AdwCleaner Logfile:
Code:
# AdwCleaner v2.306 - Datei am 26/07/2013 um 21:21:49 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Tim - TIM-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tim\Downloads\adwcleaner06.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Gelöscht mit Neustart : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\bkp2s34p.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.72
Datei : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [2044 octets] - [26/07/2013 21:21:13]
AdwCleaner[S2].txt - [1061 octets] - [26/07/2013 21:21:49]
########## EOF - C:\AdwCleaner[S2].txt - [1121 octets] ##########
--- --- ---
[/CODE]
DDS Logfile:
DDS Logfile:
DDS Logfile:
DDS Logfile:
Code:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635
Run by Tim at 21:41:15 on 2013-07-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3326.1899 [GMT 2:00]
.
AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\COMODO\launcher_service.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Origin\Origin.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\Comodo\GeekBuddy\unit.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uDefault_Page_URL = hxxp://www.aldi.com
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [EADM] "c:\program files\origin\Origin.exe" -AutoStart
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [gbrspcontrol] "c:\program files\common files\comodo\GeekBuddyRSP.exe" -controlservice -slave
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Nach Microsoft E&xel exportieren - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{914F0FAE-A51C-4BBC-A0E5-9445B0F62A3F} : NameServer = 192.168.1.1
TCP: Interfaces\{D5A96417-5A29-4B59-BBFB-229F4B8E5C92} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\windows\system32\guard32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tim\appdata\roaming\mozilla\firefox\profiles\bkp2s34p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mcafee security scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - ExtSQL: 2013-06-27 20:43; Shuu2lqk7OSV@NTO066xN6gxohjuS.com; c:\users\kris\appdata\roaming\mozilla\firefox\profiles\bkp2s34p.default\extensions\Shuu2lqk7OSV@NTO066xN6gxohjuS.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-1-1 37352]
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2013-5-7 35064]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-11-8 19632]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-11-8 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-11-8 36072]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-1-1 84744]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [2010-11-25 602216]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
.
=============== Created Last 30 ================
.
2013-07-26 19:36:46 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3ec23c3a-36bb-4c58-9055-19c95a900f0d}\mpengine.dll
2013-07-26 19:22:23 171 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-26 06:29:54 -------- d-----w- c:\program files\common files\COMODO
2013-07-25 18:29:57 7143960 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-07-21 21:29:38 74136 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2013-07-21 20:49:59 698504 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ebc968a6-7cce-44e1-b6cb-fba21bbf6b07}\gapaengine.dll
2013-07-21 20:49:10 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-07-21 20:49:03 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-07-21 20:38:18 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-21 20:37:51 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-21 20:36:51 509440 ----a-w- c:\windows\system32\qedit.dll
2013-07-21 20:20:49 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2013-07-21 20:20:49 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2013-07-21 20:20:48 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
.
==================== Find3M ====================
.
2013-07-21 20:37:06 67168 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-23 15:39:33 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-23 15:39:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-13 06:09:14 55496 ----a-w- c:\windows\system32\offreg.dll
2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 05:44:46 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-26 17:33:10 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-07 07:00:16 35064 ----a-w- c:\windows\system32\drivers\CFRMD.sys
2013-05-07 07:00:16 35064 ----a-w- c:\windows\inf\cfrmd\cfrmd.sys
2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 21:43:31,29 ===============
[/CODE][/CODE][/CODE]
--- --- ---
--- --- ---
--- --- ---
--- --- ---
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 05.08.2010 18:46:19
System Uptime: 26.07.2013 21:24:56 (0 hours ago)
.
Motherboard: MEDIONPC | | MS-7646
Processor: AMD Athlon(tm) II X4 620 Processor | CPU 1 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 673,054 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 11,151 GiB free.
E: is CDROM (CDFS)
F: is FIXED (NTFS) - 932 GiB total, 903,699 GiB free.
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP270: 03.07.2013 08:17:05 - Wiederherstellungsvorgang
RP271: 07.07.2013 22:08:42 - Windows Update
RP272: 11.07.2013 19:36:27 - Windows Update
RP273: 11.07.2013 23:17:02 - Windows Update
RP274: 17.07.2013 08:06:45 - Windows Update
RP275: 20.07.2013 07:59:33 - Wiederherstellungsvorgang
RP276: 21.07.2013 22:47:41 - Windows Update
RP277: 21.07.2013 23:42:09 - Windows Update
RP278: 25.07.2013 20:28:03 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) - Deutsch
Adobe Shockwave Player 11.5
AMD USB Filter Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Avira Free Antivirus
Bonjour
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Norwegian
CCC Help Spanish
CCC Help Swedish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Command & Conquer™ 4 Tiberian Twilight
Commander: Conquest of the Americas
Comodo Dragon
COMODO Internet Security
Compatibility Pack für 2007 Office System
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content
CorelDRAW Essentials 4 - Draw
CorelDRAW Essentials 4 - Extra Content
CorelDRAW Essentials 4 - Filters
CorelDRAW Essentials 4 - ICA
CorelDRAW Essentials 4 - IPM - No VBA
CorelDRAW Essentials 4 - Lang BR
CorelDRAW Essentials 4 - Lang DE
CorelDRAW Essentials 4 - Lang EN
CorelDRAW Essentials 4 - Lang ES
CorelDRAW Essentials 4 - Lang FR
CorelDRAW Essentials 4 - Lang IT
CorelDRAW Essentials 4 - Lang NL
CorelDRAW Essentials 4 - PHOTO-PAINT
EA Installer
ElsterFormular
FUSSBALL MANAGER 11
GeekBuddy
Google Chrome
Google Update Helper
iTunes
Java Auto Updater
Java(TM) 6 Update 24
McAfee Security Scan Plus
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Antimalware Service DE-DE Language Pack
Microsoft Application Error Reporting
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (German) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Client DE-DE Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [DEU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Mozilla Firefox 22.0 (x86 de)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
Origin
PlayReady PC Runtime x86
QuickTime
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver and Utility
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sid Meier's Civilization V
Skype™ 6.3
Snagit 10
Spelling Dictionaries Support For Adobe Reader 9
Steam
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Zip Opener
VLC media player 1.1.7
Windows Live Mesh ActiveX control for remote connections
Windows Live OneCare safety scanner
WinRAR
Wolfschanze II (1.0)
.
==== End Of File ===========================
[/CODE]
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.07.26.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Tim :: TIM-PC [Administrator]
Schutz: Aktiviert
26.07.2013 21:58:51
mbam-log-2013-07-26 (21-58-51).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 381446
Laufzeit: 2 Stunde(n), 7 Minute(n), 51 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 29
c:\program files\comodo\comodo internet security\quarantine\77c844f2-5273-47aa-8ac7-9056b18b7091.data (PUP.DealPly) -> Keine Aktion durchgeführt.
C:\Users\Tim\Desktop\Neuer Ordner\Wolfschanze II v1.0 + 6 Trainer.exe (HackTool.GamesCheat) -> Erfolgreich gelöscht und in Quarantäne gestellt.
c:\program files\comodo\comodo internet security\quarantine\0ade9f1b-85b4-493d-aa22-458663e4f2dd.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\1436d6f1-56c5-4c5b-bf00-11d2eb119829.data (Rootkit.0Access.EPA) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\7ce01454-f1e9-4ef2-9261-0ef101cd608c.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\4c5e7d21-e79b-4495-8be8-22786cdf6d38.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\e67c45af-19ab-4d70-a255-dd7c232af4a4.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\f1bfcf55-5d72-4659-8f5b-9b0839cc8735.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\89ae7a59-9228-4ca5-a788-35763aac68ff.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\978754b7-aeac-4475-ae6a-6071183cc054.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\33e226e9-cfb6-433c-8661-6a920ab102c9.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\3c9a74b3-c66c-454f-a711-876a26fa4ca6.data (Rootkit.0Access) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\3e5832eb-a33d-4e1f-b57d-ad6992c02acf.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\8a4bcc79-0fd8-44f1-b506-a2cf2b730003.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\8b0f365a-fa9e-4896-bbf1-315a7d4db0d6.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\8e0a291b-f8ed-4d73-ab91-d80cf2722d07.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\919fc8fe-651c-4a65-9002-59a079c0ee39.data (Trojan.Ransom) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\bfdaa991-5a74-413d-932e-4474185015b0.data (Trojan.0Access) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\c4dc727e-4386-4e5a-aacb-0e4103608039.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\ca5e422d-3d2e-45d8-9a5a-5ce6eb170b7c.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\6beb2a2b-7a02-4206-a534-fbd25fe7475d.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\6eda5573-5cc8-46bb-bdb9-6e478dc5b645.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\229a1a48-0d97-47a5-be14-d3f7ba9f03ed.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\28fa855a-6bb9-4519-a9a2-0b9c3d0585e2.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\dc1b01a3-1f3e-4c28-aa12-208607040583.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\ddb0e69c-81d7-4a85-9dbb-9c5a7889c6ff.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\e043b487-3d20-4e8e-ba27-81e663e0862b.data (HackTool.Brutus) -> Löschen bei Neustart.
c:\program files\comodo\comodo internet security\quarantine\e137992b-954a-4582-9455-17045c28db79.data (HackTool.Brutus) -> Löschen bei Neustart.
F:\Brutus\brutus-aet2.zip (HackTool.Brutus) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=23bff815b40679499d3a9479ae45d3af
# engine=14590
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-30 08:53:52
# local_time=2013-07-30 10:53:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 12520 240640922 5295 0
# compatibility_mode=3074 16777213 100 100 12140 31354554 0 0
# compatibility_mode=5893 16776574 100 94 744751 126848823 0 0
# scanned=179032
# found=4
# cleaned=0
# scan_time=9918
sh=F439BC6FF954846FAD2B7E9005DE6D024F0F409C ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2012-1723.IM Trojaner" ac=I fn="C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\71ede3d6-511960de"
sh=F439BC6FF954846FAD2B7E9005DE6D024F0F409C ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2012-1723.IM Trojaner" ac=I fn="C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\b86459-65ab61d5"
sh=F439BC6FF954846FAD2B7E9005DE6D024F0F409C ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2012-1723.IM Trojaner" ac=I fn="C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\53071cfb-111c9c3e"
sh=0E829F3D3C14854057322163DBF94145FA5C5D91 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.IK Trojaner" ac=I fn="C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\40d05c7c-7048de0b"