Trojaner-Board - TOSHIBA SATELLITE - ständige Übertemperaturanzeige ohne Übertemperatur

... ok, und die Bedrohung nicht entfernen?
Grüße und vielen Dank, Romanos

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=0c3c12671b349a44a6b04c72e8bf3b5c

# engine=18078

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-04-30 12:55:31

# local_time=2014-04-30 02:55:31 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=5122 16777214 66 93 3754718 148658089 0 0

# compatibility_mode=5892 16776574 100 100 22334 236352059 0 0

# scanned=414276

# found=1

# cleaned=0

# scan_time=17611

sh=2DD2680A658565148FC92DB40207AA52EE49EAE8 ft=1 fh=9af9006bf92fa775 vn="Variante von Win32/Adware.RegRevive.A Anwendung" ac=I fn="C:\Users\Conny\Downloads\Reguse_Installer.exe"

Code:

 Results of screen317's Security Check version 0.99.82  

 Windows Vista Service Pack 2 x86 (UAC is enabled)  

 Internet Explorer 8 Out of date! 

 Internet Explorer 8  
 ``````````````Antivirus/Firewall Check:`````````````` 

McAfee Anti-Virus und Anti-Spyware   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 TuneUp Utilities 2012   

 TuneUp Utilities Language Pack (de-DE) 

 Java(TM) 6 Update 24  

 Java(TM) 6 Update 22  

 Java 7 Update 45  

 Java version out of Date! 

 Adobe Flash Player         13.0.0.182  

 Adobe Reader 9 Adobe Reader out of Date! 

 Adobe Reader 10.1.9 Adobe Reader out of Date!  

 Mozilla Firefox (28.0) 
 ````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbam.exe  
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

Ich mache das ganze jetzt nochmal mit Virenscanner ausgeschaltet...

Code:

 Results of screen317's Security Check version 0.99.82  

 Windows Vista Service Pack 2 x86 (UAC is enabled)  

 Internet Explorer 8 Out of date! 

 Internet Explorer 8  
 ``````````````Antivirus/Firewall Check:`````````````` 

McAfee Anti-Virus und Anti-Spyware   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 TuneUp Utilities 2012   

 TuneUp Utilities Language Pack (de-DE) 

 Java(TM) 6 Update 24  

 Java(TM) 6 Update 22  

 Java 7 Update 45  

 Java version out of Date! 

 Adobe Flash Player         13.0.0.182  

 Adobe Reader 9 Adobe Reader out of Date! 

 Adobe Reader 10.1.9 Adobe Reader out of Date!  

 Mozilla Firefox (28.0) 
 ````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbam.exe  
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

---kein rechter Unterschied sichtbar...
jetzt noch das FRSTlog:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-04-2014 03

Ran by Rainer (administrator) on RAINER-PC on 30-04-2014 23:11:02

Running from C:\Users\Rainer\Downloads

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe

(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\ehome\ehsched.exe

(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

(TOSHIBA Corporation) C:\Windows\System32\TDispVol.exe

(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe

(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe

(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)

HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [421888 2007-04-16] (TOSHIBA Electronics, Inc.)

HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2008-11-21] (TOSHIBA)

HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1011712 2009-04-23] (TOSHIBA Corporation)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-04-21] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [468320 2009-03-06] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [503808 2009-03-31] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [729088 2009-03-23] (TOSHIBA Corporation)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)

HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [96144 2009-03-04] (Toshiba Europe GmbH)

HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)

HKLM\...\Run: [OrderReminder] => C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)

HKLM\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)

HKLM\...\Run: [TAccessibility] => C:\Program Files\TOSHIBA\Accessibility\TAccessibility.exe [110592 2009-04-24] ()

HKLM\...\Run: [TFncKy] => TFncKy.exe

HKLM\...\Run: [TDispVol] => C:\Windows\system32\TDispVol.exe [208896 2009-04-24] (TOSHIBA Corporation)

HKLM\...\Run: [TCtryIOHook] => C:\Windows\system32\TCtrlIOHook.exe [28672 2009-04-30] (TOSHIBA)

HKLM\...\Policies\Explorer: [NoCDBurning] 0

HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

HKU\S-1-5-21-3586509278-78834929-860225448-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk

ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Shortcut-Leiste.lnk

ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft-Indexerstellung.lnk

ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)

Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Rainer-User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {38AEB7B3-42CC-4C33-9290-BEA08B6FE742} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;

SearchScopes: HKCU - F31624B0AF444080B7F139E05E41A758 URL = hxxp://isearch.avg.com/search?cid={72680FDB-E8CB-437D-AEE8-9F9D0761B89D}&mid=34d71d940f5847d1b30bd16a1c122099-aca251ad60a79a90d151588985182fee0518d1c3&lang=de&ds=tt014&pr=sa&d=2011-12-19 22:25:18&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}

SearchScopes: HKCU - {38AEB7B3-42CC-4C33-9290-BEA08B6FE742} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;

BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab

DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler: haufereader - No CLSID Value - 

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
 

FireFox:

========

FF ProfilePath: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\1o9o6kha.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File

FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin: @protectdisc.com/NPMPDRM - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2014-04-24]

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2011-12-15]

FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-12-15]
 

Chrome: 

=======

CHR HomePage: 

CHR HKLM\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files\HomeTab\chrome\HomeTab.crx []

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2011-12-15]

CHR HKLM\...\Chrome\Extension: [kfepagcelbegkpkcjgfeecmlnmkedjin] - C:\Program Files\Browser Guard\browserguard.crx [2011-12-15]
 

========================== Services (Whitelisted) =================
 

S2 0047871398891687mcinstcleanup; C:\Windows\TEMP\004787~1.EXE [836168 2014-03-13] (McAfee, Inc.)

S4 AAV UpdateService; C:\Program Files\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()

R2 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)

R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)

S4 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [242424 2009-02-11] (WildTangent, Inc.)

R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)

S4 HRService; C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe [71024 2010-10-25] ()

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-28] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)

S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-21] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-03-17] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [175480 2014-03-17] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)

S4 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-06] (soft Xpansion)

R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)

R2 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [62776 2009-04-01] (TOSHIBA Corporation)

R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-24] (TOSHIBA Corporation)

R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation)

R2 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [656752 2009-04-15] (TOSHIBA Corporation)

S4 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1529656 2013-12-11] (TuneUp Software)
 

==================== Drivers (Whitelisted) ====================
 

R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)

R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)

S4 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-05] (AVG Technologies)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61400 2014-03-17] (McAfee, Inc.)

S3 FTD2XX; C:\Windows\System32\Drivers\FTD2XX.sys [29292 2004-10-15] (FTDI Ltd.)

S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2011-01-24] (FTDI Ltd.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)

R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-30] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134600 2014-03-17] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236480 2014-03-17] (McAfee, Inc.)

S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2014-03-17] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [367776 2014-03-17] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [573968 2014-03-17] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [330248 2014-01-21] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81264 2014-01-21] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [214856 2014-03-17] (McAfee, Inc.)

R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)

R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [154272 2008-11-11] (Realtek Semiconductor Corp.)

R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)

S3 SAFAUSB; C:\Windows\System32\Drivers\VocTrace.sys [16035 2003-12-19] (Windows (R) 2000 DDK provider)

S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-12-12] (TuneUp Software)

R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-03-21] (TOSHIBA Corporation)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 catchme; \??\C:\Users\Rainer\AppData\Local\Temp\catchme.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-30 23:10 - 2014-04-30 23:10 - 00000000 ____D () C:\Users\Rainer\Downloads\FRST-OlderVersion

2014-04-30 23:03 - 2014-04-30 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-04-30 23:02 - 2014-04-30 23:03 - 00855379 _____ () C:\Users\Rainer\Downloads\SecurityCheck.exe

2014-04-29 21:56 - 2014-04-29 21:57 - 02347384 _____ (ESET) C:\Users\Rainer\Downloads\esetsmartinstaller_deu.exe

2014-04-29 00:10 - 2014-04-30 23:11 - 00022189 _____ () C:\Users\Rainer\Downloads\FRST.txt

2014-04-29 00:09 - 2014-04-30 23:10 - 01050624 _____ (Farbar) C:\Users\Rainer\Downloads\FRST.exe

2014-04-29 00:04 - 2014-04-29 00:04 - 00000658 _____ () C:\Users\Rainer\Downloads\JRT.txt

2014-04-28 23:58 - 2014-04-28 23:58 - 00000658 _____ () C:\Users\Rainer\Desktop\JRT.txt

2014-04-28 23:43 - 2014-04-28 23:43 - 01016261 _____ (Thisisu) C:\Users\Rainer\Downloads\JRT.exe

2014-04-28 23:34 - 2014-04-28 23:34 - 00101709 _____ () C:\Users\Rainer\Downloads\AdwCleaner[S0].txt

2014-04-28 23:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-04-28 23:24 - 2014-04-28 23:24 - 01310621 _____ () C:\Users\Rainer\Downloads\adwcleaner.exe

2014-04-28 23:20 - 2014-04-28 23:20 - 00011947 _____ () C:\Users\Rainer\Downloads\mbam2.txt

2014-04-28 23:20 - 2014-04-28 23:20 - 00011946 _____ () C:\Users\Rainer\Downloads\mbam.txt

2014-04-28 22:25 - 2014-04-30 22:53 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-28 22:25 - 2014-04-28 22:25 - 00000904 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-28 22:25 - 2014-04-28 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-28 22:25 - 2014-04-28 22:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-28 22:25 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-28 22:25 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-28 22:25 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-28 22:23 - 2014-04-28 22:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Rainer\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-27 23:09 - 2014-04-27 23:09 - 00042496 _____ () C:\Users\Rainer-User\Downloads\Kopie von Arbeitszeugnis Bewertungsbogen.xls

2014-04-27 14:21 - 2014-04-27 14:21 - 00123282 _____ () C:\Users\Rainer\Downloads\ComboFix 14-04-26.01 - Rainer.txt

2014-04-27 14:08 - 2014-04-27 14:08 - 00123282 _____ () C:\Users\Rainer-User\Downloads\ComboFix 14-04-26.01 - Rainer.txt

2014-04-27 14:07 - 2014-04-27 14:07 - 00123282 _____ () C:\ComboFix.txt

2014-04-27 13:47 - 2014-04-27 14:07 - 00000000 ____D () C:\ComboFix

2014-04-26 14:41 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

2014-04-24 22:05 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-04-24 22:05 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-04-24 22:05 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-04-24 22:05 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-04-24 22:05 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-04-24 22:05 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-04-24 22:05 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-04-24 22:05 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-04-24 22:04 - 2014-04-27 14:07 - 00000000 ____D () C:\Qoobox

2014-04-24 22:03 - 2014-04-24 22:35 - 00000000 ____D () C:\Windows\erdnt

2014-04-24 21:59 - 2013-11-09 00:31 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-24 21:59 - 2013-11-09 00:31 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-24 21:59 - 2013-11-09 00:31 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-24 21:57 - 2014-04-27 13:46 - 05196309 ____R (Swearware) C:\Users\Rainer\Downloads\ComboFix.exe

2014-04-23 22:32 - 2014-04-23 22:32 - 01048576 _____ (Farbar) C:\Users\Rainer-User\Downloads\FRST(1).exe

2014-04-21 00:27 - 2014-04-21 00:27 - 00001070 _____ () C:\Users\Rainer-User\Desktop\FRITZ!Box Fon WLAN 7050 UPnP-1.0 AVM FRITZ!Box Fon WLAN 7050 (UI) 14.04.31 - Verknüpfung.lnk

2014-04-20 19:31 - 2014-04-20 19:31 - 00000000 ____D () C:\Windows\pss

2014-04-20 09:59 - 2014-04-20 09:59 - 00014386 _____ () C:\Users\Rainer-User\Downloads\pass(2).pkpass

2014-04-20 09:58 - 2014-04-20 09:58 - 00013426 _____ () C:\Users\Rainer-User\Downloads\BoardingPass(3).jpeg

2014-04-20 09:47 - 2014-04-20 09:47 - 00014392 _____ () C:\Users\Rainer-User\Downloads\pass(1).pkpass

2014-04-20 09:47 - 2014-04-20 09:47 - 00013313 _____ () C:\Users\Rainer-User\Downloads\BoardingPass(2).jpeg

2014-04-15 15:00 - 2014-02-23 12:48 - 06020096 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-15 15:00 - 2014-02-23 12:46 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-04-15 14:59 - 2014-02-23 12:53 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-04-15 14:59 - 2014-02-23 12:52 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-04-15 14:59 - 2014-02-23 12:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-04-15 14:59 - 2014-02-23 12:50 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-04-15 14:59 - 2014-02-23 12:48 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-04-15 14:59 - 2014-02-23 12:48 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2014-04-15 14:59 - 2014-02-23 12:48 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-04-15 14:59 - 2014-02-23 12:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-04-15 14:59 - 2014-02-23 12:47 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-04-15 14:59 - 2014-02-23 12:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-04-15 14:59 - 2014-02-23 12:46 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-04-15 14:59 - 2014-02-23 12:46 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-04-15 14:59 - 2014-02-23 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll

2014-04-15 14:59 - 2014-02-23 11:12 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-04-15 14:59 - 2014-02-23 09:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-04-15 14:59 - 2014-02-23 09:25 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-04-15 14:59 - 2014-02-23 09:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-15 14:59 - 2014-02-23 09:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-04-15 14:59 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-14 23:18 - 2014-04-14 23:18 - 00058368 _____ () C:\Users\Rainer-User\Downloads\Mieteinkünftehilfsblatt 2012 2012 01 12  NK H. Wagner erhöht auf 110.xls

2014-04-13 19:32 - 2014-04-13 19:32 - 00000000 ____D () C:\Users\Felix\AppData\Local\Skype

2014-04-13 14:55 - 2014-04-13 14:55 - 00013467 _____ () C:\Users\Rainer-User\Downloads\BoardingPass(1).jpeg

2014-04-13 14:50 - 2014-04-13 14:50 - 00014389 _____ () C:\Users\Rainer-User\Downloads\pass.pkpass

2014-04-13 14:43 - 2014-04-13 14:43 - 00013461 _____ () C:\Users\Rainer-User\Downloads\BoardingPass.jpeg

2014-04-13 14:26 - 2014-04-13 14:26 - 00000000 ____D () C:\Users\Rainer-User\AppData\Local\Skype

2014-04-13 12:52 - 2014-04-13 12:52 - 00000000 ___SD () C:\Users\Marie-Sophie\Documents\My PageManager-1

2014-04-04 20:08 - 2014-04-04 20:08 - 00056057 _____ () C:\Users\Marie-Sophie\Downloads\911Tabs - tabs search engine _ 4,600,000 tabs. Guitar, bass, drums, piano, guitar pro and power tabs!.html

2014-04-04 13:53 - 2014-04-13 13:03 - 00000000 ____D () C:\Users\Marie-Sophie\AppData\Roaming\Canon

2014-04-04 13:52 - 2014-04-13 13:04 - 00000000 ___SD () C:\Users\Marie-Sophie\Documents\My PageManager

2014-04-04 13:52 - 2014-04-04 13:52 - 00000000 ____D () C:\Users\Marie-Sophie\AppData\Roaming\NewSoft

2014-04-04 13:37 - 2014-04-04 13:37 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\NSBackup

2014-04-02 19:03 - 2014-04-02 19:03 - 00000000 ____D () C:\Users\Felix\Documents\DVDVideoSoft

2014-04-02 19:03 - 2014-04-02 19:03 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\DVDVideoSoft

2014-04-01 23:51 - 2014-04-01 23:51 - 01356124 _____ () C:\Users\Rainer-User\Downloads\chapter.asp

2014-04-01 13:17 - 2014-04-28 23:14 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4d9be8945aa0.job

2014-03-31 23:47 - 2014-03-31 23:47 - 04438368 _____ (avm) C:\Users\Rainer-User\Downloads\fritz.box_fon_wlan_7050.04.15.recover-image.exe

2014-03-31 23:21 - 2014-03-31 23:21 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Skype

2014-03-31 22:54 - 2014-03-31 22:54 - 04340064 _____ (AVM Berlin) C:\Users\Rainer-User\Downloads\fritz.box_fon_wlan_7050.04.31.recover-image.exe
 

==================== One Month Modified Files and Folders =======
 

2014-04-30 23:11 - 2014-04-29 00:10 - 00022189 _____ () C:\Users\Rainer\Downloads\FRST.txt

2014-04-30 23:11 - 2013-11-11 00:10 - 00000000 ____D () C:\FRST

2014-04-30 23:10 - 2014-04-30 23:10 - 00000000 ____D () C:\Users\Rainer\Downloads\FRST-OlderVersion

2014-04-30 23:10 - 2014-04-29 00:09 - 01050624 _____ (Farbar) C:\Users\Rainer\Downloads\FRST.exe

2014-04-30 23:03 - 2014-04-30 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-04-30 23:03 - 2014-04-30 23:02 - 00855379 _____ () C:\Users\Rainer\Downloads\SecurityCheck.exe

2014-04-30 23:03 - 2013-02-20 08:55 - 00001756 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk

2014-04-30 22:53 - 2014-04-28 22:25 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-30 22:51 - 2011-12-02 22:18 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-04-30 22:51 - 2010-11-14 21:59 - 00000000 ____D () C:\Users\Rainer-User\AppData\Roaming\Skype

2014-04-30 22:48 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-30 22:48 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-30 22:48 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-30 20:06 - 2008-02-24 09:46 - 01113535 _____ () C:\Windows\WindowsUpdate.log

2014-04-30 20:06 - 2006-11-02 15:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-04-30 19:38 - 2012-04-04 21:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-30 19:22 - 2011-09-26 23:43 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-29 21:57 - 2014-04-29 21:56 - 02347384 _____ (ESET) C:\Users\Rainer\Downloads\esetsmartinstaller_deu.exe

2014-04-29 21:55 - 2008-01-21 09:16 - 01626604 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-29 17:25 - 2011-11-26 10:09 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype

2014-04-29 00:04 - 2014-04-29 00:04 - 00000658 _____ () C:\Users\Rainer\Downloads\JRT.txt

2014-04-28 23:58 - 2014-04-28 23:58 - 00000658 _____ () C:\Users\Rainer\Desktop\JRT.txt

2014-04-28 23:43 - 2014-04-28 23:43 - 01016261 _____ (Thisisu) C:\Users\Rainer\Downloads\JRT.exe

2014-04-28 23:34 - 2014-04-28 23:34 - 00101709 _____ () C:\Users\Rainer\Downloads\AdwCleaner[S0].txt

2014-04-28 23:31 - 2008-01-21 04:47 - 00839050 _____ () C:\Windows\PFRO.log

2014-04-28 23:30 - 2013-10-07 23:17 - 00000000 ____D () C:\AdwCleaner

2014-04-28 23:24 - 2014-04-28 23:24 - 01310621 _____ () C:\Users\Rainer\Downloads\adwcleaner.exe

2014-04-28 23:20 - 2014-04-28 23:20 - 00011947 _____ () C:\Users\Rainer\Downloads\mbam2.txt

2014-04-28 23:20 - 2014-04-28 23:20 - 00011946 _____ () C:\Users\Rainer\Downloads\mbam.txt

2014-04-28 23:14 - 2014-04-01 13:17 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4d9be8945aa0.job

2014-04-28 22:25 - 2014-04-28 22:25 - 00000904 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-28 22:25 - 2014-04-28 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-28 22:25 - 2014-04-28 22:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-28 22:25 - 2013-10-07 22:36 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-28 22:23 - 2014-04-28 22:23 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Rainer\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-27 23:09 - 2014-04-27 23:09 - 00042496 _____ () C:\Users\Rainer-User\Downloads\Kopie von Arbeitszeugnis Bewertungsbogen.xls

2014-04-27 14:21 - 2014-04-27 14:21 - 00123282 _____ () C:\Users\Rainer\Downloads\ComboFix 14-04-26.01 - Rainer.txt

2014-04-27 14:08 - 2014-04-27 14:08 - 00123282 _____ () C:\Users\Rainer-User\Downloads\ComboFix 14-04-26.01 - Rainer.txt

2014-04-27 14:07 - 2014-04-27 14:07 - 00123282 _____ () C:\ComboFix.txt

2014-04-27 14:07 - 2014-04-27 13:47 - 00000000 ____D () C:\ComboFix

2014-04-27 14:07 - 2014-04-24 22:04 - 00000000 ____D () C:\Qoobox

2014-04-27 14:03 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-04-27 13:46 - 2014-04-24 21:57 - 05196309 ____R (Swearware) C:\Users\Rainer\Downloads\ComboFix.exe

2014-04-25 17:42 - 2011-11-20 21:37 - 00000020 ____H () C:\ProgramData\PKP_DLdw.DAT

2014-04-25 17:42 - 2011-11-20 21:35 - 00000020 ____H () C:\ProgramData\PKP_DLdu.DAT

2014-04-24 22:38 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-04-24 22:38 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-04-24 22:35 - 2014-04-24 22:03 - 00000000 ____D () C:\Windows\erdnt

2014-04-24 21:59 - 2014-03-18 18:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-24 21:58 - 2009-06-09 11:10 - 00000000 ____D () C:\Program Files\Java

2014-04-23 22:50 - 2013-11-11 00:27 - 00039000 _____ () C:\Users\Rainer-User\Downloads\FRST.txt

2014-04-23 22:50 - 2013-10-07 00:03 - 00035955 _____ () C:\Users\Rainer-User\Downloads\Addition.txt

2014-04-23 22:32 - 2014-04-23 22:32 - 01048576 _____ (Farbar) C:\Users\Rainer-User\Downloads\FRST(1).exe

2014-04-21 17:25 - 2011-11-24 17:13 - 00000000 ____D () C:\Users\Marie-Sophie\AppData\Roaming\Skype

2014-04-21 12:05 - 2010-11-17 08:51 - 00000000 ____D () C:\Users\Conny\AppData\Roaming\Skype

2014-04-21 00:27 - 2014-04-21 00:27 - 00001070 _____ () C:\Users\Rainer-User\Desktop\FRITZ!Box Fon WLAN 7050 UPnP-1.0 AVM FRITZ!Box Fon WLAN 7050 (UI) 14.04.31 - Verknüpfung.lnk

2014-04-20 19:31 - 2014-04-20 19:31 - 00000000 ____D () C:\Windows\pss

2014-04-20 09:59 - 2014-04-20 09:59 - 00014386 _____ () C:\Users\Rainer-User\Downloads\pass(2).pkpass

2014-04-20 09:58 - 2014-04-20 09:58 - 00013426 _____ () C:\Users\Rainer-User\Downloads\BoardingPass(3).jpeg

2014-04-20 09:47 - 2014-04-20 09:47 - 00014392 _____ () C:\Users\Rainer-User\Downloads\pass(1).pkpass

2014-04-20 09:47 - 2014-04-20 09:47 - 00013313 _____ () C:\Users\Rainer-User\Downloads\BoardingPass(2).jpeg

2014-04-20 09:43 - 2012-04-04 21:24 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-04-20 09:43 - 2011-06-01 22:29 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-04-20 09:43 - 2010-08-29 22:32 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Adobe

2014-04-16 09:32 - 2013-08-07 12:11 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-16 09:23 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-04-16 00:41 - 2012-06-21 20:14 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

2014-04-16 00:41 - 2010-09-18 16:07 - 00000000 ____D () C:\Users\Felix

2014-04-16 00:41 - 2010-09-01 12:43 - 00000000 ____D () C:\Users\Marie-Sophie

2014-04-16 00:41 - 2010-08-30 08:28 - 00000000 ____D () C:\Users\Conny

2014-04-16 00:41 - 2010-08-29 23:01 - 00000000 ____D () C:\Users\Rainer

2014-04-16 00:41 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool

2014-04-16 00:41 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc

2014-04-16 00:41 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration

2014-04-16 00:41 - 2006-11-02 12:22 - 49807360 _____ () C:\Windows\system32\config\system_previous

2014-04-16 00:41 - 2006-11-02 12:22 - 49545216 _____ () C:\Windows\system32\config\software_previous

2014-04-16 00:39 - 2006-11-02 12:22 - 39845888 _____ () C:\Windows\system32\config\components_previous

2014-04-16 00:39 - 2006-11-02 12:22 - 00204800 _____ () C:\Windows\system32\config\sam_previous

2014-04-15 14:27 - 2006-11-02 12:22 - 00786432 _____ () C:\Windows\system32\config\default_previous

2014-04-15 14:19 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous

2014-04-14 23:18 - 2014-04-14 23:18 - 00058368 _____ () C:\Users\Rainer-User\Downloads\Mieteinkünftehilfsblatt 2012 2012 01 12  NK H. Wagner erhöht auf 110.xls

2014-04-13 19:32 - 2014-04-13 19:32 - 00000000 ____D () C:\Users\Felix\AppData\Local\Skype

2014-04-13 14:55 - 2014-04-13 14:55 - 00013467 _____ () C:\Users\Rainer-User\Downloads\BoardingPass(1).jpeg

2014-04-13 14:50 - 2014-04-13 14:50 - 00014389 _____ () C:\Users\Rainer-User\Downloads\pass.pkpass

2014-04-13 14:43 - 2014-04-13 14:43 - 00013461 _____ () C:\Users\Rainer-User\Downloads\BoardingPass.jpeg

2014-04-13 14:26 - 2014-04-13 14:26 - 00000000 ____D () C:\Users\Rainer-User\AppData\Local\Skype

2014-04-13 13:04 - 2014-04-04 13:52 - 00000000 ___SD () C:\Users\Marie-Sophie\Documents\My PageManager

2014-04-13 13:03 - 2014-04-04 13:53 - 00000000 ____D () C:\Users\Marie-Sophie\AppData\Roaming\Canon

2014-04-13 12:52 - 2014-04-13 12:52 - 00000000 ___SD () C:\Users\Marie-Sophie\Documents\My PageManager-1

2014-04-04 20:08 - 2014-04-04 20:08 - 00056057 _____ () C:\Users\Marie-Sophie\Downloads\911Tabs - tabs search engine _ 4,600,000 tabs. Guitar, bass, drums, piano, guitar pro and power tabs!.html

2014-04-04 13:52 - 2014-04-04 13:52 - 00000000 ____D () C:\Users\Marie-Sophie\AppData\Roaming\NewSoft

2014-04-04 13:50 - 2012-11-15 00:28 - 00000000 ___SD () C:\Users\Rainer-User\Documents\My PageManager

2014-04-04 13:37 - 2014-04-04 13:37 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\NSBackup

2014-04-04 13:37 - 2013-12-30 16:24 - 00000000 ___SD () C:\Users\Rainer\Documents\My PageManager

2014-04-04 13:35 - 2010-11-14 21:59 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\Skype

2014-04-03 09:51 - 2014-04-28 22:25 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-28 22:25 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-28 22:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 19:03 - 2014-04-02 19:03 - 00000000 ____D () C:\Users\Felix\Documents\DVDVideoSoft

2014-04-02 19:03 - 2014-04-02 19:03 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\DVDVideoSoft

2014-04-01 23:51 - 2014-04-01 23:51 - 01356124 _____ () C:\Users\Rainer-User\Downloads\chapter.asp

2014-04-01 00:16 - 2013-11-09 01:16 - 00000139 _____ () C:\Users\Rainer\AppData\Roaming\WB.CFG

2014-03-31 23:47 - 2014-03-31 23:47 - 04438368 _____ (avm) C:\Users\Rainer-User\Downloads\fritz.box_fon_wlan_7050.04.15.recover-image.exe

2014-03-31 23:21 - 2014-03-31 23:21 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Skype

2014-03-31 22:54 - 2014-03-31 22:54 - 04340064 _____ (AVM Berlin) C:\Users\Rainer-User\Downloads\fritz.box_fon_wlan_7050.04.31.recover-image.exe

2014-03-31 09:35 - 2011-12-09 23:58 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 

Files to move or delete:

====================

C:\ProgramData\PKP_DLdu.DAT

C:\ProgramData\PKP_DLdw.DAT
 
 

Some content of TEMP:

====================

C:\Users\Rainer\AppData\Local\temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-30 22:54
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

...leider kommt diese Meldung immer noch:

Code:

---------------------------

System Warning

---------------------------

Warning: A problem with the cooling system has been detected.

Please turn off the computer immediately, and return it for service.

---------------------------

OK   

---------------------------

... soll ich die Bedrohung, die ESET gefunden hatte, also nicht löschen?
Wenn doch: wie?
Viele Grüße
und vielen Dank.
Romanos