Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Chrome öffnet automatisch verschiedene Internetseiten (https://www.trojaner-board.de/158709-chrome-oeffnet-automatisch-verschiedene-internetseiten.html)

schrauber 21.09.2014 09:46
und der Rest? :)

stebre 21.09.2014 13:10
Okay, jetzt geht's weiter.
Hier der lod von SecuriytCheck:


Code:
Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x86 (UAC is disabled!) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner   
 Java 7 Update 25 
 Java(TM) SE Development Kit 6 Update 25
 Java DB 10.6.2.1 
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Reader 8 Adobe Reader out of Date!
 Google Chrome 37.0.2062.103 
 Google Chrome 37.0.2062.120 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
und hier das FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Bxxxf (administrator) on BxxxF-LT1 on 21-09-2014 14:07:30
Running from C:\Users\Bxxxf\Desktop
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
() C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
() C:\Program Files\ASUS\Printer Utilities\UsbService.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
() C:\Users\Bxxxf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
(Lenovo) C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
(ATK0101) C:\Program Files\Lenovo\ATK Hotkey\LControl.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Lenovo) C:\Program Files\Lenovo\ATK Hotkey\LFKA.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(Lenovo Group Ltd.) C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Promethean Technologies Group Ltd) C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe
() C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-04-10] (Synaptics, Inc.)
HKLM\...\Run: [ACTray] => C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [435488 2009-04-03] (Lenovo)
HKLM\...\Run: [ACWlIcon] => C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [165152 2009-04-03] (Lenovo)
HKLM\...\Run: [CreateLMBCShortCut] => C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe [40960 2009-04-03] ()
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe [64368 2008-03-24] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [181536 2008-06-06] (Lenovo.)
HKLM\...\Run: [TVT Scheduler Proxy] => C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-05-24] (Lenovo Group Limited)
HKLM\...\Run: [EZEJMNAP] => C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [242976 2008-06-04] (Lenovo Group Ltd.)
HKLM\...\Run: [ActivControl] => C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe [1092896 2010-06-10] (Promethean Technologies Group Ltd)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296520 2014-03-31] (RealNetworks, Inc.)
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [StoppUhr] => [X]
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-14] (Google Inc.)
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [KiesPDLR] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21416 2012-02-23] ()
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-22] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-909024761-1574197840-3427079863-1003\...\Run: [Amazon Cloud Player] => C:\Users\Bxxxf\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bxxxf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bxxxf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bxxxf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bxxxf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKCU - DefaultScope {D78B3DA1-621B-4552-8CB3-7DFD0EEB7C2E} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE460
SearchScopes: HKCU - {D78B3DA1-621B-4552-8CB3-7DFD0EEB7C2E} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE460
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Windows Live Toolbar Helper -> {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -> C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.6.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.6.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-25]
FF HKLM\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-31]
FF HKCU\...\Firefox\Extensions: [{c4cf403f-d86b-4e5a-a55a-ef6a06352881}] - C:\Program Files\TubeSaver\132.xpi

Chrome:
=======
CHR CustomProfile: C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (AdBlock) - C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-30]
CHR Extension: (RealPlayer Downloader) - C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-31]
CHR Extension: (Skype Click to Call) - C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-30]
CHR Extension: (Google Wallet) - C:\Users\Bxxxf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-02-12]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Bxxxf\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-02] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe [94208 2007-10-30] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CDMA Device Service; C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [63488 2011-08-02] () [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LFKAS; C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe [208896 2008-03-19] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [211216 2009-02-27] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
R2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141336 2014-03-31] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-14] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
S3 Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2008-04-25] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2008-04-25] (Sonic Solutions)
S2 RoxLiveShare10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [309744 2008-04-25] (Sonic Solutions)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2009-06-12] (Lenovo Group Limited) [File not signed]
R2 TPHKSVC; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [53325 2008-08-08] (Lenovo Group Limited) [File not signed]
R2 TSSCoreService; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [779576 2008-06-13] (Lenovo)
S2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [520192 2008-05-24] () [File not signed]
S2 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [950272 2008-05-24] (Lenovo Group Limited) [File not signed]
R2 TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1155072 2008-05-24] (Lenovo Group Limited) [File not signed]
S2 TVT_UpdateMonitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [360448 2008-10-09] (Lenovo Group Limited) [File not signed]
R2 UsbService; C:\Program Files\ASUS\Printer Utilities\UsbService.exe [217088 2010-08-10] () [File not signed]
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
S2 XYNTService; C:\Users\Administrator\AppData\Local\Temp\{7E1F4F03-7C38-4624-8E99-191685098E28}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R3 ActivHidSerMini; C:\Windows\System32\DRIVERS\activhidsermini.sys [74752 2010-05-26] (Promethean Technologies Ltd)
R2 ASMMAP; C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys [13880 2007-07-24] ()
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [101248 2009-10-31] (AVM Berlin)
R3 DCamUSBGene; C:\Windows\System32\DRIVERS\usbstk.sys [173584 2008-07-31] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [57672 2009-02-17] (FTDI Ltd.)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\A0101V32.sys [7680 2006-12-14] (ATK0100)
S3 PcaSp60; C:\Windows\System32\DRIVERS\PcaSp60.sys [28672 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 prmvmouse; C:\Windows\System32\DRIVERS\activmouse.sys [6144 2010-05-26] (Promethean Technologies Ltd)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [12080 2008-10-26] ()
R2 tvtfilter; C:\Windows\System32\DRIVERS\tvtfilter.sys [33536 2009-08-23] (Lenovo) [File not signed]
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [66432 2007-12-17] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Bxxxf\AppData\Local\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Bxxxf\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 fwztuctp; \??\C:\Windows\system32\drivers\fwztuctp.sys [X]
S0 is3srv; system32\drivers\is3srv.sys [X]
S0 szkg5; system32\DRIVERS\szkg.sys [X]
S0 szkgfs; system32\drivers\szkgfs.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 13:23 - 2014-09-21 13:22 - 00854417 _____ () C:\Users\Bxxxf\Desktop\SecurityCheck.exe
2014-09-21 13:22 - 2014-09-21 13:22 - 00854417 _____ () C:\Users\Bxxxf\Downloads\SecurityCheck.exe
2014-09-20 11:42 - 2014-09-20 11:41 - 02347384 _____ (ESET) C:\Users\Bxxxf\Desktop\esetsmartinstaller_deu.exe
2014-09-20 11:41 - 2014-09-20 11:41 - 02347384 _____ (ESET) C:\Users\Bxxxf\Downloads\esetsmartinstaller_deu.exe
2014-09-18 19:57 - 2014-09-18 21:18 - 00000917 _____ () C:\Users\Bxxxf\Desktop\JRT.txt
2014-09-18 19:52 - 2014-09-18 19:52 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 19:50 - 2014-09-18 19:51 - 01016830 _____ (Thisisu) C:\Users\Bxxxf\Downloads\JRT.exe
2014-09-18 19:22 - 2014-09-18 19:40 - 00000000 ____D () C:\AdwCleaner
2014-09-18 19:21 - 2014-09-18 19:21 - 01373475 _____ () C:\Users\Bxxxf\Downloads\AdwCleaner_3.310.exe
2014-09-18 19:20 - 2014-09-18 19:51 - 00002453 _____ () C:\Users\Bxxxf\Desktop\mbam.txt
2014-09-18 16:41 - 2014-09-20 10:48 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 16:41 - 2014-09-18 16:41 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-18 16:41 - 2014-09-18 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-18 16:41 - 2014-09-18 16:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-18 16:41 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-18 16:41 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-18 16:41 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-18 16:38 - 2014-09-18 16:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bxxxf\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-17 23:14 - 2014-09-17 23:28 - 00034781 _____ () C:\ComboFix.txt
2014-09-17 23:07 - 2014-09-20 20:24 - 00002944 _____ () C:\Windows\system32\TPAPSLOG.LOG
2014-09-17 21:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-17 21:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-17 21:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-17 21:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-17 21:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-17 21:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-17 21:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-17 21:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-17 21:47 - 2014-09-17 23:14 - 00000000 ____D () C:\Qoobox
2014-09-17 21:46 - 2014-09-17 22:27 - 00000000 ____D () C:\Windows\erdnt
2014-09-17 21:43 - 2014-09-17 21:45 - 05579386 ____R (Swearware) C:\Users\Bxxxf\Desktop\ComboFix.exe
2014-09-17 10:15 - 2014-09-17 10:16 - 00000000 ____D () C:\rei
2014-09-17 10:15 - 2014-09-17 10:16 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-09-17 10:15 - 2014-09-17 10:15 - 00002064 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-09-17 10:13 - 2014-09-17 10:16 - 00000165 _____ () C:\Windows\Reimage.ini
2014-09-17 10:12 - 2014-09-17 10:12 - 00850216 _____ (Reimage®) C:\Users\Bxxxf\Downloads\ReimageRepair (2).exe
2014-09-16 18:12 - 2014-09-16 18:12 - 00000757 _____ () C:\Users\Bxxxf\Desktop\Revo Uninstaller.lnk
2014-09-16 18:10 - 2014-09-16 18:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Bxxxf\Desktop\revosetup95.exe
2014-09-15 17:10 - 2014-09-15 17:25 - 00000000 ____D () C:\Users\Bxxxf\Documents\Fachbereichsleitung Sport 2014 für Kerstin
2014-09-14 20:10 - 2014-09-14 20:14 - 00024229 _____ () C:\Users\Bxxxf\Desktop\gmer.log
2014-09-14 19:29 - 2014-09-14 19:30 - 00380416 _____ () C:\Users\Bxxxf\Desktop\Gmer-19357.exe
2014-09-14 19:28 - 2014-09-14 19:28 - 00000476 _____ () C:\Users\Bxxxf\Desktop\defogger_disable.log
2014-09-14 19:28 - 2014-09-14 19:28 - 00000000 _____ () C:\Users\Bxxxf\defogger_reenable
2014-09-14 19:27 - 2014-09-14 19:27 - 00050477 _____ () C:\Users\Bxxxf\Desktop\Defogger.exe
2014-09-14 19:00 - 2014-09-14 20:13 - 00054865 _____ () C:\Users\Bxxxf\Desktop\Addition.txt
2014-09-14 18:57 - 2014-09-21 14:07 - 00000000 ____D () C:\FRST
2014-09-14 18:57 - 2014-09-21 14:07 - 00000000 _____ () C:\Users\Bxxxf\Desktop\FRST.txt
2014-09-14 18:55 - 2014-09-14 18:55 - 01097728 _____ (Farbar) C:\Users\Bxxxf\Desktop\FRST.exe
2014-09-13 10:48 - 2014-09-13 10:48 - 00214208 _____ () C:\Users\Bxxxf\Downloads\t6044611_Val-di-Fassa-Bike-Classic.gpx
2014-09-13 10:46 - 2014-09-13 10:46 - 00290160 _____ () C:\Users\Bxxxf\Downloads\t6044815_Val-di-Fassa-Marathon.gpx
2014-09-13 10:44 - 2014-09-13 10:44 - 00402770 _____ () C:\Users\Bxxxf\Downloads\t6295184_Etappe-1-gegen-Uhrzeigersinne-Grand-Tour-Dolomiti-Lagorai-Bike.gpx
2014-09-13 10:42 - 2014-09-13 10:42 - 00090582 _____ () C:\Users\Bxxxf\Downloads\t6044198_Moena-Karerpass-Soraga-Moena.gpx
2014-09-13 10:39 - 2014-09-13 10:39 - 00064776 _____ () C:\Users\Bxxxf\Downloads\t5951746_Canazei-Penia-Pian-Trevisan.gpx
2014-09-13 10:36 - 2014-09-13 10:36 - 00269626 _____ () C:\Users\Bxxxf\Downloads\t6043866_Pozza-San-Nicolo-Tal-Monzoni-Tal.gpx
2014-09-13 10:34 - 2014-09-13 10:34 - 00264874 _____ () C:\Users\Bxxxf\Downloads\t5952103_Canazei-Campitello-Duron-Tal-Dona-Tal.gpx
2014-09-13 10:33 - 2014-09-13 10:33 - 00111020 _____ () C:\Users\Bxxxf\Downloads\t6043951_Pozza-Mazzin-Monzon-Gardeccia.gpx
2014-09-13 10:32 - 2014-09-13 10:32 - 00087624 _____ () C:\Users\Bxxxf\Downloads\t6018800_Mazzin-Pozza-Vigo-Ciampedie.gpx
2014-09-13 10:29 - 2014-09-13 10:29 - 00262946 _____ () C:\Users\Bxxxf\Downloads\t6018721_Canazei-Campitello-Val-Duron.gpx
2014-09-13 10:28 - 2014-09-13 10:28 - 00164327 _____ () C:\Users\Bxxxf\Downloads\t5951954_Alba-di-Canazei-Contrin-Huette.gpx
2014-09-13 10:25 - 2014-09-13 10:26 - 00125877 _____ () C:\Users\Bxxxf\Downloads\t6019168_Pozza-Val-Jumela-Ciampac.gpx
2014-09-11 19:12 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 19:12 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 19:12 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 19:12 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 19:12 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 19:12 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 19:12 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 19:12 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 19:12 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 19:12 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 19:12 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 19:12 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 19:12 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 19:12 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 19:12 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 19:12 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 19:12 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 19:12 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 19:12 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 19:12 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 19:12 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 19:12 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 19:12 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 19:12 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 19:12 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 19:12 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 19:12 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 19:12 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 19:12 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 19:12 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 13:03 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 13:03 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 09:36 - 2014-09-10 09:37 - 00850216 _____ (Reimage®) C:\Users\Bxxxf\Downloads\ReimageRepair (1).exe
2014-09-10 09:35 - 2014-09-10 09:36 - 00850216 _____ (Reimage®) C:\Users\Bxxxf\Downloads\ReimageRepair.exe
2014-09-09 21:22 - 2014-09-09 21:23 - 04703864 _____ (Garmin International) C:\Users\Bxxxf\Downloads\GarminMapUpdater.exe
2014-09-01 18:50 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-01 18:49 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-01 18:49 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-01 18:49 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-01 18:09 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-01 18:09 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-01 18:09 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-01 18:09 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-01 18:07 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-01 18:07 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-01 18:07 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-01 18:06 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-01 18:06 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-01 18:06 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-01 18:06 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-01 11:19 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-01 11:19 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-01 11:19 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-01 11:19 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-01 11:17 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-01 11:17 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-01 11:17 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-01 11:16 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-01 11:16 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 14:07 - 2014-09-14 18:57 - 00000000 ____D () C:\FRST
2014-09-21 14:07 - 2014-09-14 18:57 - 00000000 _____ () C:\Users\Bxxxf\Desktop\FRST.txt
2014-09-21 13:24 - 2009-11-29 14:06 - 01660757 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 13:24 - 2009-11-29 13:24 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 13:24 - 2009-11-29 13:24 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 13:22 - 2014-09-21 13:23 - 00854417 _____ () C:\Users\Bxxxf\Desktop\SecurityCheck.exe
2014-09-21 13:22 - 2014-09-21 13:22 - 00854417 _____ () C:\Users\Bxxxf\Downloads\SecurityCheck.exe
2014-09-21 13:17 - 2013-06-25 19:36 - 13540030 _____ () C:\Windows\setupact.log
2014-09-21 13:17 - 2010-01-14 19:12 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 13:17 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 10:11 - 2010-01-14 19:12 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 10:10 - 2009-10-24 18:21 - 00000258 _____ () C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2014-09-20 20:39 - 2009-11-29 14:19 - 01654782 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-20 20:24 - 2014-09-17 23:07 - 00002944 _____ () C:\Windows\system32\TPAPSLOG.LOG
2014-09-20 11:41 - 2014-09-20 11:42 - 02347384 _____ (ESET) C:\Users\Bxxxf\Desktop\esetsmartinstaller_deu.exe
2014-09-20 11:41 - 2014-09-20 11:41 - 02347384 _____ (ESET) C:\Users\Bxxxf\Downloads\esetsmartinstaller_deu.exe
2014-09-20 10:48 - 2014-09-18 16:41 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 21:18 - 2014-09-18 19:57 - 00000917 _____ () C:\Users\Bxxxf\Desktop\JRT.txt
2014-09-18 19:52 - 2014-09-18 19:52 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 19:51 - 2014-09-18 19:50 - 01016830 _____ (Thisisu) C:\Users\Bxxxf\Downloads\JRT.exe
2014-09-18 19:51 - 2014-09-18 19:20 - 00002453 _____ () C:\Users\Bxxxf\Desktop\mbam.txt
2014-09-18 19:42 - 2013-08-09 07:25 - 00012236 _____ () C:\Windows\PFRO.log
2014-09-18 19:40 - 2014-09-18 19:22 - 00000000 ____D () C:\AdwCleaner
2014-09-18 19:21 - 2014-09-18 19:21 - 01373475 _____ () C:\Users\Bxxxf\Downloads\AdwCleaner_3.310.exe
2014-09-18 19:12 - 2010-03-05 21:42 - 00000000 ____D () C:\Windows\Sun
2014-09-18 16:41 - 2014-09-18 16:41 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-18 16:41 - 2014-09-18 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-18 16:41 - 2014-09-18 16:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-18 16:41 - 2012-03-21 22:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 16:39 - 2014-09-18 16:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bxxxf\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-17 23:28 - 2014-09-17 23:14 - 00034781 _____ () C:\ComboFix.txt
2014-09-17 23:14 - 2014-09-17 21:47 - 00000000 ____D () C:\Qoobox
2014-09-17 23:14 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-09-17 23:14 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-17 23:04 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-09-17 22:27 - 2014-09-17 21:46 - 00000000 ____D () C:\Windows\erdnt
2014-09-17 22:18 - 2009-07-14 04:03 - 81002496 _____ () C:\Windows\system32\config\software.bak
2014-09-17 22:18 - 2009-07-14 04:03 - 22544384 _____ () C:\Windows\system32\config\system.bak
2014-09-17 22:18 - 2009-07-14 04:03 - 01048576 _____ () C:\Windows\system32\config\default.bak
2014-09-17 22:18 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-09-17 22:18 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-09-17 21:45 - 2014-09-17 21:43 - 05579386 ____R (Swearware) C:\Users\Bxxxf\Desktop\ComboFix.exe
2014-09-17 10:16 - 2014-09-17 10:15 - 00000000 ____D () C:\rei
2014-09-17 10:16 - 2014-09-17 10:15 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-09-17 10:16 - 2014-09-17 10:13 - 00000165 _____ () C:\Windows\Reimage.ini
2014-09-17 10:15 - 2014-09-17 10:15 - 00002064 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-09-17 10:12 - 2014-09-17 10:12 - 00850216 _____ (Reimage®) C:\Users\Bxxxf\Downloads\ReimageRepair (2).exe
2014-09-17 10:10 - 2013-09-09 23:19 - 00000094 _____ () C:\Users\Bxxxf\AppData\Roaming\WB.CFG
2014-09-16 18:12 - 2014-09-16 18:12 - 00000757 _____ () C:\Users\Bxxxf\Desktop\Revo Uninstaller.lnk
2014-09-16 18:10 - 2014-09-16 18:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Bxxxf\Desktop\revosetup95.exe
2014-09-15 18:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-15 17:25 - 2014-09-15 17:10 - 00000000 ____D () C:\Users\Bxxxf\Documents\Fachbereichsleitung Sport 2014 für Kerstin
2014-09-15 16:46 - 2014-05-13 16:37 - 00000000 ____D () C:\Users\Bxxxf\Documents\MSG Schuljahr 2014-2015
2014-09-15 07:59 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-14 20:14 - 2014-09-14 20:10 - 00024229 _____ () C:\Users\Bxxxf\Desktop\gmer.log
2014-09-14 20:13 - 2014-09-14 19:00 - 00054865 _____ () C:\Users\Bxxxf\Desktop\Addition.txt
2014-09-14 19:30 - 2014-09-14 19:29 - 00380416 _____ () C:\Users\Bxxxf\Desktop\Gmer-19357.exe
2014-09-14 19:28 - 2014-09-14 19:28 - 00000476 _____ () C:\Users\Bxxxf\Desktop\defogger_disable.log
2014-09-14 19:28 - 2014-09-14 19:28 - 00000000 _____ () C:\Users\Bxxxf\defogger_reenable
2014-09-14 19:28 - 2009-11-29 13:25 - 00000000 ____D () C:\Users\Bxxxf
2014-09-14 19:27 - 2014-09-14 19:27 - 00050477 _____ () C:\Users\Bxxxf\Desktop\Defogger.exe
2014-09-14 18:55 - 2014-09-14 18:55 - 01097728 _____ (Farbar) C:\Users\Bxxxf\Desktop\FRST.exe
2014-09-13 12:57 - 2009-11-02 18:26 - 00000000 ____D () C:\Garmin
2014-09-13 10:57 - 2009-10-26 18:38 - 00000000 ____D () C:\Users\Bxxxf\Documents\Urlaub
2014-09-13 10:48 - 2014-09-13 10:48 - 00214208 _____ () C:\Users\Bxxxf\Downloads\t6044611_Val-di-Fassa-Bike-Classic.gpx
2014-09-13 10:46 - 2014-09-13 10:46 - 00290160 _____ () C:\Users\Bxxxf\Downloads\t6044815_Val-di-Fassa-Marathon.gpx
2014-09-13 10:44 - 2014-09-13 10:44 - 00402770 _____ () C:\Users\Bxxxf\Downloads\t6295184_Etappe-1-gegen-Uhrzeigersinne-Grand-Tour-Dolomiti-Lagorai-Bike.gpx
2014-09-13 10:42 - 2014-09-13 10:42 - 00090582 _____ () C:\Users\Bxxxf\Downloads\t6044198_Moena-Karerpass-Soraga-Moena.gpx
2014-09-13 10:39 - 2014-09-13 10:39 - 00064776 _____ () C:\Users\Bxxxf\Downloads\t5951746_Canazei-Penia-Pian-Trevisan.gpx
2014-09-13 10:36 - 2014-09-13 10:36 - 00269626 _____ () C:\Users\Bxxxf\Downloads\t6043866_Pozza-San-Nicolo-Tal-Monzoni-Tal.gpx
2014-09-13 10:34 - 2014-09-13 10:34 - 00264874 _____ () C:\Users\Bxxxf\Downloads\t5952103_Canazei-Campitello-Duron-Tal-Dona-Tal.gpx
2014-09-13 10:33 - 2014-09-13 10:33 - 00111020 _____ () C:\Users\Bxxxf\Downloads\t6043951_Pozza-Mazzin-Monzon-Gardeccia.gpx
2014-09-13 10:32 - 2014-09-13 10:32 - 00087624 _____ () C:\Users\Bxxxf\Downloads\t6018800_Mazzin-Pozza-Vigo-Ciampedie.gpx
2014-09-13 10:29 - 2014-09-13 10:29 - 00262946 _____ () C:\Users\Bxxxf\Downloads\t6018721_Canazei-Campitello-Val-Duron.gpx
2014-09-13 10:28 - 2014-09-13 10:28 - 00164327 _____ () C:\Users\Bxxxf\Downloads\t5951954_Alba-di-Canazei-Contrin-Huette.gpx
2014-09-13 10:26 - 2014-09-13 10:25 - 00125877 _____ () C:\Users\Bxxxf\Downloads\t6019168_Pozza-Val-Jumela-Ciampac.gpx
2014-09-12 18:41 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-11 19:15 - 2009-08-23 00:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 19:07 - 2013-08-15 16:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 18:04 - 2011-06-19 21:09 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 18:03 - 2012-05-01 10:41 - 00002127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 18:03 - 2011-08-07 21:27 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-11 18:03 - 2011-08-07 21:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 10:31 - 2011-11-16 11:43 - 00032603 _____ () C:\Users\Bxxxf\ACTIVstudioError.log
2014-09-10 09:37 - 2014-09-10 09:36 - 00850216 _____ (Reimage®) C:\Users\Bxxxf\Downloads\ReimageRepair (1).exe
2014-09-10 09:36 - 2014-09-10 09:35 - 00850216 _____ (Reimage®) C:\Users\Bxxxf\Downloads\ReimageRepair.exe
2014-09-09 21:23 - 2014-09-09 21:22 - 04703864 _____ (Garmin International) C:\Users\Bxxxf\Downloads\GarminMapUpdater.exe
2014-09-07 17:03 - 2009-10-26 18:37 - 00000000 ____D () C:\Users\Bxxxf\Documents\Stundenkonzepte Aplus
2014-09-05 20:27 - 2012-06-19 20:45 - 00000000 ____D () C:\Users\Bxxxf\Documents\MSG Schuljahr 2012-2013
2014-09-05 20:16 - 2009-11-03 18:51 - 00000000 ____D () C:\Users\Bxxxf\AppData\Local\FreePDF_XP
2014-09-05 20:15 - 2009-11-03 18:51 - 00020280 _____ () C:\fpRedmon.log
2014-09-01 23:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-01 21:57 - 2012-08-31 17:28 - 00000000 ____D () C:\PFS6.5BD_TMP
2014-09-01 21:36 - 2009-07-14 06:33 - 00501632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 11:19 - 2012-12-07 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-23 03:46 - 2014-09-01 18:07 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-09-01 18:07 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Bxxxf\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 15:19

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 22.09.2014 09:27
Java, Flash udn Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 fwztuctp; \??\C:\Windows\system32\drivers\fwztuctp.sys [X]
S0 is3srv; system32\drivers\is3srv.sys [X]
S0 szkg5; system32\DRIVERS\szkg.sys [X]
S0 szkgfs; system32\drivers\szkgfs.sys [X]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

stebre 22.09.2014 20:35
so hier das fixlog

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-09-2014
Ran by Bxxxf at 2014-09-22 20:53:40 Run:1
Running from C:\Users\Bxxxf\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S1 fwztuctp; \??\C:\Windows\system32\drivers\fwztuctp.sys [X]
S0 is3srv; system32\drivers\is3srv.sys [X]
S0 szkg5; system32\DRIVERS\szkg.sys [X]
S0 szkgfs; system32\drivers\szkgfs.sys [X]
       
               
*****************

dgderdrv => Service deleted successfully.
fwztuctp => Service deleted successfully.
is3srv => Service deleted successfully.
szkg5 => Service deleted successfully.
szkgfs => Service deleted successfully.
                => Error: No automatic fix found for this entry.

==== End of Fixlog ====
Hallo Schrauber,

an der Stelle nochmal ein dickes Danke, dass es überhaupt eine Seite mit einem solchen Service gibt.

Ich bin jetzt gerade bei deinen Tipps:

Zum Virenscanner:

Ist mein Microsoft Essentials okay, oder sollte ich etwas anderes installieren?

schrauber 23.09.2014 18:34
Ich empfehle immer Emsisoft.

stebre 25.09.2014 19:09
Hallo Schrauber,

durch die vielen Überprüfungs- und Bereinigungstools hoffe ich doch dass mein System jetzt sauber ist. Hier nochmal (!) vielen Dank für das Leiten durch den Software-Dschungel.

Den Tipp mit Emsisoft werde ich noch umsetzen.

Somit glaube ich, können wir diesen Thread jetzt schließen.


Danke für die Zusammenarbeit

Stephan

:taenzer::taenzer::taenzer:

schrauber 26.09.2014 15:30
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:45 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131