Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   fehler beim Laden des moduls (https://www.trojaner-board.de/154095-fehler-beim-laden-moduls.html)

schrauber 27.05.2014 12:25
Ja, weil wir seit 3 Tagen versuchen ein ganz einfaches programm zu nutzen, welches ich hier am Tag 1000mal poste.

Meine letzte Anweisung besagt:

revo (geht anscheinend nit)
MBAM (geht auch nit)
Junkware Removal Tool (hast Du vergessen?)
AdwCleaner (hast Du gemacht)
Frisches FRST Logfile (hast Du vergessen).

Wir könnten schon 3mal fertig sein ;)

Problemkind8 28.05.2014 08:39
Hallo, hier eine frische FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by Ramme (administrator) on RAMME-PC on 28-05-2014 09:37:17
Running from C:\Users\Ramme\Downloads
Platform: Microsoft Windows 7 Home Premium  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Google) C:\Users\Ramme\AppData\Roaming\Google\Google Talk\googletalk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Ramme\Downloads\FRST (2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [Facebook Update] => C:\Users\Ramme\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-25] (Facebook Inc.)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [googletalk] => C:\Users\Ramme\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [sdpaoxkp] => regsvr32.exe "C:\ProgramData\sdpaoxkp.dat"
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: HKCU - (No Name) - {ae75cea9-579a-43e7-8d22-4d5dea612c5c} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Google
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Google
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ramme\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-21]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Adblock Plus) - C:\Users\Ramme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ramme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ramme\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2013-08-22]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1742136 2013-12-18] (TuneUp Software)
S4 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-19] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-07] (Avira GmbH)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-10] (AnchorFree Inc)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 09:36 - 2014-05-28 09:37 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (2).exe
2014-05-28 09:15 - 2014-05-28 09:15 - 00010305 _____ () C:\Users\Ramme\Desktop\JRT.txt
2014-05-28 09:12 - 2014-05-28 09:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 09:10 - 2014-05-28 09:11 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe
2014-05-27 21:10 - 2014-05-27 21:10 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (31).csv
2014-05-27 21:08 - 2014-05-27 21:08 - 02895271 _____ () C:\Users\Ramme\Downloads\idealo.csv
2014-05-27 18:29 - 2014-05-27 18:29 - 00000056 _____ () C:\Users\Ramme\Desktop\RetroGamesShop - RetroGamesShop.url
2014-05-27 18:21 - 2014-05-27 18:21 - 00000063 _____ () C:\Users\Ramme\Desktop\Gamecollectorsparadise Import-Games - Index.url
2014-05-27 18:20 - 2014-05-27 18:20 - 24658416 _____ () C:\Users\Ramme\Downloads\export (2).csv
2014-05-27 18:18 - 2014-05-27 18:18 - 00000055 _____ () C:\Users\Ramme\Desktop\Video & Pc Games Ulm - Willkommen auf Ihrer Spiele-Plattform!.url
2014-05-27 18:17 - 2014-05-27 18:17 - 03838272 _____ () C:\Users\Ramme\Downloads\export (1).csv
2014-05-27 17:50 - 2014-05-27 17:50 - 00000050 _____ () C:\Users\Ramme\Desktop\Dvduncut.com unzensierte DVD's Shop - Newsbox.url
2014-05-27 14:07 - 2014-05-27 14:07 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (4).csv
2014-05-27 13:59 - 2014-05-27 13:59 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (3).csv
2014-05-26 21:21 - 2014-05-26 21:21 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (3).csv
2014-05-26 15:58 - 2014-05-26 15:58 - 00000153 _____ () C:\Users\Ramme\Desktop\Amazon zieht deutschen Online-Händlern davon - Nachrichten Print - WELT KOMPAKT - Internet - DIE WELT.url
2014-05-26 15:05 - 2014-05-26 15:05 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (30).csv
2014-05-26 15:01 - 2014-05-26 15:01 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (29).csv
2014-05-22 09:44 - 2014-05-22 09:45 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (2).csv
2014-05-21 11:41 - 2014-05-21 11:41 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (1).exe
2014-05-20 19:34 - 2014-05-20 19:37 - 51118443 _____ () C:\Users\Ramme\Downloads\ANGHIARI 7, 2014.zip
2014-05-20 16:23 - 2014-05-20 16:23 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (1).csv
2014-05-20 16:02 - 2014-05-20 16:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-20 15:53 - 2014-05-20 15:56 - 00000000 ____D () C:\AdwCleaner
2014-05-20 15:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-20 15:52 - 2014-05-20 15:52 - 01326389 _____ () C:\Users\Ramme\Downloads\adwcleaner_3.210.exe
2014-05-20 15:51 - 2014-05-20 16:09 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 15:51 - 2014-05-20 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 15:51 - 2014-05-20 16:09 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 15:51 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-20 15:51 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 15:51 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-20 15:49 - 2014-05-20 15:51 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-20 15:46 - 2014-05-20 15:46 - 00001230 _____ () C:\Users\Ramme\Desktop\Revo Uninstaller.lnk
2014-05-20 15:46 - 2014-05-20 15:46 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-20 15:45 - 2014-05-20 15:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramme\Downloads\revosetup95.exe
2014-05-20 15:20 - 2014-05-20 15:20 - 00000102 _____ () C:\Users\Ramme\Desktop\Magentos Marktanteil bei Webshopsystemen bei 32% - Mag-tutorials.de.url
2014-05-19 19:28 - 2014-05-19 19:29 - 00043139 _____ () C:\Users\Ramme\Downloads\Addition.txt
2014-05-19 19:27 - 2014-05-28 09:37 - 00011995 _____ () C:\Users\Ramme\Downloads\FRST.txt
2014-05-19 19:25 - 2014-05-28 09:37 - 00000000 ____D () C:\FRST
2014-05-19 19:23 - 2014-05-19 19:23 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST.exe
2014-05-19 19:04 - 2014-05-19 19:04 - 00000103 _____ () C:\Users\Ramme\Desktop\fehler beim Laden des moduls - Trojaner-Board.url
2014-05-19 18:36 - 2014-05-19 18:36 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-05-19 18:13 - 2014-05-19 18:14 - 00149288 _____ () C:\Windows\Minidump\051914-24554-01.dmp
2014-05-19 18:13 - 2014-05-19 18:13 - 358442578 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:11 - 2014-05-19 18:12 - 00921512 _____ (Oracle Corporation) C:\Users\Ramme\Downloads\chromeinstall-7u55.exe
2014-05-19 18:10 - 2014-05-19 18:10 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 18:05 - 2014-05-19 18:05 - 00386928 _____ (Softonic ) C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
2014-05-19 17:32 - 2014-05-19 17:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 17:30 - 2014-05-19 17:31 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-05-19 17:29 - 2014-05-19 17:29 - 00686664 _____ ( ) C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-19 17:17 - 2014-05-19 17:17 - 00000020 _____ () C:\Users\Ramme\Desktop\telekom einstellen.txt
2014-05-19 16:13 - 2014-05-19 16:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-19 16:12 - 2014-05-19 16:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-19 16:10 - 2014-05-19 16:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Ramme\Downloads\SpyHunter-Installer.exe
2014-05-19 13:36 - 2014-05-19 13:36 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (28).csv
2014-05-19 09:47 - 2014-05-20 15:57 - 00000000 ____D () C:\ProgramData\systemk
2014-05-18 14:40 - 2014-05-18 14:40 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (27).csv
2014-05-18 13:34 - 2014-05-18 13:34 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (26).csv
2014-05-18 13:30 - 2014-05-18 13:30 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (25).csv
2014-05-16 13:01 - 2014-05-16 13:01 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (24).csv
2014-05-16 13:00 - 2014-05-16 13:00 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (23).csv
2014-05-16 12:59 - 2014-05-16 12:59 - 01671400 _____ () C:\Users\Ramme\Downloads\export.csv
2014-05-16 12:27 - 2014-05-16 12:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (22).csv
2014-05-16 09:19 - 2014-05-16 09:21 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (2).csv
2014-05-15 15:35 - 2014-05-15 15:35 - 00416804 _____ () C:\Users\Ramme\Downloads\smartvie.csv
2014-05-15 13:40 - 2014-05-15 13:40 - 07598364 _____ () C:\Users\Ramme\Downloads\billiger (21).csv
2014-05-15 10:58 - 2014-05-15 10:58 - 07642040 _____ () C:\Users\Ramme\Downloads\preissuchmaschine.csv
2014-05-14 22:15 - 2014-05-14 22:15 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 17:13 - 2014-05-25 13:00 - 00000000 ____D () C:\Users\Ramme\Desktop\israel new
2014-05-14 12:40 - 2014-05-14 12:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (20).csv
2014-05-14 11:32 - 2014-05-14 11:32 - 14172372 _____ () C:\Users\Ramme\Downloads\billiger (19).csv
2014-05-14 10:17 - 2014-05-14 10:17 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (18).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (17).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (16).csv
2014-05-13 19:28 - 2014-05-13 19:28 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (2).csv
2014-05-13 16:05 - 2014-05-13 16:05 - 02834486 _____ () C:\Users\Ramme\Downloads\billiger (15).csv
2014-05-13 15:44 - 2014-05-13 15:44 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (14).csv
2014-05-13 15:36 - 2014-05-13 15:36 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (13).csv
2014-05-13 15:27 - 2014-05-13 15:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (12).csv
2014-05-13 15:23 - 2014-05-13 15:23 - 14188006 _____ () C:\Users\Ramme\Downloads\billiger (11).csv
2014-05-13 15:18 - 2014-05-13 15:19 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (1).csv
2014-05-13 12:59 - 2014-05-13 12:59 - 04968079 _____ (Tim Kosse) C:\Users\Ramme\Downloads\FileZilla_3.8.0_win32-setup [1].exe
2014-05-09 18:58 - 2014-05-09 18:58 - 00000074 _____ () C:\Users\Ramme\Desktop\KONTOAUFLOESUNG POSTBANK.txt
2014-05-09 17:56 - 2014-05-09 17:56 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (10).csv
2014-05-09 17:53 - 2014-05-09 17:53 - 00000091 _____ () C:\Users\Ramme\Desktop\Gibt es eine Alternative zu Amazon- (Internetseiten, Alternativen zu Amazon, Zahlen auf Rechnung).url
2014-05-09 15:53 - 2014-05-09 15:53 - 14188956 _____ () C:\Users\Ramme\Downloads\billiger (9).csv
2014-05-09 13:40 - 2014-05-09 13:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (8).csv
2014-05-09 13:04 - 2014-05-09 13:04 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (7).csv
2014-05-09 12:48 - 2014-05-09 12:48 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (6).csv
2014-05-09 12:45 - 2014-05-09 12:45 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (5).csv
2014-05-09 12:41 - 2014-05-09 12:41 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (1).csv
2014-05-09 12:40 - 2014-05-09 12:40 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland.csv
2014-05-09 10:34 - 2014-05-09 10:35 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (4).csv
2014-05-09 10:33 - 2014-05-09 10:33 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (3).csv
2014-05-09 09:36 - 2014-05-09 09:36 - 16137521 _____ () C:\Users\Ramme\Downloads\billiger (2).csv
2014-05-09 08:49 - 2014-05-09 08:50 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie.csv
2014-05-07 09:31 - 2014-05-07 09:31 - 01606064 _____ () C:\Users\Ramme\Downloads\googletalk-setup.exe
2014-05-07 09:31 - 2014-05-07 09:31 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-05-07 09:28 - 2014-05-07 09:28 - 00629584 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe
2014-05-05 11:45 - 2014-05-05 11:45 - 00303327 _____ () C:\Users\Ramme\Downloads\billiger (1).csv
2014-05-04 23:33 - 2014-05-07 08:26 - 00000000 ___RD () C:\Users\Ramme\Dropbox
2014-05-04 23:31 - 2014-05-04 23:31 - 00316160 _____ (Dropbox, Inc.) C:\Users\Ramme\Downloads\DropboxInstaller.exe
2014-05-04 11:24 - 2014-05-04 11:24 - 00000000 ____D () C:\extensions
2014-04-30 14:25 - 2014-04-30 14:25 - 00267179 _____ () C:\Users\Ramme\Downloads\billiger.csv
2014-04-28 21:56 - 2014-05-09 17:48 - 00000133 _____ () C:\Users\Ramme\Desktop\smartvie im kommentar erwähnen.url

==================== One Month Modified Files and Folders =======

2014-05-28 09:38 - 2014-05-19 19:27 - 00011995 _____ () C:\Users\Ramme\Downloads\FRST.txt
2014-05-28 09:37 - 2014-05-28 09:36 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (2).exe
2014-05-28 09:37 - 2014-05-19 19:25 - 00000000 ____D () C:\FRST
2014-05-28 09:36 - 2010-06-29 00:30 - 01527912 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 09:35 - 2010-12-02 13:56 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 09:15 - 2014-05-28 09:15 - 00010305 _____ () C:\Users\Ramme\Desktop\JRT.txt
2014-05-28 09:14 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 09:14 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 09:12 - 2014-05-28 09:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 09:11 - 2014-05-28 09:10 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe
2014-05-28 09:06 - 2013-08-06 11:04 - 00036236 _____ () C:\Windows\setupact.log
2014-05-28 09:06 - 2010-12-02 13:56 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 09:06 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 21:25 - 2010-09-02 13:08 - 01557053 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 21:10 - 2014-05-27 21:10 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (31).csv
2014-05-27 21:08 - 2014-05-27 21:08 - 02895271 _____ () C:\Users\Ramme\Downloads\idealo.csv
2014-05-27 21:03 - 2012-07-17 10:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 18:29 - 2014-05-27 18:29 - 00000056 _____ () C:\Users\Ramme\Desktop\RetroGamesShop - RetroGamesShop.url
2014-05-27 18:29 - 2013-07-22 21:32 - 00000000 ____D () C:\Users\Ramme\Desktop\taotao ordner
2014-05-27 18:21 - 2014-05-27 18:21 - 00000063 _____ () C:\Users\Ramme\Desktop\Gamecollectorsparadise Import-Games - Index.url
2014-05-27 18:20 - 2014-05-27 18:20 - 24658416 _____ () C:\Users\Ramme\Downloads\export (2).csv
2014-05-27 18:18 - 2014-05-27 18:18 - 00000055 _____ () C:\Users\Ramme\Desktop\Video & Pc Games Ulm - Willkommen auf Ihrer Spiele-Plattform!.url
2014-05-27 18:17 - 2014-05-27 18:17 - 03838272 _____ () C:\Users\Ramme\Downloads\export (1).csv
2014-05-27 17:50 - 2014-05-27 17:50 - 00000050 _____ () C:\Users\Ramme\Desktop\Dvduncut.com unzensierte DVD's Shop - Newsbox.url
2014-05-27 14:07 - 2014-05-27 14:07 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (4).csv
2014-05-27 13:59 - 2014-05-27 13:59 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (3).csv
2014-05-26 22:43 - 2013-08-18 21:39 - 00000000 ____D () C:\Users\Ramme\Desktop\tate bilder und video
2014-05-26 21:21 - 2014-05-26 21:21 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (3).csv
2014-05-26 15:58 - 2014-05-26 15:58 - 00000153 _____ () C:\Users\Ramme\Desktop\Amazon zieht deutschen Online-Händlern davon - Nachrichten Print - WELT KOMPAKT - Internet - DIE WELT.url
2014-05-26 15:11 - 2010-09-04 17:25 - 00000000 ____D () C:\Users\Ramme\Desktop\smartvie
2014-05-26 15:05 - 2014-05-26 15:05 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (30).csv
2014-05-26 15:01 - 2014-05-26 15:01 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (29).csv
2014-05-25 13:00 - 2014-05-14 17:13 - 00000000 ____D () C:\Users\Ramme\Desktop\israel new
2014-05-22 09:45 - 2014-05-22 09:44 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (2).csv
2014-05-21 11:41 - 2014-05-21 11:41 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (1).exe
2014-05-21 10:42 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:37 - 2014-05-20 19:34 - 51118443 _____ () C:\Users\Ramme\Downloads\ANGHIARI 7, 2014.zip
2014-05-20 16:23 - 2014-05-20 16:23 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (1).csv
2014-05-20 16:09 - 2014-05-20 15:51 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 16:09 - 2014-05-20 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 16:09 - 2014-05-20 15:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 16:03 - 2014-05-20 16:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-20 15:57 - 2014-05-19 09:47 - 00000000 ____D () C:\ProgramData\systemk
2014-05-20 15:57 - 2010-07-19 14:32 - 00609898 _____ () C:\Windows\PFRO.log
2014-05-20 15:56 - 2014-05-20 15:53 - 00000000 ____D () C:\AdwCleaner
2014-05-20 15:52 - 2014-05-20 15:52 - 01326389 _____ () C:\Users\Ramme\Downloads\adwcleaner_3.210.exe
2014-05-20 15:51 - 2014-05-20 15:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-20 15:46 - 2014-05-20 15:46 - 00001230 _____ () C:\Users\Ramme\Desktop\Revo Uninstaller.lnk
2014-05-20 15:46 - 2014-05-20 15:46 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-20 15:45 - 2014-05-20 15:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramme\Downloads\revosetup95.exe
2014-05-20 15:20 - 2014-05-20 15:20 - 00000102 _____ () C:\Users\Ramme\Desktop\Magentos Marktanteil bei Webshopsystemen bei 32% - Mag-tutorials.de.url
2014-05-20 10:23 - 2013-08-07 10:57 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 10:23 - 2013-08-07 10:57 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-19 19:29 - 2014-05-19 19:28 - 00043139 _____ () C:\Users\Ramme\Downloads\Addition.txt
2014-05-19 19:23 - 2014-05-19 19:23 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST.exe
2014-05-19 19:04 - 2014-05-19 19:04 - 00000103 _____ () C:\Users\Ramme\Desktop\fehler beim Laden des moduls - Trojaner-Board.url
2014-05-19 18:36 - 2014-05-19 18:36 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-05-19 18:33 - 2011-03-17 11:24 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\FileZilla
2014-05-19 18:14 - 2014-05-19 18:13 - 00149288 _____ () C:\Windows\Minidump\051914-24554-01.dmp
2014-05-19 18:13 - 2014-05-19 18:13 - 358442578 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:13 - 2010-10-13 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-05-19 18:12 - 2014-05-19 18:11 - 00921512 _____ (Oracle Corporation) C:\Users\Ramme\Downloads\chromeinstall-7u55.exe
2014-05-19 18:10 - 2014-05-19 18:10 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 18:07 - 2011-03-31 13:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 18:05 - 2014-05-19 18:05 - 00386928 _____ (Softonic ) C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
2014-05-19 18:05 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-05-19 17:32 - 2014-05-19 17:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 17:31 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-05-19 17:29 - 2014-05-19 17:29 - 00686664 _____ ( ) C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-19 17:17 - 2014-05-19 17:17 - 00000020 _____ () C:\Users\Ramme\Desktop\telekom einstellen.txt
2014-05-19 16:13 - 2014-05-19 16:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-19 16:12 - 2014-05-19 16:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-19 16:10 - 2014-05-19 16:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Ramme\Downloads\SpyHunter-Installer.exe
2014-05-19 13:36 - 2014-05-19 13:36 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (28).csv
2014-05-18 14:40 - 2014-05-18 14:40 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (27).csv
2014-05-18 13:34 - 2014-05-18 13:34 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (26).csv
2014-05-18 13:30 - 2014-05-18 13:30 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (25).csv
2014-05-16 13:01 - 2014-05-16 13:01 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (24).csv
2014-05-16 13:00 - 2014-05-16 13:00 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (23).csv
2014-05-16 12:59 - 2014-05-16 12:59 - 01671400 _____ () C:\Users\Ramme\Downloads\export.csv
2014-05-16 12:27 - 2014-05-16 12:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (22).csv
2014-05-16 09:21 - 2014-05-16 09:19 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (2).csv
2014-05-15 15:35 - 2014-05-15 15:35 - 00416804 _____ () C:\Users\Ramme\Downloads\smartvie.csv
2014-05-15 13:40 - 2014-05-15 13:40 - 07598364 _____ () C:\Users\Ramme\Downloads\billiger (21).csv
2014-05-15 10:58 - 2014-05-15 10:58 - 07642040 _____ () C:\Users\Ramme\Downloads\preissuchmaschine.csv
2014-05-14 22:18 - 2013-07-18 00:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:18 - 2010-11-25 15:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:15 - 2014-05-14 22:15 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:15 - 2010-06-29 01:06 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 12:40 - 2014-05-14 12:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (20).csv
2014-05-14 11:32 - 2014-05-14 11:32 - 14172372 _____ () C:\Users\Ramme\Downloads\billiger (19).csv
2014-05-14 10:17 - 2014-05-14 10:17 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (18).csv
2014-05-14 09:03 - 2012-07-17 10:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 09:03 - 2012-07-17 10:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (17).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (16).csv
2014-05-13 19:28 - 2014-05-13 19:28 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (2).csv
2014-05-13 16:05 - 2014-05-13 16:05 - 02834486 _____ () C:\Users\Ramme\Downloads\billiger (15).csv
2014-05-13 15:44 - 2014-05-13 15:44 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (14).csv
2014-05-13 15:36 - 2014-05-13 15:36 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (13).csv
2014-05-13 15:27 - 2014-05-13 15:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (12).csv
2014-05-13 15:23 - 2014-05-13 15:23 - 14188006 _____ () C:\Users\Ramme\Downloads\billiger (11).csv
2014-05-13 15:19 - 2014-05-13 15:18 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (1).csv
2014-05-13 13:22 - 2011-05-11 15:31 - 00007121 _____ () C:\Users\Ramme\Desktop\sdfg12.txt
2014-05-13 13:00 - 2011-03-17 11:23 - 00001954 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-05-13 13:00 - 2011-03-17 11:23 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2014-05-13 12:59 - 2014-05-13 12:59 - 04968079 _____ (Tim Kosse) C:\Users\Ramme\Downloads\FileZilla_3.8.0_win32-setup [1].exe
2014-05-13 12:59 - 2011-03-17 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-05-09 18:58 - 2014-05-09 18:58 - 00000074 _____ () C:\Users\Ramme\Desktop\KONTOAUFLOESUNG POSTBANK.txt
2014-05-09 17:56 - 2014-05-09 17:56 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (10).csv
2014-05-09 17:53 - 2014-05-09 17:53 - 00000091 _____ () C:\Users\Ramme\Desktop\Gibt es eine Alternative zu Amazon- (Internetseiten, Alternativen zu Amazon, Zahlen auf Rechnung).url
2014-05-09 17:48 - 2014-04-28 21:56 - 00000133 _____ () C:\Users\Ramme\Desktop\smartvie im kommentar erwähnen.url
2014-05-09 15:53 - 2014-05-09 15:53 - 14188956 _____ () C:\Users\Ramme\Downloads\billiger (9).csv
2014-05-09 13:40 - 2014-05-09 13:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (8).csv
2014-05-09 13:04 - 2014-05-09 13:04 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (7).csv
2014-05-09 12:48 - 2014-05-09 12:48 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (6).csv
2014-05-09 12:45 - 2014-05-09 12:45 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (5).csv
2014-05-09 12:41 - 2014-05-09 12:41 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (1).csv
2014-05-09 12:40 - 2014-05-09 12:40 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland.csv
2014-05-09 10:35 - 2014-05-09 10:34 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (4).csv
2014-05-09 10:33 - 2014-05-09 10:33 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (3).csv
2014-05-09 09:36 - 2014-05-09 09:36 - 16137521 _____ () C:\Users\Ramme\Downloads\billiger (2).csv
2014-05-09 08:50 - 2014-05-09 08:49 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie.csv
2014-05-08 13:58 - 2010-09-02 13:18 - 00000000 ____D () C:\Users\Ramme
2014-05-07 09:44 - 2011-08-10 09:47 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\DVDVideoSoft
2014-05-07 09:42 - 2010-12-02 13:56 - 00000000 ____D () C:\Program Files\Google
2014-05-07 09:31 - 2014-05-07 09:31 - 01606064 _____ () C:\Users\Ramme\Downloads\googletalk-setup.exe
2014-05-07 09:31 - 2014-05-07 09:31 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-05-07 09:31 - 2010-12-02 13:57 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Google
2014-05-07 09:28 - 2014-05-07 09:28 - 00629584 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe
2014-05-07 08:26 - 2014-05-04 23:33 - 00000000 ___RD () C:\Users\Ramme\Dropbox
2014-05-05 11:45 - 2014-05-05 11:45 - 00303327 _____ () C:\Users\Ramme\Downloads\billiger (1).csv
2014-05-04 23:31 - 2014-05-04 23:31 - 00316160 _____ (Dropbox, Inc.) C:\Users\Ramme\Downloads\DropboxInstaller.exe
2014-05-04 11:24 - 2014-05-04 11:24 - 00000000 ____D () C:\extensions
2014-04-30 14:25 - 2014-04-30 14:25 - 00267179 _____ () C:\Users\Ramme\Downloads\billiger.csv

Some content of TEMP:
====================
C:\Users\Ramme\AppData\Local\Temp\avgnt.exe
C:\Users\Ramme\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsoa1pg.dll
C:\Users\Ramme\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Ramme\AppData\Local\Temp\ijkiv.dll
C:\Users\Ramme\AppData\Local\Temp\IminentSetup-NewVer_22april.exe
C:\Users\Ramme\AppData\Local\Temp\Quarantine.exe
C:\Users\Ramme\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Ramme\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 15:57

==================== End Of Log ============================
--- --- ---

schrauber 29.05.2014 05:49

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Problemkind8 29.05.2014 15:21
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=888065e88bff1540bb95f34644cccb45
# engine=18456
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-29 11:02:31
# local_time=2014-05-29 01:02:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 11129 145913529 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 60529 152992542 0 0
# scanned=172246
# found=71
# cleaned=0
# scan_time=6997
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=8E9DBD9FC14B31E12CE4DD3914293949B2DDE95B ft=1 fh=3549fdfcca8764d7 vn="Variante von Win32/Toolbar.Iminent.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Iminent\inst\Bootstrapper\IminentUninstall.exe.vir"
sh=31CE21FE36C11E107A6E315EFE1875743809B4CC ft=1 fh=48abcfa6ce4a4014 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=143416AAC4F6000C3A3235EB4EC955B4D0B6955E ft=1 fh=b68409d87b15670c vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir"
sh=6736252706F89DFC6899FEE6C360D8BFBF401BEC ft=1 fh=374276c930bcde15 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF10.dll.vir"
sh=7909DF2339D78F00C24092FFF9491317AB954316 ft=1 fh=2ff184a74c05a271 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF11.dll.vir"
sh=E5FCE2519122FAF40529BA6294CB3F0844E0C738 ft=1 fh=f13e05a62680f109 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF12.dll.vir"
sh=EFC055DC03DD7698ABBFB92718A7777E2973F079 ft=1 fh=6ef019d475ea6325 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF13.dll.vir"
sh=D2859A7F5E059C24ED68665DA69EDF33A7352D55 ft=1 fh=357742a168447bbd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF14.dll.vir"
sh=5F46910AFA74FD8EE8574E183A04B8E781F1A249 ft=1 fh=9887df60e379ba2f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF15.dll.vir"
sh=D755D4C9CC3700F4869589360F53F61B6CC2CC72 ft=1 fh=ce2f72d226aff2b4 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF16.dll.vir"
sh=D5224E3374B861B523BC618B725D88774D077E39 ft=1 fh=c6333adf6866c44f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF17.dll.vir"
sh=B538DC950FD59AA3F4D1349FE0BD2E2B92603612 ft=1 fh=21900040b5af4e8e vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF18.dll.vir"
sh=B785203A7E1C00F93B888EB494B33EA5D108571E ft=1 fh=fe3406bdfbae635e vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF19.dll.vir"
sh=11A9C493387FFF75D1DDEDBB8F4449CD06DF8C93 ft=1 fh=005351c573d9875e vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF2.dll.vir"
sh=7AE7378589350EA7FF89791FB017E371E653A5B7 ft=1 fh=f8ea411c78bbb34f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF20.dll.vir"
sh=DFEDDDF25967D22BBDFC60DAB1911B85FEE88D01 ft=1 fh=dc927e8494037489 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF21.dll.vir"
sh=693DE5FECAD1B00542B339DD2F9A529B4A06A5E2 ft=1 fh=e35a43df301ed0c6 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF22.dll.vir"
sh=4ED4F94AF4D97B67412714D0747B45CF0FD6B2DA ft=1 fh=0444909e9111ddc6 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF23.dll.vir"
sh=1AFC1DF188673069ACE2163F696052C1ECB08144 ft=1 fh=9a5377a5e8bddacd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF24.dll.vir"
sh=75E809C271D5E5ADE512E408C9EA5ADE196DE89C ft=1 fh=7061a52b9960f21b vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF25.dll.vir"
sh=C400C8D7DA9B44EF26D343A43D7079E4A87AF733 ft=1 fh=dbd9550bceae1ea9 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF26.dll.vir"
sh=4E650F2C07952D0925C8D71B2B0D36B410D27C51 ft=1 fh=e213dfeb1eda7c6b vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF27.dll.vir"
sh=BD6032EF269C1FFAB0931168C6B5CBFE0D8AAF72 ft=1 fh=076f8ebd13e4e9b1 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF28.dll.vir"
sh=764939C29CA79FC7F2802ABCE2CD20C6244BA0BF ft=1 fh=3561307f0699aa6f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF29.dll.vir"
sh=7670B37DBB5192661C56908529F0C994E45A6954 ft=1 fh=36b8f310622c76d5 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF4.dll.vir"
sh=FDD7DD7F09B21EB50AAC74FC235F05A594DAC4DC ft=1 fh=4edf44d6b267a41c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF5.dll.vir"
sh=BD07028D4DA0F02790633480206025807B0F78E2 ft=1 fh=473dff4246a7fd2a vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF6.dll.vir"
sh=42E09CB7ADCA9A141089F3F2D45F746B1C236F98 ft=1 fh=ffd8dd6bffaac829 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF7.dll.vir"
sh=53B8D8514A3C23F2B745FBD5C03E09BB24BF331D ft=1 fh=07e550a04c82e3f3 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF8.dll.vir"
sh=6539535AAB146A3C27DB949B4376C7895C3731B6 ft=1 fh=e1ba3d53c2ef126c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF9.dll.vir"
sh=06187AA602DA70C0A079670280BF9B2C283AFF1E ft=1 fh=c9111abb25988d45 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\Plugins\npFirefoxPlugin.dll.vir"
sh=F98FF661F688BD6F189859C2A78DBF6FCCF82AB9 ft=1 fh=3c245da402a56afe vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF10.dll"
sh=5AC84545928A543100162747573A2FC21A0F7FE9 ft=1 fh=97a7c4f97b8a424f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF11.dll"
sh=2C3F31F96AB81F79980D43706CF1563EE6D4003F ft=1 fh=dffa755347eabdc4 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF12.dll"
sh=2F2325AF9BD15CD4FD4478FC58656D65ED57BADB ft=1 fh=a7603299d719567f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF13.dll"
sh=E2D3478615A2CE17029C1A7617756055DF28A3A4 ft=1 fh=1905ee0c2f27972c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF14.dll"
sh=526C185C213E90BC211C071DDC86386919A7E5C8 ft=1 fh=457840f59897b453 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF15.dll"
sh=7C2AAF865964FB063D9BDA5755445A78A336A83A ft=1 fh=a9705feca25dc0a2 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF16.dll"
sh=6605CC36937DC9A936B672A0C648A93D64FD7388 ft=1 fh=b42e5d115161fc7d vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF17.dll"
sh=6DB28F00C804D1EE45A309858A3ACF56549F8230 ft=1 fh=fb9f0a7967faf4e8 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF18.dll"
sh=36130FFE3E3E9D3986675422E60256AED977C7AD ft=1 fh=b9dec59615116f53 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF19.dll"
sh=EE37C191CC84278A6FE513A9D32CDADA25C7CC3B ft=1 fh=6cd31d0033b6bba3 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF2.dll"
sh=B779F957A0B61C3F1FE8F2637E7D2865CEBE84D4 ft=1 fh=1d3a5ef665c59aa5 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF20.dll"
sh=CF5E4EE03FC512AF7A7AD177EA967500D4E9BD5F ft=1 fh=7ff9df504bed4e37 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF21.dll"
sh=AAA8E83421D950082154883CADBD9BDBC892673E ft=1 fh=b5368ac0aaa9c198 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF22.dll"
sh=411B3904312945F6DC1DA2B640E83FF8AA2BB5CA ft=1 fh=0db430101a8640a3 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF23.dll"
sh=45EE235AB41563199A06176ECFAC91C57381FE5E ft=1 fh=3a66d4a6c16f0f6d vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF24.dll"
sh=C1A07783C043BD6AE547D431FF399E89A5D1FD52 ft=1 fh=f703fd5738c36679 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF25.dll"
sh=93F4EC00540BD4BB266528F56989C60551B1EC78 ft=1 fh=161dbc8c73c2898c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF26.dll"
sh=A845ECC82397EE95D492BA3A87AE97BC29505FD1 ft=1 fh=a4d4ffb4f65bed06 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF27.dll"
sh=E7E0CD1C99DA287103F6CE9E08EE2711B5993E66 ft=1 fh=67f7062f656626ef vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF28.dll"
sh=02BDF10B123D2B329B87328A09D740F8C0214F51 ft=1 fh=d2c3f8c8a36e4e94 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF29.dll"
sh=F19E46E90C4F2B59699C930598B42D62DDEBB798 ft=1 fh=aebab918b46d0177 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF4.dll"
sh=094D50ADE95ED6A4C6F8FF4901158DA474EE166A ft=1 fh=c1a6a33dc66292d5 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF5.dll"
sh=6479C7E628AB5170178C5CA73A58634643C337DF ft=1 fh=741e7d64dc3bd2b5 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF6.dll"
sh=C5C13B3455F8254F3E99593CD4D7847AE72A248D ft=1 fh=243127f4590a6a06 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF7.dll"
sh=5289B30273EEBE3ECB6BC5B8D9C4AC1019CC0BB6 ft=1 fh=e93a294cab38fa42 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF8.dll"
sh=7AB8092A1021279F6F5C56D57A3ABDC4186FFA4B ft=1 fh=0a8122557f3ca4eb vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0}\components\SystemKHlpFF9.dll"
sh=8E9DBD9FC14B31E12CE4DD3914293949B2DDE95B ft=1 fh=3549fdfcca8764d7 vn="Variante von Win32/Toolbar.Iminent.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\AppData\Local\Temp\IminentSetup-NewVer_22april.exe"
sh=D993A4AF2551A38DBE3F3C4A808813FD338C756D ft=1 fh=c71c00114933dc3a vn="Variante von Win32/DealPly.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\AppData\Local\Temp\is1751165634\12780971_stp\pm.exe"
sh=3AD68F48C4DD78E8DE3F13C2094EC1156E66C100 ft=1 fh=3fc6f4f46e3969bf vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\AppData\Local\Temp\nsxA4DC.tmp\Helper.dll"
sh=A16040B7A677927850D1197F7309571668606172 ft=1 fh=9e76c0a9b20fde3a vn="Variante von Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\AppData\Local\Temp\nsxA4DC.tmp\Starter.exe"
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\AppData\Local\Temp\OCS\ocs_v71b.exe"
sh=43E73500FABF4F82D6C81BE9C89FEB075AABE66C ft=1 fh=c71c0011a7df4c29 vn="Variante von Win32/InstallCore.OO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe"
sh=CBE9BC0D36121B382E910721E543AD541EEB71A6 ft=1 fh=fccac308eb737c75 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe"
sh=5C827E4F9E039F51F03F174D72C86BDD19BD837C ft=1 fh=76adf4bae76254d3 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe"
sh=CC60E85D61BA9E78D60B05F673C4DEA1DD3ABB0D ft=1 fh=b54251b48653b606 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe"
sh=976F55DCA8726998E81B0B0502CCC00C71E19B8B ft=1 fh=6d7f718d6cc39c10 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe"
sh=782D08A2CCB01B6C1C392B59439FE10854A7CA61 ft=1 fh=1946932e991d6526 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Temp\nsv4676.tmp\Helper.dll"
sh=E6C216FB24253BDC4B60CAF51A2DF8E5E392C75E ft=1 fh=f3d6cb12a8c9e906 vn="Variante von Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Temp\nsv4676.tmp\Starter.exe"







Results of screen317's Security Check version 0.99.83
Windows 7 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014
Java 7 Update 25
Java version out of Date!
Adobe Flash Player 13.0.0.214
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (28.0)
Google Chrome 34.0.1847.137
Google Chrome 35.0.1916.114
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avguard.exe
windows defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````



FRST .txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by Ramme (administrator) on RAMME-PC on 29-05-2014 16:18:25
Running from C:\Users\Ramme\Downloads
Platform: Microsoft Windows 7 Home Premium  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Google) C:\Users\Ramme\AppData\Roaming\Google\Google Talk\googletalk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Ramme\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Farbar) C:\Users\Ramme\Downloads\FRST (4).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [Facebook Update] => C:\Users\Ramme\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-25] (Facebook Inc.)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [googletalk] => C:\Users\Ramme\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [sdpaoxkp] => regsvr32.exe "C:\ProgramData\sdpaoxkp.dat"
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: HKCU - (No Name) - {ae75cea9-579a-43e7-8d22-4d5dea612c5c} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ramme\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-21]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Adblock Plus) - C:\Users\Ramme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ramme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ramme\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2013-08-22]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1742136 2013-12-18] (TuneUp Software)
S4 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-19] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-07] (Avira GmbH)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-10] (AnchorFree Inc)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 16:18 - 2014-05-29 16:18 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (4).exe
2014-05-29 16:17 - 2014-05-29 16:17 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (3).exe
2014-05-29 16:13 - 2014-05-29 16:13 - 00854367 _____ () C:\Users\Ramme\Downloads\SecurityCheck.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 02347384 _____ (ESET) C:\Users\Ramme\Downloads\esetsmartinstaller_deu.exe
2014-05-28 18:24 - 2014-05-28 18:24 - 00063920 _____ () C:\Users\Ramme\Desktop\KÄUFER.pptx
2014-05-28 11:53 - 2014-05-28 11:53 - 00001180 _____ () C:\Users\Ramme\Downloads\productfileexample.csv
2014-05-28 10:44 - 2014-05-28 10:44 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (32).csv
2014-05-28 09:36 - 2014-05-28 09:37 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (2).exe
2014-05-28 09:15 - 2014-05-28 09:15 - 00010305 _____ () C:\Users\Ramme\Desktop\JRT.txt
2014-05-28 09:12 - 2014-05-28 09:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 09:10 - 2014-05-28 09:11 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe
2014-05-27 21:10 - 2014-05-27 21:10 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (31).csv
2014-05-27 21:08 - 2014-05-27 21:08 - 02895271 _____ () C:\Users\Ramme\Downloads\idealo.csv
2014-05-27 18:29 - 2014-05-27 18:29 - 00000056 _____ () C:\Users\Ramme\Desktop\RetroGamesShop - RetroGamesShop.url
2014-05-27 18:21 - 2014-05-27 18:21 - 00000063 _____ () C:\Users\Ramme\Desktop\Gamecollectorsparadise Import-Games - Index.url
2014-05-27 18:20 - 2014-05-27 18:20 - 24658416 _____ () C:\Users\Ramme\Downloads\export (2).csv
2014-05-27 18:18 - 2014-05-27 18:18 - 00000055 _____ () C:\Users\Ramme\Desktop\Video & Pc Games Ulm - Willkommen auf Ihrer Spiele-Plattform!.url
2014-05-27 18:17 - 2014-05-27 18:17 - 03838272 _____ () C:\Users\Ramme\Downloads\export (1).csv
2014-05-27 17:50 - 2014-05-27 17:50 - 00000050 _____ () C:\Users\Ramme\Desktop\Dvduncut.com unzensierte DVD's Shop - Newsbox.url
2014-05-27 14:07 - 2014-05-27 14:07 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (4).csv
2014-05-27 13:59 - 2014-05-27 13:59 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (3).csv
2014-05-26 21:21 - 2014-05-26 21:21 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (3).csv
2014-05-26 15:58 - 2014-05-26 15:58 - 00000153 _____ () C:\Users\Ramme\Desktop\Amazon zieht deutschen Online-Händlern davon - Nachrichten Print - WELT KOMPAKT - Internet - DIE WELT.url
2014-05-26 15:05 - 2014-05-26 15:05 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (30).csv
2014-05-26 15:01 - 2014-05-26 15:01 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (29).csv
2014-05-22 09:44 - 2014-05-22 09:45 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (2).csv
2014-05-21 11:41 - 2014-05-21 11:41 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (1).exe
2014-05-20 19:34 - 2014-05-20 19:37 - 51118443 _____ () C:\Users\Ramme\Downloads\ANGHIARI 7, 2014.zip
2014-05-20 16:23 - 2014-05-20 16:23 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (1).csv
2014-05-20 16:02 - 2014-05-20 16:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-20 15:53 - 2014-05-20 15:56 - 00000000 ____D () C:\AdwCleaner
2014-05-20 15:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-20 15:52 - 2014-05-20 15:52 - 01326389 _____ () C:\Users\Ramme\Downloads\adwcleaner_3.210.exe
2014-05-20 15:51 - 2014-05-20 16:09 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 15:51 - 2014-05-20 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 15:51 - 2014-05-20 16:09 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 15:51 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-20 15:51 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 15:51 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-20 15:49 - 2014-05-20 15:51 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-20 15:46 - 2014-05-20 15:46 - 00001230 _____ () C:\Users\Ramme\Desktop\Revo Uninstaller.lnk
2014-05-20 15:46 - 2014-05-20 15:46 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-20 15:45 - 2014-05-20 15:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramme\Downloads\revosetup95.exe
2014-05-20 15:20 - 2014-05-20 15:20 - 00000102 _____ () C:\Users\Ramme\Desktop\Magentos Marktanteil bei Webshopsystemen bei 32% - Mag-tutorials.de.url
2014-05-19 19:28 - 2014-05-19 19:29 - 00043139 _____ () C:\Users\Ramme\Downloads\Addition.txt
2014-05-19 19:27 - 2014-05-29 16:18 - 00012367 _____ () C:\Users\Ramme\Downloads\FRST.txt
2014-05-19 19:25 - 2014-05-29 16:18 - 00000000 ____D () C:\FRST
2014-05-19 19:23 - 2014-05-19 19:23 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST.exe
2014-05-19 19:04 - 2014-05-19 19:04 - 00000103 _____ () C:\Users\Ramme\Desktop\fehler beim Laden des moduls - Trojaner-Board.url
2014-05-19 18:36 - 2014-05-19 18:36 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-05-19 18:13 - 2014-05-19 18:14 - 00149288 _____ () C:\Windows\Minidump\051914-24554-01.dmp
2014-05-19 18:13 - 2014-05-19 18:13 - 358442578 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:11 - 2014-05-19 18:12 - 00921512 _____ (Oracle Corporation) C:\Users\Ramme\Downloads\chromeinstall-7u55.exe
2014-05-19 18:10 - 2014-05-19 18:10 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 18:05 - 2014-05-19 18:05 - 00386928 _____ (Softonic ) C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
2014-05-19 17:32 - 2014-05-19 17:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 17:30 - 2014-05-19 17:31 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-05-19 17:29 - 2014-05-19 17:29 - 00686664 _____ ( ) C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-19 17:17 - 2014-05-19 17:17 - 00000020 _____ () C:\Users\Ramme\Desktop\telekom einstellen.txt
2014-05-19 16:13 - 2014-05-19 16:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-19 16:12 - 2014-05-19 16:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-19 16:10 - 2014-05-19 16:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Ramme\Downloads\SpyHunter-Installer.exe
2014-05-19 13:36 - 2014-05-19 13:36 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (28).csv
2014-05-19 09:47 - 2014-05-20 15:57 - 00000000 ____D () C:\ProgramData\systemk
2014-05-18 14:40 - 2014-05-18 14:40 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (27).csv
2014-05-18 13:34 - 2014-05-18 13:34 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (26).csv
2014-05-18 13:30 - 2014-05-18 13:30 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (25).csv
2014-05-16 13:01 - 2014-05-16 13:01 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (24).csv
2014-05-16 13:00 - 2014-05-16 13:00 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (23).csv
2014-05-16 12:59 - 2014-05-16 12:59 - 01671400 _____ () C:\Users\Ramme\Downloads\export.csv
2014-05-16 12:27 - 2014-05-16 12:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (22).csv
2014-05-16 09:19 - 2014-05-16 09:21 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (2).csv
2014-05-15 15:35 - 2014-05-15 15:35 - 00416804 _____ () C:\Users\Ramme\Downloads\smartvie.csv
2014-05-15 13:40 - 2014-05-15 13:40 - 07598364 _____ () C:\Users\Ramme\Downloads\billiger (21).csv
2014-05-15 10:58 - 2014-05-15 10:58 - 07642040 _____ () C:\Users\Ramme\Downloads\preissuchmaschine.csv
2014-05-14 22:15 - 2014-05-14 22:15 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 12:40 - 2014-05-14 12:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (20).csv
2014-05-14 11:32 - 2014-05-14 11:32 - 14172372 _____ () C:\Users\Ramme\Downloads\billiger (19).csv
2014-05-14 10:17 - 2014-05-14 10:17 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (18).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (17).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (16).csv
2014-05-13 19:28 - 2014-05-13 19:28 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (2).csv
2014-05-13 16:05 - 2014-05-13 16:05 - 02834486 _____ () C:\Users\Ramme\Downloads\billiger (15).csv
2014-05-13 15:44 - 2014-05-13 15:44 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (14).csv
2014-05-13 15:36 - 2014-05-13 15:36 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (13).csv
2014-05-13 15:27 - 2014-05-13 15:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (12).csv
2014-05-13 15:23 - 2014-05-13 15:23 - 14188006 _____ () C:\Users\Ramme\Downloads\billiger (11).csv
2014-05-13 15:18 - 2014-05-13 15:19 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (1).csv
2014-05-13 12:59 - 2014-05-13 12:59 - 04968079 _____ (Tim Kosse) C:\Users\Ramme\Downloads\FileZilla_3.8.0_win32-setup [1].exe
2014-05-09 18:58 - 2014-05-09 18:58 - 00000074 _____ () C:\Users\Ramme\Desktop\KONTOAUFLOESUNG POSTBANK.txt
2014-05-09 17:56 - 2014-05-09 17:56 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (10).csv
2014-05-09 15:53 - 2014-05-09 15:53 - 14188956 _____ () C:\Users\Ramme\Downloads\billiger (9).csv
2014-05-09 13:40 - 2014-05-09 13:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (8).csv
2014-05-09 13:04 - 2014-05-09 13:04 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (7).csv
2014-05-09 12:48 - 2014-05-09 12:48 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (6).csv
2014-05-09 12:45 - 2014-05-09 12:45 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (5).csv
2014-05-09 12:41 - 2014-05-09 12:41 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (1).csv
2014-05-09 12:40 - 2014-05-09 12:40 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland.csv
2014-05-09 10:34 - 2014-05-09 10:35 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (4).csv
2014-05-09 10:33 - 2014-05-09 10:33 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (3).csv
2014-05-09 09:36 - 2014-05-09 09:36 - 16137521 _____ () C:\Users\Ramme\Downloads\billiger (2).csv
2014-05-09 08:49 - 2014-05-09 08:50 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie.csv
2014-05-07 09:31 - 2014-05-07 09:31 - 01606064 _____ () C:\Users\Ramme\Downloads\googletalk-setup.exe
2014-05-07 09:31 - 2014-05-07 09:31 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-05-07 09:28 - 2014-05-07 09:28 - 00629584 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe
2014-05-05 11:45 - 2014-05-05 11:45 - 00303327 _____ () C:\Users\Ramme\Downloads\billiger (1).csv
2014-05-04 23:33 - 2014-05-07 08:26 - 00000000 ___RD () C:\Users\Ramme\Dropbox
2014-05-04 23:31 - 2014-05-04 23:31 - 00316160 _____ (Dropbox, Inc.) C:\Users\Ramme\Downloads\DropboxInstaller.exe
2014-05-04 11:24 - 2014-05-04 11:24 - 00000000 ____D () C:\extensions
2014-04-30 14:25 - 2014-04-30 14:25 - 00267179 _____ () C:\Users\Ramme\Downloads\billiger.csv

==================== One Month Modified Files and Folders =======

2014-05-29 16:19 - 2014-05-19 19:27 - 00012367 _____ () C:\Users\Ramme\Downloads\FRST.txt
2014-05-29 16:18 - 2014-05-29 16:18 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (4).exe
2014-05-29 16:18 - 2014-05-19 19:25 - 00000000 ____D () C:\FRST
2014-05-29 16:17 - 2014-05-29 16:17 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (3).exe
2014-05-29 16:13 - 2014-05-29 16:13 - 00854367 _____ () C:\Users\Ramme\Downloads\SecurityCheck.exe
2014-05-29 16:03 - 2012-07-17 10:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-29 15:45 - 2010-09-02 13:08 - 01579311 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 15:35 - 2010-12-02 13:56 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-29 10:59 - 2014-05-29 10:59 - 02347384 _____ (ESET) C:\Users\Ramme\Downloads\esetsmartinstaller_deu.exe
2014-05-29 10:35 - 2010-12-02 13:56 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-29 09:58 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 09:58 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 09:50 - 2013-08-06 11:04 - 00036292 _____ () C:\Windows\setupact.log
2014-05-29 09:50 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 18:24 - 2014-05-28 18:24 - 00063920 _____ () C:\Users\Ramme\Desktop\KÄUFER.pptx
2014-05-28 11:53 - 2014-05-28 11:53 - 00001180 _____ () C:\Users\Ramme\Downloads\productfileexample.csv
2014-05-28 10:44 - 2014-05-28 10:44 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (32).csv
2014-05-28 09:37 - 2014-05-28 09:36 - 01056256 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (2).exe
2014-05-28 09:36 - 2010-06-29 00:30 - 01527912 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 09:15 - 2014-05-28 09:15 - 00010305 _____ () C:\Users\Ramme\Desktop\JRT.txt
2014-05-28 09:12 - 2014-05-28 09:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 09:11 - 2014-05-28 09:10 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe
2014-05-27 21:10 - 2014-05-27 21:10 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (31).csv
2014-05-27 21:08 - 2014-05-27 21:08 - 02895271 _____ () C:\Users\Ramme\Downloads\idealo.csv
2014-05-27 18:29 - 2014-05-27 18:29 - 00000056 _____ () C:\Users\Ramme\Desktop\RetroGamesShop - RetroGamesShop.url
2014-05-27 18:29 - 2013-07-22 21:32 - 00000000 ____D () C:\Users\Ramme\Desktop\taotao ordner
2014-05-27 18:21 - 2014-05-27 18:21 - 00000063 _____ () C:\Users\Ramme\Desktop\Gamecollectorsparadise Import-Games - Index.url
2014-05-27 18:20 - 2014-05-27 18:20 - 24658416 _____ () C:\Users\Ramme\Downloads\export (2).csv
2014-05-27 18:18 - 2014-05-27 18:18 - 00000055 _____ () C:\Users\Ramme\Desktop\Video & Pc Games Ulm - Willkommen auf Ihrer Spiele-Plattform!.url
2014-05-27 18:17 - 2014-05-27 18:17 - 03838272 _____ () C:\Users\Ramme\Downloads\export (1).csv
2014-05-27 17:50 - 2014-05-27 17:50 - 00000050 _____ () C:\Users\Ramme\Desktop\Dvduncut.com unzensierte DVD's Shop - Newsbox.url
2014-05-27 14:07 - 2014-05-27 14:07 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (4).csv
2014-05-27 13:59 - 2014-05-27 13:59 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (3).csv
2014-05-26 22:43 - 2013-08-18 21:39 - 00000000 ____D () C:\Users\Ramme\Desktop\tate bilder und video
2014-05-26 21:21 - 2014-05-26 21:21 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (3).csv
2014-05-26 15:58 - 2014-05-26 15:58 - 00000153 _____ () C:\Users\Ramme\Desktop\Amazon zieht deutschen Online-Händlern davon - Nachrichten Print - WELT KOMPAKT - Internet - DIE WELT.url
2014-05-26 15:11 - 2010-09-04 17:25 - 00000000 ____D () C:\Users\Ramme\Desktop\smartvie
2014-05-26 15:05 - 2014-05-26 15:05 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (30).csv
2014-05-26 15:01 - 2014-05-26 15:01 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (29).csv
2014-05-22 09:45 - 2014-05-22 09:44 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (2).csv
2014-05-21 11:41 - 2014-05-21 11:41 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST (1).exe
2014-05-21 10:42 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:37 - 2014-05-20 19:34 - 51118443 _____ () C:\Users\Ramme\Downloads\ANGHIARI 7, 2014.zip
2014-05-20 16:23 - 2014-05-20 16:23 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (1).csv
2014-05-20 16:09 - 2014-05-20 15:51 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 16:09 - 2014-05-20 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 16:09 - 2014-05-20 15:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 16:03 - 2014-05-20 16:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-20 15:57 - 2014-05-19 09:47 - 00000000 ____D () C:\ProgramData\systemk
2014-05-20 15:57 - 2010-07-19 14:32 - 00609898 _____ () C:\Windows\PFRO.log
2014-05-20 15:56 - 2014-05-20 15:53 - 00000000 ____D () C:\AdwCleaner
2014-05-20 15:52 - 2014-05-20 15:52 - 01326389 _____ () C:\Users\Ramme\Downloads\adwcleaner_3.210.exe
2014-05-20 15:51 - 2014-05-20 15:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-20 15:46 - 2014-05-20 15:46 - 00001230 _____ () C:\Users\Ramme\Desktop\Revo Uninstaller.lnk
2014-05-20 15:46 - 2014-05-20 15:46 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-20 15:45 - 2014-05-20 15:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramme\Downloads\revosetup95.exe
2014-05-20 15:20 - 2014-05-20 15:20 - 00000102 _____ () C:\Users\Ramme\Desktop\Magentos Marktanteil bei Webshopsystemen bei 32% - Mag-tutorials.de.url
2014-05-20 10:23 - 2013-08-07 10:57 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 10:23 - 2013-08-07 10:57 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-19 19:29 - 2014-05-19 19:28 - 00043139 _____ () C:\Users\Ramme\Downloads\Addition.txt
2014-05-19 19:23 - 2014-05-19 19:23 - 01056768 _____ (Farbar) C:\Users\Ramme\Downloads\FRST.exe
2014-05-19 19:04 - 2014-05-19 19:04 - 00000103 _____ () C:\Users\Ramme\Desktop\fehler beim Laden des moduls - Trojaner-Board.url
2014-05-19 18:36 - 2014-05-19 18:36 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-05-19 18:33 - 2011-03-17 11:24 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\FileZilla
2014-05-19 18:14 - 2014-05-19 18:13 - 00149288 _____ () C:\Windows\Minidump\051914-24554-01.dmp
2014-05-19 18:13 - 2014-05-19 18:13 - 358442578 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:13 - 2010-10-13 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-05-19 18:12 - 2014-05-19 18:11 - 00921512 _____ (Oracle Corporation) C:\Users\Ramme\Downloads\chromeinstall-7u55.exe
2014-05-19 18:10 - 2014-05-19 18:10 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 18:07 - 2011-03-31 13:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 18:05 - 2014-05-19 18:05 - 00386928 _____ (Softonic ) C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
2014-05-19 18:05 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-05-19 17:32 - 2014-05-19 17:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 17:31 - 2014-05-19 17:30 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-05-19 17:29 - 2014-05-19 17:29 - 00686664 _____ ( ) C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-19 17:17 - 2014-05-19 17:17 - 00000020 _____ () C:\Users\Ramme\Desktop\telekom einstellen.txt
2014-05-19 16:13 - 2014-05-19 16:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-19 16:12 - 2014-05-19 16:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-19 16:10 - 2014-05-19 16:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Ramme\Downloads\SpyHunter-Installer.exe
2014-05-19 13:36 - 2014-05-19 13:36 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (28).csv
2014-05-18 14:40 - 2014-05-18 14:40 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (27).csv
2014-05-18 13:34 - 2014-05-18 13:34 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (26).csv
2014-05-18 13:30 - 2014-05-18 13:30 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (25).csv
2014-05-16 13:01 - 2014-05-16 13:01 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (24).csv
2014-05-16 13:00 - 2014-05-16 13:00 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (23).csv
2014-05-16 12:59 - 2014-05-16 12:59 - 01671400 _____ () C:\Users\Ramme\Downloads\export.csv
2014-05-16 12:27 - 2014-05-16 12:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (22).csv
2014-05-16 09:21 - 2014-05-16 09:19 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (2).csv
2014-05-15 15:35 - 2014-05-15 15:35 - 00416804 _____ () C:\Users\Ramme\Downloads\smartvie.csv
2014-05-15 13:40 - 2014-05-15 13:40 - 07598364 _____ () C:\Users\Ramme\Downloads\billiger (21).csv
2014-05-15 10:58 - 2014-05-15 10:58 - 07642040 _____ () C:\Users\Ramme\Downloads\preissuchmaschine.csv
2014-05-14 22:18 - 2013-07-18 00:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:18 - 2010-11-25 15:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:15 - 2014-05-14 22:15 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:15 - 2010-06-29 01:06 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 12:40 - 2014-05-14 12:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (20).csv
2014-05-14 11:32 - 2014-05-14 11:32 - 14172372 _____ () C:\Users\Ramme\Downloads\billiger (19).csv
2014-05-14 10:17 - 2014-05-14 10:17 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (18).csv
2014-05-14 09:03 - 2012-07-17 10:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 09:03 - 2012-07-17 10:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (17).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (16).csv
2014-05-13 19:28 - 2014-05-13 19:28 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (2).csv
2014-05-13 16:05 - 2014-05-13 16:05 - 02834486 _____ () C:\Users\Ramme\Downloads\billiger (15).csv
2014-05-13 15:44 - 2014-05-13 15:44 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (14).csv
2014-05-13 15:36 - 2014-05-13 15:36 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (13).csv
2014-05-13 15:27 - 2014-05-13 15:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (12).csv
2014-05-13 15:23 - 2014-05-13 15:23 - 14188006 _____ () C:\Users\Ramme\Downloads\billiger (11).csv
2014-05-13 15:19 - 2014-05-13 15:18 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (1).csv
2014-05-13 13:22 - 2011-05-11 15:31 - 00007121 _____ () C:\Users\Ramme\Desktop\sdfg12.txt
2014-05-13 13:00 - 2011-03-17 11:23 - 00001954 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-05-13 13:00 - 2011-03-17 11:23 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2014-05-13 12:59 - 2014-05-13 12:59 - 04968079 _____ (Tim Kosse) C:\Users\Ramme\Downloads\FileZilla_3.8.0_win32-setup [1].exe
2014-05-13 12:59 - 2011-03-17 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-05-09 18:58 - 2014-05-09 18:58 - 00000074 _____ () C:\Users\Ramme\Desktop\KONTOAUFLOESUNG POSTBANK.txt
2014-05-09 17:56 - 2014-05-09 17:56 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (10).csv
2014-05-09 17:48 - 2014-04-28 21:56 - 00000133 _____ () C:\Users\Ramme\Desktop\smartvie im kommentar erwähnen.url
2014-05-09 15:53 - 2014-05-09 15:53 - 14188956 _____ () C:\Users\Ramme\Downloads\billiger (9).csv
2014-05-09 13:40 - 2014-05-09 13:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (8).csv
2014-05-09 13:04 - 2014-05-09 13:04 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (7).csv
2014-05-09 12:48 - 2014-05-09 12:48 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (6).csv
2014-05-09 12:45 - 2014-05-09 12:45 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (5).csv
2014-05-09 12:41 - 2014-05-09 12:41 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (1).csv
2014-05-09 12:40 - 2014-05-09 12:40 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland.csv
2014-05-09 10:35 - 2014-05-09 10:34 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (4).csv
2014-05-09 10:33 - 2014-05-09 10:33 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (3).csv
2014-05-09 09:36 - 2014-05-09 09:36 - 16137521 _____ () C:\Users\Ramme\Downloads\billiger (2).csv
2014-05-09 08:50 - 2014-05-09 08:49 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie.csv
2014-05-08 13:58 - 2010-09-02 13:18 - 00000000 ____D () C:\Users\Ramme
2014-05-07 09:44 - 2011-08-10 09:47 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\DVDVideoSoft
2014-05-07 09:42 - 2010-12-02 13:56 - 00000000 ____D () C:\Program Files\Google
2014-05-07 09:31 - 2014-05-07 09:31 - 01606064 _____ () C:\Users\Ramme\Downloads\googletalk-setup.exe
2014-05-07 09:31 - 2014-05-07 09:31 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-05-07 09:31 - 2010-12-02 13:57 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Google
2014-05-07 09:28 - 2014-05-07 09:28 - 00629584 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe
2014-05-07 08:26 - 2014-05-04 23:33 - 00000000 ___RD () C:\Users\Ramme\Dropbox
2014-05-05 11:45 - 2014-05-05 11:45 - 00303327 _____ () C:\Users\Ramme\Downloads\billiger (1).csv
2014-05-04 23:31 - 2014-05-04 23:31 - 00316160 _____ (Dropbox, Inc.) C:\Users\Ramme\Downloads\DropboxInstaller.exe
2014-05-04 11:24 - 2014-05-04 11:24 - 00000000 ____D () C:\extensions
2014-04-30 14:25 - 2014-04-30 14:25 - 00267179 _____ () C:\Users\Ramme\Downloads\billiger.csv

Some content of TEMP:
====================
C:\Users\Ramme\AppData\Local\Temp\avgnt.exe
C:\Users\Ramme\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsoa1pg.dll
C:\Users\Ramme\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Ramme\AppData\Local\Temp\ijkiv.dll
C:\Users\Ramme\AppData\Local\Temp\IminentSetup-NewVer_22april.exe
C:\Users\Ramme\AppData\Local\Temp\Quarantine.exe
C:\Users\Ramme\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Ramme\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 13:52

==================== End Of Log ============================
--- --- ---

--- --- ---


so alles gepostet, hoffe alles richtig gemacht zu haben!!

danke!!

schrauber 30.05.2014 15:29
Java, Adobe und WIndows updaten. Da fehlt ein ganzes Servicepack.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\extensions
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [Facebook Update] => C:\Users\Ramme\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-25] (Facebook Inc.)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [sdpaoxkp] => regsvr32.exe "C:\ProgramData\sdpaoxkp.dat"
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
C:\ProgramData\sdpaoxkp.dat
c:\program files\settings manager
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Problemkind8 31.05.2014 10:33
Hallo,

das funktioniert nicht, das FRST sagt mir, dass es die .txt nicht finden kann bzw es in der richtigen folder sein muss, das habe ich jedoch so gemacht:

666kb.com/i/cothiavx3cj8q84bm.jpg

hab es auch probiert auf dem desktop zu speichern bzw. es direkt unter C: gespeichert

schrauber 31.05.2014 15:55
Zitat:
Running from C:\Users\Ramme\Downloads
FRST ist bei dir im Download Ordner, also muss die fixlist auch dahin.

Problemkind8 31.05.2014 17:45
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:30-05-2014
Ran by Ramme at 2014-05-31 18:43:59 Run:1
Running from C:\Users\Ramme\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\extensions
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [Facebook Update] => C:\Users\Ramme\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-25] (Facebook Inc.)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [sdpaoxkp] => regsvr32.exe "C:\ProgramData\sdpaoxkp.dat"
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
C:\ProgramData\sdpaoxkp.dat
c:\program files\settings manager
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
*****************

C:\extensions => Moved successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\sdpaoxkp => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
"C:\ProgramData\sdpaoxkp.dat" => File/Directory not found.
"c:\program files\settings manager" => File/Directory not found.
esgiguard => Service deleted successfully.

==== End of Fixlog ====

schrauber 01.06.2014 14:14
Frisches FRST log bitte. Noch PRobleme?

Problemkind8 01.06.2014 18:51
ich glaube jetzt passt es wieder, hier ein neues FRST:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Ramme (administrator) on RAMME-PC on 01-06-2014 19:49:55
Running from C:\Users\Ramme\Downloads
Platform: Microsoft Windows 7 Home Premium  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Google) C:\Users\Ramme\AppData\Roaming\Google\Google Talk\googletalk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3172448894-3140716669-3802846814-1000\...\Run: [googletalk] => C:\Users\Ramme\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File
URLSearchHook: HKCU - (No Name) - {ae75cea9-579a-43e7-8d22-4d5dea612c5c} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Google
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Google
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ramme\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Ramme\AppData\Roaming\Mozilla\Firefox\Profiles\1tmyv1w2.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-21]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Adblock Plus) - C:\Users\Ramme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ramme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ramme\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2013-08-22]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1742136 2013-12-18] (TuneUp Software)
S4 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-19] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-07] (Avira GmbH)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-10] (AnchorFree Inc)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software)
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 11:25 - 2014-06-01 19:49 - 00000000 ____D () C:\Users\Ramme\Downloads\FRST-OlderVersion
2014-05-31 11:14 - 2014-05-31 11:14 - 00448512 _____ (OldTimer Tools) C:\Users\Ramme\Downloads\TFC.exe
2014-05-31 11:05 - 2014-05-31 11:05 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (33).csv
2014-05-30 17:03 - 2014-05-30 17:03 - 00000000 ____D () C:\Users\Ramme\Desktop\BRANDING
2014-05-29 18:57 - 2014-05-29 18:57 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (5).csv
2014-05-29 18:26 - 2014-05-29 18:26 - 01011605 _____ () C:\Users\Ramme\Desktop\testtttttttttttttttttttttttttt.txt.txt
2014-05-29 16:13 - 2014-05-29 16:13 - 00854367 _____ () C:\Users\Ramme\Downloads\SecurityCheck.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 02347384 _____ (ESET) C:\Users\Ramme\Downloads\esetsmartinstaller_deu.exe
2014-05-28 18:24 - 2014-05-28 18:24 - 00063920 _____ () C:\Users\Ramme\Desktop\KÄUFER.pptx
2014-05-28 11:53 - 2014-05-28 11:53 - 00001180 _____ () C:\Users\Ramme\Downloads\productfileexample.csv
2014-05-28 10:44 - 2014-05-28 10:44 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (32).csv
2014-05-28 09:12 - 2014-05-28 09:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 09:10 - 2014-05-28 09:11 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe
2014-05-27 21:10 - 2014-05-27 21:10 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (31).csv
2014-05-27 21:08 - 2014-05-27 21:08 - 02895271 _____ () C:\Users\Ramme\Downloads\idealo.csv
2014-05-27 18:29 - 2014-05-27 18:29 - 00000056 _____ () C:\Users\Ramme\Desktop\RetroGamesShop - RetroGamesShop.url
2014-05-27 18:21 - 2014-05-27 18:21 - 00000063 _____ () C:\Users\Ramme\Desktop\Gamecollectorsparadise Import-Games - Index.url
2014-05-27 18:20 - 2014-05-27 18:20 - 24658416 _____ () C:\Users\Ramme\Downloads\export (2).csv
2014-05-27 18:18 - 2014-05-27 18:18 - 00000055 _____ () C:\Users\Ramme\Desktop\Video & Pc Games Ulm - Willkommen auf Ihrer Spiele-Plattform!.url
2014-05-27 18:17 - 2014-05-27 18:17 - 03838272 _____ () C:\Users\Ramme\Downloads\export (1).csv
2014-05-27 17:50 - 2014-05-27 17:50 - 00000050 _____ () C:\Users\Ramme\Desktop\Dvduncut.com unzensierte DVD's Shop - Newsbox.url
2014-05-27 14:07 - 2014-05-27 14:07 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (4).csv
2014-05-27 13:59 - 2014-05-27 13:59 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (3).csv
2014-05-26 21:21 - 2014-05-26 21:21 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (3).csv
2014-05-26 15:05 - 2014-05-26 15:05 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (30).csv
2014-05-26 15:01 - 2014-05-26 15:01 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (29).csv
2014-05-22 09:44 - 2014-05-22 09:45 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (2).csv
2014-05-20 19:34 - 2014-05-20 19:37 - 51118443 _____ () C:\Users\Ramme\Downloads\ANGHIARI 7, 2014.zip
2014-05-20 16:23 - 2014-05-20 16:23 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (1).csv
2014-05-20 16:02 - 2014-05-20 16:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-20 15:53 - 2014-05-20 15:56 - 00000000 ____D () C:\AdwCleaner
2014-05-20 15:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-20 15:52 - 2014-05-20 15:52 - 01326389 _____ () C:\Users\Ramme\Downloads\adwcleaner_3.210.exe
2014-05-20 15:51 - 2014-05-20 16:09 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 15:51 - 2014-05-20 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 15:51 - 2014-05-20 16:09 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 15:51 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-20 15:51 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 15:51 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-20 15:49 - 2014-05-20 15:51 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-20 15:46 - 2014-05-20 15:46 - 00001230 _____ () C:\Users\Ramme\Desktop\Revo Uninstaller.lnk
2014-05-20 15:46 - 2014-05-20 15:46 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-20 15:45 - 2014-05-20 15:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramme\Downloads\revosetup95.exe
2014-05-20 15:20 - 2014-05-20 15:20 - 00000102 _____ () C:\Users\Ramme\Desktop\Magentos Marktanteil bei Webshopsystemen bei 32% - Mag-tutorials.de.url
2014-05-19 19:28 - 2014-05-19 19:29 - 00043139 _____ () C:\Users\Ramme\Downloads\Addition.txt
2014-05-19 19:27 - 2014-06-01 19:49 - 00011132 _____ () C:\Users\Ramme\Downloads\FRST.txt
2014-05-19 19:25 - 2014-06-01 19:49 - 00000000 ____D () C:\FRST
2014-05-19 19:23 - 2014-06-01 19:49 - 01058304 _____ (Farbar) C:\Users\Ramme\Downloads\FRST.exe
2014-05-19 19:04 - 2014-05-19 19:04 - 00000103 _____ () C:\Users\Ramme\Desktop\fehler beim Laden des moduls - Trojaner-Board.url
2014-05-19 18:36 - 2014-05-19 18:36 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-05-19 18:13 - 2014-05-19 18:14 - 00149288 _____ () C:\Windows\Minidump\051914-24554-01.dmp
2014-05-19 18:13 - 2014-05-19 18:13 - 358442578 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:11 - 2014-05-19 18:12 - 00921512 _____ (Oracle Corporation) C:\Users\Ramme\Downloads\chromeinstall-7u55.exe
2014-05-19 18:10 - 2014-05-19 18:10 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 18:05 - 2014-05-19 18:05 - 00386928 _____ (Softonic ) C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
2014-05-19 17:32 - 2014-05-19 17:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 17:29 - 2014-05-19 17:29 - 00686664 _____ ( ) C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-19 17:17 - 2014-05-19 17:17 - 00000020 _____ () C:\Users\Ramme\Desktop\telekom einstellen.txt
2014-05-19 16:13 - 2014-05-19 16:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-19 16:12 - 2014-05-19 16:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-19 16:10 - 2014-05-19 16:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Ramme\Downloads\SpyHunter-Installer.exe
2014-05-19 13:36 - 2014-05-19 13:36 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (28).csv
2014-05-19 09:47 - 2014-05-20 15:57 - 00000000 ____D () C:\ProgramData\systemk
2014-05-18 14:40 - 2014-05-18 14:40 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (27).csv
2014-05-18 13:34 - 2014-05-18 13:34 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (26).csv
2014-05-18 13:30 - 2014-05-18 13:30 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (25).csv
2014-05-16 13:01 - 2014-05-16 13:01 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (24).csv
2014-05-16 13:00 - 2014-05-16 13:00 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (23).csv
2014-05-16 12:59 - 2014-05-16 12:59 - 01671400 _____ () C:\Users\Ramme\Downloads\export.csv
2014-05-16 12:27 - 2014-05-16 12:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (22).csv
2014-05-16 09:19 - 2014-05-16 09:21 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (2).csv
2014-05-15 15:35 - 2014-05-15 15:35 - 00416804 _____ () C:\Users\Ramme\Downloads\smartvie.csv
2014-05-15 13:40 - 2014-05-15 13:40 - 07598364 _____ () C:\Users\Ramme\Downloads\billiger (21).csv
2014-05-15 10:58 - 2014-05-15 10:58 - 07642040 _____ () C:\Users\Ramme\Downloads\preissuchmaschine.csv
2014-05-14 22:15 - 2014-05-14 22:15 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 12:40 - 2014-05-14 12:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (20).csv
2014-05-14 11:32 - 2014-05-14 11:32 - 14172372 _____ () C:\Users\Ramme\Downloads\billiger (19).csv
2014-05-14 10:17 - 2014-05-14 10:17 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (18).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (17).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (16).csv
2014-05-13 19:28 - 2014-05-13 19:28 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (2).csv
2014-05-13 16:05 - 2014-05-13 16:05 - 02834486 _____ () C:\Users\Ramme\Downloads\billiger (15).csv
2014-05-13 15:44 - 2014-05-13 15:44 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (14).csv
2014-05-13 15:36 - 2014-05-13 15:36 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (13).csv
2014-05-13 15:27 - 2014-05-13 15:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (12).csv
2014-05-13 15:23 - 2014-05-13 15:23 - 14188006 _____ () C:\Users\Ramme\Downloads\billiger (11).csv
2014-05-13 15:18 - 2014-05-13 15:19 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (1).csv
2014-05-13 12:59 - 2014-05-13 12:59 - 04968079 _____ (Tim Kosse) C:\Users\Ramme\Downloads\FileZilla_3.8.0_win32-setup [1].exe
2014-05-09 18:58 - 2014-05-09 18:58 - 00000074 _____ () C:\Users\Ramme\Desktop\KONTOAUFLOESUNG POSTBANK.txt
2014-05-09 17:56 - 2014-05-09 17:56 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (10).csv
2014-05-09 15:53 - 2014-05-09 15:53 - 14188956 _____ () C:\Users\Ramme\Downloads\billiger (9).csv
2014-05-09 13:40 - 2014-05-09 13:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (8).csv
2014-05-09 13:04 - 2014-05-09 13:04 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (7).csv
2014-05-09 12:48 - 2014-05-09 12:48 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (6).csv
2014-05-09 12:45 - 2014-05-09 12:45 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (5).csv
2014-05-09 12:41 - 2014-05-09 12:41 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (1).csv
2014-05-09 12:40 - 2014-05-09 12:40 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland.csv
2014-05-09 10:34 - 2014-05-09 10:35 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (4).csv
2014-05-09 10:33 - 2014-05-09 10:33 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (3).csv
2014-05-09 09:36 - 2014-05-09 09:36 - 16137521 _____ () C:\Users\Ramme\Downloads\billiger (2).csv
2014-05-09 08:49 - 2014-05-09 08:50 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie.csv
2014-05-07 09:31 - 2014-05-07 09:31 - 01606064 _____ () C:\Users\Ramme\Downloads\googletalk-setup.exe
2014-05-07 09:31 - 2014-05-07 09:31 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-05-07 09:28 - 2014-05-07 09:28 - 00629584 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe
2014-05-05 11:45 - 2014-05-05 11:45 - 00303327 _____ () C:\Users\Ramme\Downloads\billiger (1).csv
2014-05-04 23:33 - 2014-05-07 08:26 - 00000000 ___RD () C:\Users\Ramme\Dropbox
2014-05-04 23:31 - 2014-05-04 23:31 - 00316160 _____ (Dropbox, Inc.) C:\Users\Ramme\Downloads\DropboxInstaller.exe

==================== One Month Modified Files and Folders =======

2014-06-01 19:50 - 2014-05-19 19:27 - 00011132 _____ () C:\Users\Ramme\Downloads\FRST.txt
2014-06-01 19:50 - 2010-09-02 13:18 - 00000000 ____D () C:\Users\Ramme\AppData\Local\Temp
2014-06-01 19:49 - 2014-05-31 11:25 - 00000000 ____D () C:\Users\Ramme\Downloads\FRST-OlderVersion
2014-06-01 19:49 - 2014-05-19 19:25 - 00000000 ____D () C:\FRST
2014-06-01 19:49 - 2014-05-19 19:23 - 01058304 _____ (Farbar) C:\Users\Ramme\Downloads\FRST.exe
2014-06-01 19:35 - 2010-12-02 13:56 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 19:34 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 19:34 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 19:26 - 2013-08-06 11:04 - 00036684 _____ () C:\Windows\setupact.log
2014-06-01 19:26 - 2010-12-02 13:56 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-01 19:26 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-01 12:39 - 2010-09-02 13:08 - 01667222 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 12:03 - 2012-07-17 10:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-01 11:57 - 2011-05-11 15:31 - 00006931 _____ () C:\Users\Ramme\Desktop\sdfg12.txt
2014-06-01 11:35 - 2011-03-17 11:24 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\FileZilla
2014-05-31 11:22 - 2010-07-19 14:32 - 00611044 _____ () C:\Windows\PFRO.log
2014-05-31 11:14 - 2014-05-31 11:14 - 00448512 _____ (OldTimer Tools) C:\Users\Ramme\Downloads\TFC.exe
2014-05-31 11:05 - 2014-05-31 11:05 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (33).csv
2014-05-30 17:03 - 2014-05-30 17:03 - 00000000 ____D () C:\Users\Ramme\Desktop\BRANDING
2014-05-30 10:09 - 2013-04-22 19:40 - 00010779 _____ () C:\Users\Ramme\Desktop\auktionshäuser-suche-analyse.xlsx
2014-05-29 18:57 - 2014-05-29 18:57 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (5).csv
2014-05-29 18:26 - 2014-05-29 18:26 - 01011605 _____ () C:\Users\Ramme\Desktop\testtttttttttttttttttttttttttt.txt.txt
2014-05-29 16:13 - 2014-05-29 16:13 - 00854367 _____ () C:\Users\Ramme\Downloads\SecurityCheck.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 02347384 _____ (ESET) C:\Users\Ramme\Downloads\esetsmartinstaller_deu.exe
2014-05-28 18:24 - 2014-05-28 18:24 - 00063920 _____ () C:\Users\Ramme\Desktop\KÄUFER.pptx
2014-05-28 11:53 - 2014-05-28 11:53 - 00001180 _____ () C:\Users\Ramme\Downloads\productfileexample.csv
2014-05-28 10:44 - 2014-05-28 10:44 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (32).csv
2014-05-28 09:36 - 2010-06-29 00:30 - 01527912 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 09:12 - 2014-05-28 09:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 09:11 - 2014-05-28 09:10 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Junkware Removal Tool - CHIP-Installer.exe
2014-05-27 21:10 - 2014-05-27 21:10 - 08051909 _____ () C:\Users\Ramme\Downloads\billiger (31).csv
2014-05-27 21:08 - 2014-05-27 21:08 - 02895271 _____ () C:\Users\Ramme\Downloads\idealo.csv
2014-05-27 18:29 - 2014-05-27 18:29 - 00000056 _____ () C:\Users\Ramme\Desktop\RetroGamesShop - RetroGamesShop.url
2014-05-27 18:29 - 2013-07-22 21:32 - 00000000 ____D () C:\Users\Ramme\Desktop\taotao ordner
2014-05-27 18:21 - 2014-05-27 18:21 - 00000063 _____ () C:\Users\Ramme\Desktop\Gamecollectorsparadise Import-Games - Index.url
2014-05-27 18:20 - 2014-05-27 18:20 - 24658416 _____ () C:\Users\Ramme\Downloads\export (2).csv
2014-05-27 18:18 - 2014-05-27 18:18 - 00000055 _____ () C:\Users\Ramme\Desktop\Video & Pc Games Ulm - Willkommen auf Ihrer Spiele-Plattform!.url
2014-05-27 18:17 - 2014-05-27 18:17 - 03838272 _____ () C:\Users\Ramme\Downloads\export (1).csv
2014-05-27 17:50 - 2014-05-27 17:50 - 00000050 _____ () C:\Users\Ramme\Desktop\Dvduncut.com unzensierte DVD's Shop - Newsbox.url
2014-05-27 14:07 - 2014-05-27 14:07 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (4).csv
2014-05-27 13:59 - 2014-05-27 13:59 - 00916438 _____ () C:\Users\Ramme\Downloads\smartvie (3).csv
2014-05-26 22:43 - 2013-08-18 21:39 - 00000000 ____D () C:\Users\Ramme\Desktop\tate bilder und video
2014-05-26 21:21 - 2014-05-26 21:21 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (3).csv
2014-05-26 15:11 - 2010-09-04 17:25 - 00000000 ____D () C:\Users\Ramme\Desktop\smartvie
2014-05-26 15:05 - 2014-05-26 15:05 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (30).csv
2014-05-26 15:01 - 2014-05-26 15:01 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (29).csv
2014-05-22 09:45 - 2014-05-22 09:44 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (2).csv
2014-05-21 10:42 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:37 - 2014-05-20 19:34 - 51118443 _____ () C:\Users\Ramme\Downloads\ANGHIARI 7, 2014.zip
2014-05-20 16:23 - 2014-05-20 16:23 - 07854002 _____ () C:\Users\Ramme\Downloads\smartvie (1).csv
2014-05-20 16:09 - 2014-05-20 15:51 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 16:09 - 2014-05-20 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 16:09 - 2014-05-20 15:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 16:03 - 2014-05-20 16:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-20 15:57 - 2014-05-19 09:47 - 00000000 ____D () C:\ProgramData\systemk
2014-05-20 15:56 - 2014-05-20 15:53 - 00000000 ____D () C:\AdwCleaner
2014-05-20 15:52 - 2014-05-20 15:52 - 01326389 _____ () C:\Users\Ramme\Downloads\adwcleaner_3.210.exe
2014-05-20 15:51 - 2014-05-20 15:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-20 15:46 - 2014-05-20 15:46 - 00001230 _____ () C:\Users\Ramme\Desktop\Revo Uninstaller.lnk
2014-05-20 15:46 - 2014-05-20 15:46 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-20 15:45 - 2014-05-20 15:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramme\Downloads\revosetup95.exe
2014-05-20 15:20 - 2014-05-20 15:20 - 00000102 _____ () C:\Users\Ramme\Desktop\Magentos Marktanteil bei Webshopsystemen bei 32% - Mag-tutorials.de.url
2014-05-20 10:23 - 2013-08-07 10:57 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 10:23 - 2013-08-07 10:57 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-19 19:29 - 2014-05-19 19:28 - 00043139 _____ () C:\Users\Ramme\Downloads\Addition.txt
2014-05-19 19:04 - 2014-05-19 19:04 - 00000103 _____ () C:\Users\Ramme\Desktop\fehler beim Laden des moduls - Trojaner-Board.url
2014-05-19 18:36 - 2014-05-19 18:36 - 00961360 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-05-19 18:14 - 2014-05-19 18:13 - 00149288 _____ () C:\Windows\Minidump\051914-24554-01.dmp
2014-05-19 18:13 - 2014-05-19 18:13 - 358442578 _____ () C:\Windows\MEMORY.DMP
2014-05-19 18:13 - 2010-10-13 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-05-19 18:12 - 2014-05-19 18:11 - 00921512 _____ (Oracle Corporation) C:\Users\Ramme\Downloads\chromeinstall-7u55.exe
2014-05-19 18:10 - 2014-05-19 18:10 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 18:07 - 2011-03-31 13:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 18:05 - 2014-05-19 18:05 - 00386928 _____ (Softonic ) C:\Users\Ramme\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
2014-05-19 18:05 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-05-19 17:32 - 2014-05-19 17:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Ramme\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 17:29 - 2014-05-19 17:29 - 00686664 _____ ( ) C:\Users\Ramme\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-19 17:17 - 2014-05-19 17:17 - 00000020 _____ () C:\Users\Ramme\Desktop\telekom einstellen.txt
2014-05-19 16:13 - 2014-05-19 16:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-19 16:12 - 2014-05-19 16:12 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-05-19 16:10 - 2014-05-19 16:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Ramme\Downloads\SpyHunter-Installer.exe
2014-05-19 13:36 - 2014-05-19 13:36 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (28).csv
2014-05-18 14:40 - 2014-05-18 14:40 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (27).csv
2014-05-18 13:34 - 2014-05-18 13:34 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (26).csv
2014-05-18 13:30 - 2014-05-18 13:30 - 03161478 _____ () C:\Users\Ramme\Downloads\billiger (25).csv
2014-05-16 13:01 - 2014-05-16 13:01 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (24).csv
2014-05-16 13:00 - 2014-05-16 13:00 - 00273117 _____ () C:\Users\Ramme\Downloads\billiger (23).csv
2014-05-16 12:59 - 2014-05-16 12:59 - 01671400 _____ () C:\Users\Ramme\Downloads\export.csv
2014-05-16 12:27 - 2014-05-16 12:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (22).csv
2014-05-16 09:21 - 2014-05-16 09:19 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (2).csv
2014-05-15 15:35 - 2014-05-15 15:35 - 00416804 _____ () C:\Users\Ramme\Downloads\smartvie.csv
2014-05-15 13:40 - 2014-05-15 13:40 - 07598364 _____ () C:\Users\Ramme\Downloads\billiger (21).csv
2014-05-15 10:58 - 2014-05-15 10:58 - 07642040 _____ () C:\Users\Ramme\Downloads\preissuchmaschine.csv
2014-05-14 22:18 - 2013-07-18 00:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:18 - 2010-11-25 15:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:15 - 2014-05-14 22:15 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:15 - 2010-06-29 01:06 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 12:40 - 2014-05-14 12:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (20).csv
2014-05-14 11:32 - 2014-05-14 11:32 - 14172372 _____ () C:\Users\Ramme\Downloads\billiger (19).csv
2014-05-14 10:17 - 2014-05-14 10:17 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (18).csv
2014-05-14 09:03 - 2012-07-17 10:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 09:03 - 2012-07-17 10:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (17).csv
2014-05-14 08:10 - 2014-05-14 08:10 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (16).csv
2014-05-13 19:28 - 2014-05-13 19:28 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (2).csv
2014-05-13 16:05 - 2014-05-13 16:05 - 02834486 _____ () C:\Users\Ramme\Downloads\billiger (15).csv
2014-05-13 15:44 - 2014-05-13 15:44 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (14).csv
2014-05-13 15:36 - 2014-05-13 15:36 - 00275200 _____ () C:\Users\Ramme\Downloads\billiger (13).csv
2014-05-13 15:27 - 2014-05-13 15:27 - 00287639 _____ () C:\Users\Ramme\Downloads\billiger (12).csv
2014-05-13 15:23 - 2014-05-13 15:23 - 14188006 _____ () C:\Users\Ramme\Downloads\billiger (11).csv
2014-05-13 15:19 - 2014-05-13 15:18 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie (1).csv
2014-05-13 13:00 - 2011-03-17 11:23 - 00001954 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-05-13 13:00 - 2011-03-17 11:23 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2014-05-13 12:59 - 2014-05-13 12:59 - 04968079 _____ (Tim Kosse) C:\Users\Ramme\Downloads\FileZilla_3.8.0_win32-setup [1].exe
2014-05-13 12:59 - 2011-03-17 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-05-09 18:58 - 2014-05-09 18:58 - 00000074 _____ () C:\Users\Ramme\Desktop\KONTOAUFLOESUNG POSTBANK.txt
2014-05-09 17:56 - 2014-05-09 17:56 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (10).csv
2014-05-09 17:48 - 2014-04-28 21:56 - 00000133 _____ () C:\Users\Ramme\Desktop\smartvie im kommentar erwähnen.url
2014-05-09 15:53 - 2014-05-09 15:53 - 14188956 _____ () C:\Users\Ramme\Downloads\billiger (9).csv
2014-05-09 13:40 - 2014-05-09 13:40 - 02928720 _____ () C:\Users\Ramme\Downloads\billiger (8).csv
2014-05-09 13:04 - 2014-05-09 13:04 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (7).csv
2014-05-09 12:48 - 2014-05-09 12:48 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (6).csv
2014-05-09 12:45 - 2014-05-09 12:45 - 00260313 _____ () C:\Users\Ramme\Downloads\billiger (5).csv
2014-05-09 12:41 - 2014-05-09 12:41 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland (1).csv
2014-05-09 12:40 - 2014-05-09 12:40 - 00078531 _____ () C:\Users\Ramme\Downloads\futterland.csv
2014-05-09 10:35 - 2014-05-09 10:34 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (4).csv
2014-05-09 10:33 - 2014-05-09 10:33 - 05453771 _____ () C:\Users\Ramme\Downloads\billiger (3).csv
2014-05-09 09:36 - 2014-05-09 09:36 - 16137521 _____ () C:\Users\Ramme\Downloads\billiger (2).csv
2014-05-09 08:50 - 2014-05-09 08:49 - 18708342 _____ () C:\Users\Ramme\Downloads\product_export_94_Smartvie.csv
2014-05-08 13:58 - 2010-09-02 13:18 - 00000000 ____D () C:\Users\Ramme
2014-05-07 09:44 - 2011-08-10 09:47 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\DVDVideoSoft
2014-05-07 09:42 - 2010-12-02 13:56 - 00000000 ____D () C:\Program Files\Google
2014-05-07 09:31 - 2014-05-07 09:31 - 01606064 _____ () C:\Users\Ramme\Downloads\googletalk-setup.exe
2014-05-07 09:31 - 2014-05-07 09:31 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-05-07 09:31 - 2010-12-02 13:57 - 00000000 ____D () C:\Users\Ramme\AppData\Roaming\Google
2014-05-07 09:28 - 2014-05-07 09:28 - 00629584 _____ (Chip Digital GmbH) C:\Users\Ramme\Downloads\Google Talk - CHIP-Downloader.exe
2014-05-07 08:26 - 2014-05-04 23:33 - 00000000 ___RD () C:\Users\Ramme\Dropbox
2014-05-05 11:45 - 2014-05-05 11:45 - 00303327 _____ () C:\Users\Ramme\Downloads\billiger (1).csv
2014-05-04 23:31 - 2014-05-04 23:31 - 00316160 _____ (Dropbox, Inc.) C:\Users\Ramme\Downloads\DropboxInstaller.exe

Some content of TEMP:
====================
C:\Users\Ramme\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 13:52

==================== End Of Log ============================
--- --- ---

schrauber 02.06.2014 18:28
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Problemkind8 04.06.2014 10:59
super vielen Dank!!

Ich gehe das dann alles Schritt für Schritt durch.

Gerne lade ich dich so fern du durst hast, auf ein Bier ein. Daher ich auch in München wohne :-)

Gib Bescheid!

Viele Grüße und nochmals danke,

Alex

schrauber 05.06.2014 09:17
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:47 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131