Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trojaner, Malware Löschungs Prüfung nach delta search über DDS+ (https://www.trojaner-board.de/133020-trojaner-malware-loeschungs-pruefung-delta-search-dds.html)

fedeli 31.03.2013 12:47

Trojaner, Malware Löschungs Prüfung nach delta search über DDS+
 
Guten Tag,

ich habe mir irgendwie den delta search Toolbar, der sich auf mein Google Chrome Browser besetzt hat, auf mein Computer unbewusst installiert etc.

Habe es nach dieser Reinfolge "behoben", doch möchte euch mein LOG Posten um es mit eurer Hilfe wirklich auszuschließen das ich noch Trojaner, Malware etc unbewusst habe,.

Säuberungs Reinfolge:
1 Deinstallation
2 AdwCleaner
3 Temporäre Dateien löschen mit TFC
4 Scan mit DDS+

Informationen über mein System:
Windows 7 Ultimate 64x
Google Chrome als Hauptbrowser ( IE gelöscht )
AdwCleaner installiert sowie Kaspersky Antivirus 2011 ( mit allen Aktuellen updates )

Mein LOG-File aus DDS+ ausgeführt über Attache!

DDS+ LOG FILE:

DDS Logfile:
DDS Logfile:
Code:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer:
Run by RSR at 13:49:53 on 2013-03-31
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.8069.5661 [GMT 2:00]
.
AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Kaspersky Anti-Virus *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Anti-Virus *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\SysWOW64\brsvc01a.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\ASUS\ROG GameFirst II\spd.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\brss01a.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ASUS\ROG GameFirst II\cfosspeed.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
F:\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\RSR\AppData\Local\Apps\2.0\KNHYN9AB.25W\GGHYG954.4L0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\GPU TweakIt Server\GPUTweakit.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=4B20A05D6006F8073F366A51571C4D0C
mStart Page = about:blank
uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
uRun: [AVMUSBFernanschluss] "C:\Users\RSR\AppData\Local\Apps\2.0\KNHYN9AB.25W\GGHYG954.4L0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe"
uRun: [] F:\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [GPU TweakIt Server Execute] "C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\GPU TweakIt Server\GPUTweakit.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{9D181D5A-BF67-424D-8988-FA3B9EB3286E} : DHCPNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
x64-Run: [ROG GameFirst II] C:\Program Files\ASUS\ROG GameFirst II\cFosSpeed.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: klogon - C:\Windows\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-3-30 14456]
R0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-29 19224]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-3-29 210016]
R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2013-3-29 141920]
R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736]
R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-3-18 1236336]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-3-29 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-3-29 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-3-29 149120]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [2013-3-29 324608]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2011-4-25 365336]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2013-3-29 233328]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-3-29 166720]
R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2011-6-30 1191896]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-3-29 365376]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 avmaura;AVM USB-Fernanschluss;C:\Windows\System32\drivers\avmaura.sys [2013-3-30 116480]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-3-29 134696]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2013-3-29 21568]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2013-3-29 620584]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2013-3-29 89640]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-3-29 39976]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-3-29 160768]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-3-29 26136]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-29 331264]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-29 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-29 789272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-3-30 102936]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-29 20992]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-3-30 203544]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-30 59392]
.
=============== Created Last 30 ================
.
2013-03-30 17:53:44        --------        d-----w-        C:\Program Files\CCleaner
2013-03-30 17:32:36        --------        d-----w-        C:\Windows\System32\appmgmt
2013-03-30 17:13:14        --------        d-----w-        C:\Users\RSR\AppData\Roaming\LavasoftStatistics
2013-03-30 17:13:14        --------        d-----w-        C:\ProgramData\Ad-Aware Antivirus
2013-03-30 17:08:37        --------        d-----w-        C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-03-30 17:08:28        47496        ----a-w-        C:\Windows\System32\sbbd.exe
2013-03-30 17:08:28        14456        ----a-w-        C:\Windows\System32\drivers\gfibto.sys
2013-03-30 17:08:27        --------        d-----w-        C:\Users\RSR\AppData\Roaming\Ad-Aware Antivirus
2013-03-30 11:40:57        --------        d-----w-        C:\ProgramData\FanXpert2
2013-03-30 10:28:31        --------        d-----w-        C:\Users\RSR\AppData\Local\AVM_Berlin
2013-03-30 10:27:19        --------        d-----w-        C:\Windows\SysWow64\searchplugins
2013-03-30 10:27:19        --------        d-----w-        C:\Windows\SysWow64\Extensions
2013-03-30 10:26:44        --------        d-----w-        C:\Users\RSR\AppData\Roaming\Babylon
2013-03-30 10:26:44        --------        d-----w-        C:\ProgramData\Babylon
2013-03-30 10:26:01        564824        ----a-w-        C:\Windows\System32\drivers\sptd.sys
2013-03-30 10:25:47        --------        d-----w-        C:\Users\RSR\AppData\Roaming\DAEMON Tools Lite
2013-03-30 10:25:46        --------        d-----w-        C:\Users\RSR\AppData\Roaming\OpenCandy
2013-03-30 10:24:19        --------        d-----w-        C:\ProgramData\DAEMON Tools Lite
2013-03-30 10:18:15        --------        d-----w-        C:\Program Files (x86)\MarkAny
2013-03-30 10:17:45        --------        d-----w-        C:\Users\RSR\AppData\Local\Samsung
2013-03-30 10:17:44        --------        d-----w-        C:\Users\RSR\AppData\Roaming\Samsung
2013-03-30 10:15:51        203544        ----a-w-        C:\Windows\System32\drivers\ssudmdm.sys
2013-03-30 10:15:51        102936        ----a-w-        C:\Windows\System32\drivers\ssudbus.sys
2013-03-30 10:13:11        4659712        ----a-w-        C:\Windows\SysWow64\Redemption.dll
2013-03-30 10:13:05        821824        ----a-w-        C:\Windows\SysWow64\dgderapi.dll
2013-03-30 10:12:58        --------        d-----w-        C:\ProgramData\Samsung
2013-03-30 10:12:07        --------        d-----w-        C:\Users\RSR\AppData\Local\Downloaded Installations
2013-03-30 09:33:30        --------        d-----w-        C:\Windows\pss
2013-03-30 09:24:54        15088        ----a-w-        C:\Users\RSR\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
2013-03-30 09:12:59        --------        d-----w-        C:\Program Files (x86)\MSECache
2013-03-30 08:53:27        --------        d-----w-        C:\Windows\System32\SPReview
2013-03-30 08:53:18        --------        d-----w-        C:\Windows\System32\EventProviders
2013-03-30 08:36:57        116480        ----a-w-        C:\Windows\System32\drivers\avmaura.sys
2013-03-30 08:36:42        --------        d-----w-        C:\Users\RSR\AppData\Local\Deployment
2013-03-30 08:36:42        --------        d-----w-        C:\Users\RSR\AppData\Local\Apps
2013-03-29 16:42:43        --------        d-----w-        C:\Windows\PCHEALTH
2013-03-29 16:40:01        --------        d-----w-        C:\Program Files (x86)\Microsoft Analysis Services
2013-03-29 16:39:45        --------        d-----w-        C:\Users\RSR\AppData\Local\Microsoft Help
2013-03-29 14:29:32        9728        ----a-w-        C:\Windows\System32\Wdfres.dll
2013-03-29 14:29:32        785512        ----a-w-        C:\Windows\System32\drivers\Wdf01000.sys
2013-03-29 14:29:32        54376        ----a-w-        C:\Windows\System32\drivers\WdfLdr.sys
2013-03-29 14:29:32        2560        ----a-w-        C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2013-03-29 14:24:16        294912        ----a-w-        C:\Windows\System32\browserchoice.exe
2013-03-29 14:23:52        273840        ------w-        C:\Windows\System32\MpSigStub.exe
2013-03-29 14:17:04        9311288        ------w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{10D82720-735A-4E64-BAAE-D42586D6B0B8}\mpengine.dll
2013-03-29 14:15:44        81408        ----a-w-        C:\Windows\System32\imagehlp.dll
2013-03-29 14:15:44        5120        ----a-w-        C:\Windows\SysWow64\wmi.dll
2013-03-29 14:15:44        5120        ----a-w-        C:\Windows\System32\wmi.dll
2013-03-29 14:15:44        23408        ----a-w-        C:\Windows\System32\drivers\fs_rec.sys
2013-03-29 14:15:44        159232        ----a-w-        C:\Windows\SysWow64\imagehlp.dll
2013-03-29 14:14:13        2871808        ----a-w-        C:\Windows\explorer.exe
2013-03-29 14:14:13        2616320        ----a-w-        C:\Windows\SysWow64\explorer.exe
2013-03-29 14:12:29        760320        ----a-w-        C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-29 14:11:22        976896        ----a-w-        C:\Windows\System32\inetcomm.dll
2013-03-29 14:10:16        690688        ----a-w-        C:\Windows\SysWow64\msvcrt.dll
2013-03-29 14:10:16        634880        ----a-w-        C:\Windows\System32\msvcrt.dll
2013-03-29 14:08:45        826880        ----a-w-        C:\Windows\SysWow64\rdpcore.dll
2013-03-29 14:08:45        23552        ----a-w-        C:\Windows\System32\drivers\tdtcp.sys
2013-03-29 14:08:45        1031680        ----a-w-        C:\Windows\System32\rdpcore.dll
2013-03-29 14:07:27        2622464        ----a-w-        C:\Windows\System32\wucltux.dll
2013-03-29 14:07:26        99840        ----a-w-        C:\Windows\System32\wudriver.dll
2013-03-29 14:07:26        36864        ----a-w-        C:\Windows\System32\wuapp.exe
2013-03-29 14:07:26        186752        ----a-w-        C:\Windows\System32\wuwebv.dll
2013-03-29 13:54:01        --------        d-----w-        C:\ProgramData\Kaspersky Lab
2013-03-29 13:54:01        --------        d-----w-        C:\Program Files (x86)\Kaspersky Lab
2013-03-29 13:52:20        --------        d-----w-        C:\Program Files\CPUID
2013-03-29 13:51:38        --------        d-----w-        C:\Users\RSR\AppData\Roaming\ASUS WebStorage
2013-03-29 13:51:35        --------        d-----w-        C:\ProgramData\ASUS WebStorage
2013-03-29 13:48:03        1671552        ----a-r-        C:\Windows\System32\drivers\cfosspeed6.sys
2013-03-29 13:47:46        --------        d-----w-        C:\Users\RSR\AppData\Local\cFos
2013-03-29 13:47:44        --------        d-----w-        C:\ProgramData\cFos
2013-03-29 13:47:40        680960        ----a-r-        C:\Windows\SysWow64\ROGThemeSetup.exe
2013-03-29 13:47:38        2868224        ----a-w-        C:\Windows\explorer.exe.rogbak
2013-03-29 13:47:36        --------        d---a-w-        C:\Windows\SysWow64\ROG_Video Intro  dir
2013-03-29 13:41:10        --------        d-----w-        C:\Users\RSR\AppData\Roaming\Seagate
2013-03-29 13:39:40        --------        d-----w-        C:\Users\RSR\AppData\Local\ATI
2013-03-29 13:39:35        0        ----a-w-        C:\Windows\ativpsrm.bin
2013-03-29 13:38:43        --------        d-----w-        C:\ProgramData\AMD
2013-03-29 13:38:43        --------        d-----w-        C:\Program Files (x86)\AMD AVT
2013-03-29 13:38:42        --------        d-----w-        C:\Program Files\Common Files\ATI Technologies
2013-03-29 13:38:42        --------        d-----w-        C:\Program Files (x86)\Common Files\ATI Technologies
2013-03-29 13:38:42        --------        d-----w-        C:\Program Files (x86)\AMD APP
2013-03-29 13:38:36        --------        d-----w-        C:\Program Files (x86)\ATI Technologies
2013-03-29 13:38:00        --------        d-----w-        C:\Program Files\ATI
2013-03-29 13:37:29        --------        d-----w-        C:\Program Files\ATI Technologies
2013-03-29 13:36:15        --------        d-----w-        C:\AMD
2013-03-29 13:36:05        --------        d-----w-        C:\ProgramData\Seagate
2013-03-29 13:36:04        971360        ----a-w-        C:\Windows\System32\drivers\timntr.sys
2013-03-29 13:36:03        275552        ----a-w-        C:\Windows\System32\drivers\snapman.sys
2013-03-29 13:36:03        210016        ----a-w-        C:\Windows\System32\drivers\vididr.sys
2013-03-29 13:36:03        141920        ----a-w-        C:\Windows\System32\drivers\vsflt53.sys
2013-03-29 13:36:02        --------        d-----w-        C:\Program Files (x86)\Seagate
2013-03-29 13:36:02        --------        d-----w-        C:\Program Files (x86)\Common Files\Seagate
2013-03-29 13:31:48        1048576        ----a-w-        C:\Windows\PE_Rom.dll
2013-03-29 13:31:28        --------        d-----w-        C:\ProgramData\ASUS OC Profiles
2013-03-29 13:31:26        --------        d-----w-        C:\ProgramData\ASUS PowerControl Profiles
2013-03-29 13:29:10        46152        ----a-w-        C:\Windows\SysWow64\drivers\ASUSFILTER.sys
2013-03-29 13:28:11        14464        ----a-w-        C:\Windows\SysWow64\drivers\AsUpIO.sys
2013-03-29 13:28:06        14848        ----a-w-        C:\Windows\SysWow64\drivers\AiChargerPlus.sys
2013-03-29 13:28:02        192512        ----a-w-        C:\Windows\SysWow64\drivers\UpdateHelper.dll
2013-03-29 13:26:59        --------        d-----w-        C:\Program Files (x86)\Common Files\Intel Corporation
2013-03-29 13:26:00        --------        d-----w-        C:\Users\RSR\AppData\Roaming\Intel Corporation
2013-03-29 13:23:33        --------        d-----w-        C:\Program Files (x86)\ASUS
2013-03-29 13:23:07        --------        d-----w-        C:\Program Files (x86)\ASM106xSATA
2013-03-29 13:22:38        568600        ----a-w-        C:\Windows\System32\drivers\iaStor.sys
2013-03-29 13:17:50        --------        d-----w-        C:\Program Files (x86)\Cisco
2013-03-29 13:16:37        --------        d-----w-        C:\Users\RSR\AppData\Local\Broadcom
2013-03-29 13:16:35        21568        ----a-w-        C:\Windows\System32\drivers\bcmvwl64.sys
2013-03-29 13:15:54        620584        ----a-w-        C:\Windows\System32\drivers\btwampfl.sys
2013-03-29 13:14:07        89640        ----a-w-        C:\Windows\System32\drivers\btwdpan.sys
2013-03-29 13:14:07        39976        ----a-w-        C:\Windows\System32\drivers\btwl2cap.sys
2013-03-29 13:14:07        21544        ----a-w-        C:\Windows\System32\drivers\btwrchid.sys
2013-03-29 13:14:07        178728        ----a-w-        C:\Windows\System32\drivers\btwavdt.sys
2013-03-29 13:14:07        167976        ----a-w-        C:\Windows\System32\drivers\btwaudio.sys
2013-03-29 13:14:07        134696        ----a-w-        C:\Windows\System32\drivers\bcbtums.sys
2013-03-29 13:13:56        --------        d-----w-        C:\Program Files\WIDCOMM
2013-03-29 13:10:24        --------        d-----w-        C:\Program Files (x86)\ASM104xUSB3
2013-03-29 13:10:16        19224        ----a-w-        C:\Windows\System32\drivers\iusb3hcs.sys
2013-03-29 13:10:10        789272        ----a-w-        C:\Windows\System32\drivers\iusb3xhc.sys
2013-03-29 13:10:10        356632        ----a-w-        C:\Windows\System32\drivers\iusb3hub.sys
2013-03-29 13:10:05        --------        d-----w-        C:\Temp
2013-03-29 13:09:58        15168        ----a-w-        C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-03-29 13:09:04        --------        d-----w-        C:\Program Files (x86)\Common Files\postureAgent
2013-03-29 13:09:01        62784        ----a-w-        C:\Windows\System32\drivers\HECIx64.sys
2013-03-29 13:08:43        538496        ----a-r-        C:\Windows\System32\PROUnstl.exe
2013-03-29 13:08:10        73032        ----a-w-        C:\Windows\System32\e1cmsg.dll
2013-03-29 13:08:10        482128        ----a-w-        C:\Windows\System32\drivers\e1c62x64.sys
2013-03-29 13:08:10        36472        ----a-w-        C:\Windows\System32\NicCo36.dll
2013-03-29 13:08:09        101224        ----a-w-        C:\Windows\System32\NicInstC.dll
2013-03-29 13:05:25        --------        d-----w-        C:\Windows\SysWow64\RTCOM
2013-03-29 13:05:25        --------        d-----w-        C:\Program Files\Realtek
2013-03-29 13:02:38        53248        ----a-r-        C:\Windows\SysWow64\CSVer.dll
2013-03-29 13:02:31        --------        d-----w-        C:\Intel
2013-03-29 13:02:28        --------        d-----w-        C:\Program Files\ASUS
2013-03-29 13:00:49        --------        d-----w-        C:\Windows\AsusInstAll
2013-03-29 13:00:48        296320        ----a-w-        C:\Windows\System32\drivers\volsnap.sys
2013-03-29 13:00:35        --------        d-sh--w-        C:\Windows\Installer
2013-03-29 13:00:34        --------        d-----w-        C:\Users\RSR\AppData\Local\Google
2013-03-29 12:46:35        --------        d-----w-        C:\Windows\Panther
.
==================== Find3M  ====================
.
2013-03-30 09:01:55        152576        ----a-w-        C:\Windows\SysWow64\msclmd.dll
2013-03-30 09:01:54        175616        ----a-w-        C:\Windows\System32\msclmd.dll
2013-03-29 13:16:49        73728        ----a-w-        C:\Windows\System32\wltrynt.dll
2013-03-29 13:16:47        445        ----a-w-        C:\Windows\System32\vcredist_x64.bat
2013-03-29 13:16:47        35344        ----a-w-        C:\Windows\System32\drivers\npf.sys
2013-03-29 13:16:47        3161088        ----a-w-        C:\Windows\System32\vcredist_x64.exe
2013-03-29 13:16:45        4658688        ----a-w-        C:\Windows\System32\bcmttls.dll
2013-03-29 13:16:44        4961800        ----a-w-        C:\Windows\SysWow64\vcredist_x64.exe
2013-03-29 13:16:44        22592        ----a-w-        C:\Windows\System32\drivers\bcm42rly.sys
2013-03-29 13:16:44        1047552        ----a-w-        C:\Windows\System32\BCMLogon.dll
2013-03-29 13:16:43        446        ----a-w-        C:\Windows\SysWow64\vcredist_x64.bat
2013-03-29 13:16:41        6656        ----a-w-        C:\Windows\System32\bcmwlrc.dll
2013-03-29 13:10:49        95544        ----a-w-        C:\Windows\System32\bcmwlcoi.dll
2013-03-29 13:10:49        4746816        ----a-w-        C:\Windows\System32\drivers\BCMWL664.SYS
2013-03-29 13:10:48        3952128        ----a-w-        C:\Windows\System32\bcmihvsrv64.dll
2013-03-29 13:10:48        3617280        ----a-w-        C:\Windows\System32\bcmihvui64.dll
2013-03-29 10:11:40        26136        ----a-w-        C:\Windows\System32\drivers\ICCWDT.sys
2013-03-29 10:11:37        28672        ----a-w-        C:\Windows\SysWow64\AsIO.dll
2013-03-29 10:11:37        15232        ----a-w-        C:\Windows\SysWow64\drivers\AsIO.sys
2013-03-29 10:11:36        929844        ------w-        C:\Windows\SysWow64\drivers\MFDLL\MFC42D.DLL
2013-03-29 10:11:36        385100        ------w-        C:\Windows\SysWow64\drivers\MFDLL\MSVCRTD.DLL
2013-03-29 10:11:36        343040        ------w-        C:\Windows\SysWow64\drivers\MFDLL\msvcrt.dll
2013-03-29 10:11:36        11832        ------w-        C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2013-03-29 10:11:36        1028096        ------w-        C:\Windows\SysWow64\drivers\MFDLL\MFC42.DLL
2013-03-29 10:11:36        10216        ------w-        C:\Windows\SysWow64\drivers\AsInsHelp32.sys
2013-02-12 04:12:05        19968        ----a-w-        C:\Windows\System32\drivers\usb8023.sys
2013-01-05 05:53:43        5553512        ----a-w-        C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15        3967848        ----a-w-        C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11        3913064        ----a-w-        C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46:09        215040        ----a-w-        C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16        5120        ----a-w-        C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21        44032        ----a-w-        C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48        3153408        ----a-w-        C:\Windows\System32\win32k.sys
2013-01-04 02:47:35        25600        ----a-w-        C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34        7680        ----a-w-        C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34        2048        ----a-w-        C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33        14336        ----a-w-        C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54        1913192        ----a-w-        C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42        288088        ----a-w-        C:\Windows\System32\drivers\FWPKCLNT.SYS
.
============= FINISH: 13:50:13,37 ===============

[/CODE]
--- --- ---
--- --- ---


ATTACH LOG-FILE 2:
Zitat:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 29.03.2013 13:57:36
System Uptime: 31.03.2013 13:30:30 (0 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | MAXIMUS V FORMULA
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | LGA1155 | 2992/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 71,755 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 747 GiB total, 746,003 GiB free.
F: is FIXED (NTFS) - 2048 GiB total, 2047,489 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP35: 30.03.2013 09:53:22 - Windows 7 Service Pack 1
RP36: 30.03.2013 10:10:56 - Windows Update
RP37: 30.03.2013 10:13:31 - Microsoft Office Outlook Connector wurde installiert.
RP38: 30.03.2013 11:12:20 - Installed Samsung Kies
RP39: 30.03.2013 11:12:47 - Installed Samsung Kies
RP41: 30.03.2013 11:25:48 - SPTD setup V1.83
RP42: 30.03.2013 18:08:40 - Installed SpyHunter
RP43: 30.03.2013 18:26:30 - Removed SpyHunter
RP44: 30.03.2013 18:33:32 - Removed SpyHunter
RP45: 30.03.2013 18:40:14 - Removed SpyHunter
.
==== Installed Programs ======================
.
Ad-Aware Antivirus
Ad-Aware Security Add-on
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.3) MUI
AI Suite II
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
ASUS Boot Setting
ASUS Product Register Program
ASUS ROG Connect Plus
ASUS WebStorage
ASUS_ROG_THEME
Broadcom InConcert Maestro
Broadcom Wireless Utility
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CPUID ROG CPU-Z 1.61.3
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
FRITZ!Box USB-Fernanschluss
Google Chrome
Google Update Helper
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Network Connections 17.3.63.0
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Intel® Watchdog Timer Driver (Intel® WDT)
Kaspersky Anti-Virus 2011
MemTweakIt 1.01.7
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4.5
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MyFreeCodec
Realtek High Definition Audio Driver
Recuva
ROG GameFirst II v8.03
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Seagate DiscWizard
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VLC media player 2.0.5
WIDCOMM Bluetooth Software
WinZip 16.5
.
==== End Of File ===========================
Vielen dank für eure Hilfe!

Mban-log:
Zitat:

malwarebytes anti-malware (test) 1.70.0.1100
www.malwarebytes.org

datenbank version: V2013.03.31.02

windows 7 service pack 1 x64 ntfs
internet explorer 8.0.7601.17514
rsr :: Rsr-pc [administrator]

schutz: Aktiviert

31.03.2013 13:56:47
mbam-log-2013-03-31 (13-56-47).txt

art des suchlaufs: Vollständiger suchlauf (c:\|e:\|f:\|)
aktivierte suchlaufeinstellungen: Speicher | autostart | registrierung | dateisystem | heuristiks/extra | heuristiks/shuriken | pup | pum
deaktivierte suchlaufeinstellungen: P2p
durchsuchte objekte: 383616
laufzeit: 14 minute(n), 46 sekunde(n)

infizierte speicherprozesse: 0
(keine bösartigen objekte gefunden)

infizierte speichermodule: 0
(keine bösartigen objekte gefunden)

infizierte registrierungsschlüssel: 0
(keine bösartigen objekte gefunden)

infizierte registrierungswerte: 0
(keine bösartigen objekte gefunden)

infizierte dateiobjekte der registrierung: 0
(keine bösartigen objekte gefunden)

infizierte verzeichnisse: 0
(keine bösartigen objekte gefunden)

infizierte dateien: 0
(keine bösartigen objekte gefunden)

(ende)

ryder 31.03.2013 13:36

!! Hinweis an Mitlesende !!
Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht.
Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.


:hallo:

Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:
Bitte lesen:
Regeln für die Bereinigung
  • Illegal genutzte Software
    Beim ersten Anzeichen wird der Support ohne Diskussion eingestellt. Also sorge bitte vorher dafür, dass hier nichts mehr auftaucht.
  • Keine Garantie
    Wir werden uns Mühe geben, aber einen 100% sicheren und sauberen Computer bekommst du nicht zurück. Der einzig sichere Weg ist die Formatierung mit Neuaufsetzen.
  • Keine Alleingänge
    Die Bereinigung funktioniert nur, wenn du genau das machst, was ich anweise. Installiere/deinstalliere keine Software, führe keine Scans durch, die ich dir nicht angewiesen habe. Poste dein Thema in keinem anderen Forum und folge nicht den Anweisungen anderer Helfer. Du raubst damit allen Beteiligten nur Zeit.
  • Aufmerksam lesen und nachfragen
    Lies jede Anleitung genau durch. Bei Unklarheiten bitte vorher nachfragen. Arbeite die Schritte in der Reihenfolge ab und antworte dann erst nach dem letzten Schritt oder wenn du eine Frage hast.
  • Richtig antworten
    • Nachdem du alle Schritte abgearbeitet hast gibst du mir bitte zu jedem Schritt eine Rückmeldung (Logfile oder Antwort) und das gesammelt in einer Antwort.
    • Mache deinen Namen nur dann unkenntlich, wenn es wirklich sein muss.
    • Logfiles bitte zwischen Code-Tags platzieren (im Antwortfenster das #-Symbol anklicken) sieht dann so aus:
      [CODE] (Logfile) [/CODE]
    • Hinweis in eigener Sache: Angehängte oder gezippte Logfiles erschweren mir die Arbeit massiv! Mache das also nur, wenn das Logfile zu groß ist, um es direkt zu posten.
  • Keine privaten Nachrichten
    Ich sehe es, wenn du geantwortet hast, du mußt mich nicht benachrichtigen. Schicke mir nur dann eine PM wenn ich drei Tage nicht geantwortet habe und nur dann.
  • Wie läuft die Bereinigung ab?
    Ganz grob: Analyse > Bereinigung > Kontrolle mit Updates > Fertig. Ob fertig oder nicht werde ich dir ganz deutlich mitteilen, du brauchst nicht nachzufragen.



Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)
Du hast mehrere Virenscanner. Entscheide dich bitte für einen. Ich würde lavasoft entfernen und Kapsersky lassen. Deine Entscheidung.


Schritt 2:
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


fedeli 31.03.2013 14:00

Der LOG-FILE von ComboFix!

Code:

ComboFix 13-03-31.01 - RSR 31.03.2013  14:55:26.1.4 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.8069.5382 [GMT 2:00]
ausgeführt von:: c:\users\RSR\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-02-28 bis 2013-03-31  ))))))))))))))))))))))))))))))
.
.
2013-03-31 12:58 . 2013-03-31 12:58        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-03-31 11:55 . 2013-03-31 11:55        --------        d-----w-        c:\programdata\Malwarebytes
2013-03-30 17:53 . 2013-03-30 17:53        --------        d-----w-        c:\program files\CCleaner
2013-03-30 17:32 . 2013-03-30 17:32        --------        d-----w-        c:\windows\system32\appmgmt
2013-03-30 17:13 . 2013-03-30 17:13        --------        d-----w-        c:\programdata\Ad-Aware Antivirus
2013-03-30 17:09 . 2013-03-30 17:09        --------        d-----w-        c:\programdata\Lavasoft
2013-03-30 17:09 . 2013-03-30 17:09        --------        d-----w-        c:\programdata\Downloaded Installations
2013-03-30 17:09 . 2013-03-30 17:09        --------        d-----w-        c:\programdata\Ad-Aware Browsing Protection
2013-03-30 17:09 . 2013-03-30 17:09        --------        d-----w-        c:\program files\Enigma Software Group
2013-03-30 17:08 . 2013-03-30 17:08        --------        d-----w-        c:\program files (x86)\Common Files\Wise Installation Wizard
2013-03-30 17:08 . 2013-03-30 17:08        14456        ----a-w-        c:\windows\system32\drivers\gfibto.sys
2013-03-30 11:40 . 2013-03-30 11:45        --------        d-----w-        c:\programdata\FanXpert2
2013-03-30 10:27 . 2013-03-30 10:27        --------        d-----w-        c:\windows\SysWow64\searchplugins
2013-03-30 10:27 . 2013-03-30 10:27        --------        d-----w-        c:\windows\SysWow64\Extensions
2013-03-30 10:26 . 2013-03-30 10:26        --------        d-----w-        c:\programdata\Babylon
2013-03-30 10:26 . 2013-03-30 10:26        564824        ----a-w-        c:\windows\system32\drivers\sptd.sys
2013-03-30 10:24 . 2013-03-30 10:24        --------        d-----w-        c:\programdata\DAEMON Tools Lite
2013-03-30 10:18 . 2013-03-30 10:18        --------        d-----w-        c:\program files (x86)\MarkAny
2013-03-30 10:15 . 2013-02-22 07:17        203544        ----a-w-        c:\windows\system32\drivers\ssudmdm.sys
2013-03-30 10:15 . 2013-02-22 07:17        102936        ----a-w-        c:\windows\system32\drivers\ssudbus.sys
2013-03-30 10:13 . 2013-02-05 16:53        4659712        ----a-w-        c:\windows\SysWow64\Redemption.dll
2013-03-30 10:13 . 2013-02-05 16:52        821824        ----a-w-        c:\windows\SysWow64\dgderapi.dll
2013-03-30 10:12 . 2013-03-30 10:14        --------        d-----w-        c:\programdata\Samsung
2013-03-30 09:12 . 2013-03-30 09:12        --------        d-----w-        c:\program files (x86)\MSECache
2013-03-30 08:53 . 2013-03-30 08:53        --------        d-----w-        c:\windows\system32\SPReview
2013-03-30 08:53 . 2013-03-30 08:53        --------        d-----w-        c:\windows\system32\EventProviders
2013-03-30 08:52 . 2013-03-30 08:52        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help
2013-03-30 08:36 . 2013-03-30 08:36        116480        ----a-w-        c:\windows\system32\drivers\avmaura.sys
2013-03-29 16:42 . 2013-03-29 16:42        --------        d-----w-        c:\windows\PCHEALTH
2013-03-29 16:40 . 2013-03-29 16:40        --------        d-----w-        c:\program files\Microsoft Office
2013-03-29 16:40 . 2013-03-29 16:40        --------        d-----w-        c:\program files (x86)\Microsoft Analysis Services
2013-03-29 16:39 . 2013-03-30 08:55        --------        d-----w-        c:\programdata\Microsoft Help
2013-03-29 16:39 . 2013-03-29 16:39        --------        d-----r-        C:\MSOCache
2013-03-29 14:46 . 2013-03-04 13:53        72013344        ----a-w-        c:\windows\system32\MRT.exe
2013-03-29 14:29 . 2012-07-26 07:46        2560        ----a-w-        c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-03-29 14:29 . 2012-07-26 04:55        785512        ----a-w-        c:\windows\system32\drivers\Wdf01000.sys
2013-03-29 14:29 . 2012-07-26 04:55        54376        ----a-w-        c:\windows\system32\drivers\WdfLdr.sys
2013-03-29 14:29 . 2012-07-26 02:36        9728        ----a-w-        c:\windows\system32\Wdfres.dll
2013-03-29 14:24 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe
2013-03-29 14:23 . 2013-01-17 00:28        273840        ------w-        c:\windows\system32\MpSigStub.exe
2013-03-29 14:17 . 2013-03-19 04:50        9311288        ------w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{10D82720-735A-4E64-BAAE-D42586D6B0B8}\mpengine.dll
2013-03-29 14:15 . 2012-03-01 06:46        23408        ----a-w-        c:\windows\system32\drivers\fs_rec.sys
2013-03-29 14:15 . 2012-03-01 06:33        81408        ----a-w-        c:\windows\system32\imagehlp.dll
2013-03-29 14:15 . 2012-03-01 06:28        5120        ----a-w-        c:\windows\system32\wmi.dll
2013-03-29 14:15 . 2012-03-01 05:33        159232        ----a-w-        c:\windows\SysWow64\imagehlp.dll
2013-03-29 14:15 . 2012-03-01 05:29        5120        ----a-w-        c:\windows\SysWow64\wmi.dll
2013-03-29 14:14 . 2011-02-25 06:19        2871808        ----a-w-        c:\windows\explorer.exe
2013-03-29 14:14 . 2011-02-25 05:30        2616320        ----a-w-        c:\windows\SysWow64\explorer.exe
2013-03-29 14:14 . 2011-05-28 05:32        9001984        ----a-w-        c:\windows\system32\mshtml.dll
2013-03-29 14:14 . 2011-04-22 22:04        12262400        ----a-w-        c:\windows\system32\ieframe.dll
2013-03-29 14:12 . 2012-12-26 05:47        1111040        ----a-w-        c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-29 14:11 . 2011-05-03 05:29        976896        ----a-w-        c:\windows\system32\inetcomm.dll
2013-03-29 14:10 . 2011-12-16 08:46        634880        ----a-w-        c:\windows\system32\msvcrt.dll
2013-03-29 14:10 . 2011-12-16 07:52        690688        ----a-w-        c:\windows\SysWow64\msvcrt.dll
2013-03-29 14:08 . 2012-02-17 06:38        1031680        ----a-w-        c:\windows\system32\rdpcore.dll
2013-03-29 14:08 . 2012-02-17 05:34        826880        ----a-w-        c:\windows\SysWow64\rdpcore.dll
2013-03-29 14:08 . 2012-02-17 04:57        23552        ----a-w-        c:\windows\system32\drivers\tdtcp.sys
2013-03-29 14:07 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2013-03-29 14:07 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2013-03-29 14:07 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll
2013-03-29 14:07 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2013-03-29 14:07 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll
2013-03-29 14:07 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll
2013-03-29 14:07 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll
2013-03-29 14:07 . 2012-06-02 14:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2013-03-29 14:07 . 2012-06-02 14:15        36864        ----a-w-        c:\windows\system32\wuapp.exe
2013-03-29 13:55 . 2013-03-30 10:11        --------        d-----w-        c:\program files (x86)\Real
2013-03-29 13:54 . 2013-03-31 11:41        --------        d-----w-        c:\programdata\Kaspersky Lab
2013-03-29 13:54 . 2013-03-29 13:54        --------        d-----w-        c:\program files (x86)\Kaspersky Lab
2013-03-29 13:54 . 2013-03-29 13:54        556120        ----a-w-        c:\windows\system32\drivers\klif.sys
2013-03-29 13:52 . 2013-03-29 13:52        --------        d-----w-        c:\programdata\WinZip
2013-03-29 13:52 . 2013-03-29 13:52        --------        d-----w-        c:\program files\WinZip
2013-03-29 13:52 . 2013-03-29 13:52        --------        d-----w-        c:\program files\CPUID
2013-03-29 13:51 . 2013-03-29 13:52        --------        d-----w-        c:\program files (x86)\Common Files\Adobe
2013-03-29 13:51 . 2013-03-29 13:51        --------        d-----w-        c:\programdata\ASUS WebStorage
2013-03-29 13:48 . 2012-04-27 07:40        1671552        ----a-r-        c:\windows\system32\drivers\cfosspeed6.sys
2013-03-29 13:47 . 2013-03-29 13:47        --------        d-----w-        c:\programdata\cFos
2013-03-29 13:47 . 2011-10-28 08:01        680960        ----a-r-        c:\windows\SysWow64\ROGThemeSetup.exe
2013-03-29 13:47 . 2012-09-11 03:23        --------        d---a-w-        c:\windows\SysWow64\ROG_Video Intro  dir
2013-03-29 13:39 . 2013-03-29 13:39        --------        d-----w-        c:\programdata\ATI
2013-03-29 13:39 . 2013-03-29 13:39        0        ----a-w-        c:\windows\ativpsrm.bin
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\programdata\AMD
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\program files (x86)\AMD AVT
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\program files\Common Files\ATI Technologies
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\program files (x86)\Common Files\ATI Technologies
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\program files (x86)\AMD APP
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\program files (x86)\ATI Technologies
2013-03-29 13:38 . 2013-03-29 16:42        --------        d-----w-        c:\program files (x86)\Microsoft.NET
2013-03-29 13:38 . 2013-03-29 13:38        --------        d-----w-        c:\program files\ATI
2013-03-29 13:37 . 2013-03-29 13:38        --------        d-----w-        c:\program files\ATI Technologies
2013-03-29 13:36 . 2013-03-29 13:36        --------        d-----w-        C:\AMD
2013-03-29 13:36 . 2013-03-29 13:42        --------        d-----w-        c:\programdata\Seagate
2013-03-29 13:36 . 2013-03-29 13:36        971360        ----a-w-        c:\windows\system32\drivers\timntr.sys
2013-03-29 13:36 . 2013-03-29 13:36        275552        ----a-w-        c:\windows\system32\drivers\snapman.sys
2013-03-29 13:36 . 2013-03-29 13:36        210016        ----a-w-        c:\windows\system32\drivers\vididr.sys
2013-03-29 13:36 . 2013-03-29 13:36        141920        ----a-w-        c:\windows\system32\drivers\vsflt53.sys
2013-03-29 13:36 . 2013-03-29 13:36        --------        d-----w-        c:\program files (x86)\Common Files\Acronis
2013-03-29 13:36 . 2013-03-29 13:36        --------        d-----w-        c:\program files (x86)\Common Files\Seagate
2013-03-29 13:36 . 2013-03-29 13:36        --------        d-----w-        c:\program files (x86)\Seagate
2013-03-29 13:31 . 2013-03-31 11:31        1048576        ----a-w-        c:\windows\PE_Rom.dll
2013-03-29 13:31 . 2013-03-29 13:31        --------        d-----w-        c:\programdata\ASUS OC Profiles
2013-03-29 13:31 . 2013-03-29 13:31        --------        d-----w-        c:\programdata\ASUS PowerControl Profiles
2013-03-29 13:29 . 2013-03-29 10:11        46152        ----a-w-        c:\windows\SysWow64\drivers\ASUSFILTER.sys
2013-03-29 13:28 . 2013-03-29 13:28        --------        d-----w-        c:\windows\SysWow64\Macromed
2013-03-29 13:28 . 2013-03-29 10:11        14464        ----a-w-        c:\windows\SysWow64\drivers\AsUpIO.sys
2013-03-29 13:28 . 2012-04-19 08:19        14848        ----a-w-        c:\windows\SysWow64\drivers\AiChargerPlus.sys
2013-03-29 13:28 . 2009-12-18 15:07        192512        ----a-w-        c:\windows\SysWow64\drivers\UpdateHelper.dll
2013-03-29 13:27 . 2013-03-29 13:27        --------        d-----w-        c:\programdata\ASUS
2013-03-29 13:27 . 2013-03-29 13:27        --------        d-----w-        c:\windows\SysWow64\drivers\MFDLL
2013-03-29 13:27 . 2013-03-29 10:11        28672        ----a-w-        c:\windows\SysWow64\AsIO.dll
2013-03-29 13:27 . 2013-03-29 10:11        15232        ----a-w-        c:\windows\SysWow64\drivers\AsIO.sys
2013-03-29 13:27 . 2013-03-29 10:11        11832        ------w-        c:\windows\SysWow64\drivers\AsInsHelp64.sys
2013-03-29 13:27 . 2013-03-29 10:11        10216        ------w-        c:\windows\SysWow64\drivers\AsInsHelp32.sys
2013-03-29 13:27 . 2013-03-29 10:11        26136        ----a-w-        c:\windows\system32\drivers\ICCWDT.sys
2013-03-29 13:26 . 2013-03-29 13:26        --------        d-----w-        c:\program files (x86)\Common Files\Intel Corporation
2013-03-29 13:23 . 2013-03-29 13:53        --------        d-----w-        c:\program files (x86)\ASUS
2013-03-29 13:23 . 2013-03-29 13:23        --------        d-----w-        c:\program files (x86)\ASM106xSATA
2013-03-29 13:22 . 2012-02-01 15:16        568600        ----a-w-        c:\windows\system32\drivers\iaStor.sys
2013-03-29 13:17 . 2013-03-29 13:17        --------        d-----w-        c:\program files (x86)\Cisco
2013-03-29 13:11 . 2013-03-29 13:10        95544        ----a-w-        c:\windows\system32\bcmwlcoi.dll
2013-03-29 13:11 . 2013-03-29 13:21        --------        d-----w-        c:\program files\Broadcom
2013-03-29 13:11 . 2013-03-29 13:10        4746816        ----a-w-        c:\windows\system32\drivers\BCMWL664.SYS
2013-03-29 13:11 . 2013-03-29 13:10        3952128        ----a-w-        c:\windows\system32\bcmihvsrv64.dll
2013-03-29 13:11 . 2013-03-29 13:10        3617280        ----a-w-        c:\windows\system32\bcmihvui64.dll
2013-03-29 13:10 . 2013-03-29 13:10        --------        d-----w-        c:\program files (x86)\ASM104xUSB3
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-30 09:01 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll
2013-03-30 09:01 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll
2013-02-05 16:52 . 2013-02-05 16:52        90112        ----a-w-        c:\windows\MAMCityDownload.ocx
2013-02-05 16:52 . 2013-02-05 16:52        330240        ----a-w-        c:\windows\MASetupCaller.dll
2013-02-05 16:52 . 2013-02-05 16:52        30568        ----a-w-        c:\windows\MusiccityDownload.exe
2013-02-05 16:52 . 2013-02-05 16:52        974848        ----a-w-        c:\windows\SysWow64\cis-2.4.dll
2013-02-05 16:52 . 2013-02-05 16:52        81920        ----a-w-        c:\windows\SysWow64\issacapi_bs-2.3.dll
2013-02-05 16:52 . 2013-02-05 16:52        65536        ----a-w-        c:\windows\SysWow64\issacapi_pe-2.3.dll
2013-02-05 16:52 . 2013-02-05 16:52        57344        ----a-w-        c:\windows\SysWow64\MTXSYNCICON.dll
2013-02-05 16:52 . 2013-02-05 16:52        57344        ----a-w-        c:\windows\SysWow64\MK_Lyric.dll
2013-02-05 16:52 . 2013-02-05 16:52        57344        ----a-w-        c:\windows\SysWow64\issacapi_se-2.3.dll
2013-02-05 16:52 . 2013-02-05 16:52        569344        ----a-w-        c:\windows\SysWow64\muzdecode.ax
2013-02-05 16:52 . 2013-02-05 16:52        491520        ----a-w-        c:\windows\SysWow64\muzapp.dll
2013-02-05 16:52 . 2013-02-05 16:52        49152        ----a-w-        c:\windows\SysWow64\MaJGUILib.dll
2013-02-05 16:52 . 2013-02-05 16:52        45320        ----a-w-        c:\windows\SysWow64\MAMACExtract.dll
2013-02-05 16:52 . 2013-02-05 16:52        45056        ----a-w-        c:\windows\SysWow64\MaXMLProto.dll
2013-02-05 16:52 . 2013-02-05 16:52        45056        ----a-w-        c:\windows\SysWow64\MACXMLProto.dll
2013-02-05 16:52 . 2013-02-05 16:52        40960        ----a-w-        c:\windows\SysWow64\MTTELECHIP.dll
2013-02-05 16:52 . 2013-02-05 16:52        352256        ----a-w-        c:\windows\SysWow64\MSLUR71.dll
2013-02-05 16:52 . 2013-02-05 16:52        258048        ----a-w-        c:\windows\SysWow64\muzoggsp.ax
2013-02-05 16:52 . 2013-02-05 16:52        245760        ----a-w-        c:\windows\SysWow64\MSCLib.dll
2013-02-05 16:52 . 2013-02-05 16:52        24576        ----a-w-        c:\windows\SysWow64\MASetupCleaner.exe
2013-02-05 16:52 . 2013-02-05 16:52        200704        ----a-w-        c:\windows\SysWow64\muzwmts.dll
2013-02-05 16:52 . 2013-02-05 16:52        155648        ----a-w-        c:\windows\SysWow64\MSFLib.dll
2013-02-05 16:52 . 2013-02-05 16:52        143360        ----a-w-        c:\windows\SysWow64\3DAudio.ax
2013-02-05 16:52 . 2013-02-05 16:52        135168        ----a-w-        c:\windows\SysWow64\muzaf1.dll
2013-02-05 16:52 . 2013-02-05 16:52        131072        ----a-w-        c:\windows\SysWow64\muzmpgsp.ax
2013-02-05 16:52 . 2013-02-05 16:52        122880        ----a-w-        c:\windows\SysWow64\muzeffect.ax
2013-02-05 16:52 . 2013-02-05 16:52        118784        ----a-w-        c:\windows\SysWow64\MaDRM.dll
2013-02-05 16:52 . 2013-02-05 16:52        110592        ----a-w-        c:\windows\SysWow64\muzmp4sp.ax
2013-01-04 04:43 . 2013-03-29 14:13        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\RSR\AppData\Local\Apps\2.0\KNHYN9AB.25W\GGHYG954.4L0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2013-03-30 139264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2012-08-20 550272]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"GPU TweakIt Server Execute"="c:\program files (x86)\ASUS\ASUS ROG Connect Plus\GPU TweakIt Server\GPUTweakit.exe" [2012-05-24 1355936]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2013-03-29 365336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages        REG_MULTI_SZ          scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-22 102936]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-22 203544]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-03-30 14456]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2013-03-29 210016]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [2013-03-29 141920]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-03-29 920736]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-03-29 951936]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-03-29 149120]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [2013-03-29 324608]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-01-23 233328]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-07-27 170824]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2011-06-30 1191896]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys [2013-03-30 116480]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2011-11-03 134696]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2013-03-29 21568]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-09-20 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-20 89640]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-13 39976]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-05-27 160768]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2013-03-29 26136]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-29 14:06        1642448        ----a-w-        c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 13:00]
.
2013-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 13:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-16 07:37        1506656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-16 07:37        1506656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-16 07:37        1506656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-07 1212048]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2013-03-29 7144960]
"ROG GameFirst II"="c:\program files\ASUS\ROG GameFirst II\cFosSpeed.exe" [2012-08-09 3064232]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=4B20A05D6006F8073F366A51571C4D0C
mStart Page = about:blank
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-31  14:59:11
ComboFix-quarantined-files.txt  2013-03-31 12:59
.
Vor Suchlauf: 9 Verzeichnis(se), 77.063.446.528 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 76.698.697.728 Bytes frei
.
- - End Of File - - 733FD9F4B5959B5F4960D89E9482F2B3


ryder 31.03.2013 15:18

Sieht soweit gut aus.

Bevor es weiter geht: Besteht das Problem noch?

fedeli 31.03.2013 15:47

Ah okay danke dir :)

Was für Dateien hat er da eig. gelöscht...

( C:\prefs.js
c:\windows\SysWow64\muzapp.exe )

...?

Bis jetzt läuft wieder der Browser sehr schnell. Bis jetzt keine Probleme...

ich hoffe doch das es wieder alles okay ist.... Kaspersky hat z.B. gar nix angezeigt, das ich überhaupt solche scheiße auf mein pc habe...

ryder 31.03.2013 19:18

Hab bitte Verständnis dasfür, dass wir nicht jeden einzelnen Schritt erklären können.

Gut! :daumenhoc

Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen und werden dann deinen Computer noch auf einen sicheren Stand bringen. Da diese Scans jetzt sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten.

Schritt 1:
Quick-Scan mit Malwarebytes
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte poste das Logfile hier oder teile mir mit, dass nichts gefunden wurde.
Hinweis: Der Scan kann sehr lange (einige Stunden) dauern! :kaffee:

Schritt 3:
Scan mit SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

fedeli 01.04.2013 13:37

Vielen dank, du hast mir sehr geholfen, habe diese Reinfolge schon gestern ausgeführt und ist alles sauber. danke dir!

LG
fedeli

ryder 01.04.2013 16:14

Schön, dass wir helfen konnten :abklatsch:

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

Falls du noch Lob oder Kritik loswerden möchtest, dann gibt es diesen Bereich hier: http://www.trojaner-board.de/lob-kritik-wuensche/


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:56 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132