13]
.
2013-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1114314960-1703166307-1999351953-1000UA.job
- c:\users\Ole\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-18 12:13]
.
2013-08-16 c:\windows\Tasks\Plus-HD-2.5-chromeinstaller.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [2013-07-10 18:22]
.
2013-08-16 c:\windows\Tasks\Plus-HD-2.5-codedownloader.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [2013-07-10 18:22]
.
2013-08-16 c:\windows\Tasks\Plus-HD-2.5-enabler.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [2013-07-10 18:22]
.
2013-08-16 c:\windows\Tasks\Plus-HD-2.5-updater.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [2013-07-10 18:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-06-11 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-06-11 2413128]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-06-11 4725320]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-4StoryPrePatch - c:\program files (x86)\Gameforge4D\4Story\PrePatch.exe
Wow6432Node-HKLM-Run-RMAlert - c:\program files (x86)\Registry Mechanic\Alert.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-Guild Wars 2 - c:\users\Ole\Desktop\Guild Wars 2\Gw2.exe
AddRemove-OpenAL - c:\program files (x86)\OpenAL\oalinst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Registry Mechanic_is1 - c:\program files (x86)\Registry Mechanic\unins000.exe
AddRemove-VisualBee for Microsoft PowerPoint - c:\users\Ole\AppData\Local\VisualBeeExe\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-16  21:56:34
ComboFix-quarantined-files.txt  2013-08-16 19:56
.
Vor Suchlauf: 13 Verzeichnis(se), 217.585.016.832 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 217.184.608.256 Bytes frei
.
- - End Of File - - 49B067311990A59ECAD8D2923A275D64
A36C5E4F47E84449FF07ED3517B43A31
         
Ich habe eien Fehler Meldung bekommen , und zwar kann ich meinen Windows Sicherheitscenterservice nicht mehr aktivieren , wenn ich auf aktivieren klicke steht da, dass er nicht gestartet werden kann.

Ok im WartungsCenter ist wieder alles inordnung. Ich habe jetzt aber das Problem das ich überhaupt nichtehr ins Internet rein komme. Da steht das die Netzwerk und internet eingeschränkt sind. Ich hab das Gefühl das dieses Programm ne Sicherung bei mir eingeschaltet hat sodass ich nicht mehr ins internet komme

Ich kann nur noch mit meinem handy Beiträge hier schreiben also auch keine Screenshots senden , bitte um Hilfe !!! Dieses dumme combat fix ! Wirklich

So schaut's bei mir aus:
OLE-PC -----------Netzwerkidentifizierung------(rotes kreuz)---- Internet welches grau ist.

"Die ProxyEinstellungen des Netzwerks konnten nicht automatisch ermittelten werden."

Schrauber bitte hilf mir schnell es ist wichtig das ich so schnell wie moglich wieder ins internet kann....


Alt 17.08.2013, 23:42   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung Vrius - Standard

Werbung Vrius



Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Werbung Vrius

Alt 19.08.2013, 19:58   #7
Ole101
 
Werbung Vrius - Standard

Werbung Vrius



Wie zum Teufel soll ich mir diese programme runterladen wenn ich sagte das ich kein Internet habe seid diesem combo.fix lesen sie sich das überhaupt gründlich durch ? ich habe mein problem selber gelöst ...

Alt 20.08.2013, 12:14   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung Vrius - Standard

Werbung Vrius



deswegen ja auch das erste Tool, da ich nit zaubern kann brauch ich Logfiles von Scannern
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Werbung Vrius
browser, erschein, erscheint, geholfen, informationen, inter, interne, internet, schlägt, schonmal, schrift, seite, suche, unterwegs, virus, werbung, windows




Ähnliche Themen: Werbung Vrius


  1. Chrome öffnet bei Klick auf Link Werbung & Werbung PopUps im Browser
    Plagegeister aller Art und deren Bekämpfung - 03.11.2015 (1)
  2. Win 7: efix repair werbung, kleine werbung unten rechts win XP beschleunigen
    Log-Analyse und Auswertung - 16.09.2015 (12)
  3. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  4. Werbung in Firefox, Fenster mit PC Optimierung Werbung öffnet sich automatisch
    Log-Analyse und Auswertung - 10.04.2015 (11)
  5. Windows Vista -64 Bit - Werbung, überall Werbung!
    Log-Analyse und Auswertung - 29.03.2015 (15)
  6. Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.
    Log-Analyse und Auswertung - 02.03.2015 (23)
  7. Überall Werbung... Fenster öffnen sich automatisch mit werbung HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (5)
  8. Werbung und nervige Tabs die sich bei klick auf eine Seite öffnen sowie Blaue schricht im Brwoser mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2015 (6)
  9. Windows 7: Browser voller Werbung/ Links werden zu Werbung weitergeleitet
    Log-Analyse und Auswertung - 17.12.2014 (31)
  10. Pc langsam, überall Werbung, neue Fenster mit Werbung, Adblocker verschlimmerte alles
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (3)
  11. Windows 7: Internet Explorer startet automatisch Werbung/ Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 27.07.2014 (7)
  12. Win8 ungewollte Werbung (Wörter in Text öffnen Werbung)
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (10)
  13. Chrome plötzlich voll mit pop up werbung und es öffnen sich beim Klicken auf Links falsche Seiten mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (3)
  14. Werbung im Browser; Unterstrichene Wörter mit Werbung; Taskleiste zeigt kurz ein Symbol
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (4)
  15. Seit kurzem im Browser plötzlich Werbung und grün unterstrichene Wörter, die mit Popup-Werbung hinterlegt sind
    Log-Analyse und Auswertung - 13.12.2013 (7)
  16. Werbung bei Chrome - trotz Adblock seltsame Werbung
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (5)
  17. CIB Werbung, iexplorer.exe und noch andere Werbung
    Log-Analyse und Auswertung - 09.07.2009 (6)

Zum Thema Werbung Vrius - Hallo, Ich habe ein Browser Problem. Und zwar wenn ich im Internet unterwegs bin Leuchtet die Schrift manchmal grün und wenn ich rauf gehe werde erscheint eine Seite mit "info.com" - Werbung Vrius...
Archiv
Du betrachtest: Werbung Vrius auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.