| |
| |||||||
Log-Analyse und Auswertung: Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.05.2013, 10:14
| #1 |
 |  Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Hallo zusammen, vor ein paar Tagen hat Avira bei mir folgende Schädlinge gefunden: EXP/CVE-2013-2423.J TR/Spy.ZBot.Intt.12 Der Rechner läuft und es gibt keine für mich ersichtlichen Probleme, außer dass der Rechner seit einiger Zeit langsamer hochfährt und Firefox seit etwa einer Woche nicht mehr funktioniert. Jetzt bin ich mit dem Internet Explorer im Internet. Jetzt findet Avira keine Schädlinge mehr, aber ich traue dem Ganzen irgendwie nicht. Zu meinem Laptop: Sony Vaio VPCEA2S1E Windows 7 Home Premium Prozessor Intel (R) Core(TM) i3 CPU M 350 64 Bit-Betriebssystem Hier ist die OTL.txt: Code:
ATTFilter OTL logfile created on: 23.05.2013 09:51:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Butcher\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 50,27% Memory free 7,71 Gb Paging File | 5,31 Gb Available in Paging File | 68,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,73 Gb Total Space | 387,39 Gb Free Space | 85,19% Space Free | Partition Type: NTFS Drive O: | 10,00 Gb Total Space | 10,00 Gb Free Space | 100,00% Space Free | Partition Type: FAT Computer Name: BUTCHER-VAIO | User Name: Butcher | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.23 09:49:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Butcher\Desktop\OTL.exe PRC - [2013.05.15 11:39:09 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.16 03:09:04 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe PRC - [2013.04.16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013.03.03 01:27:21 | 000,239,616 | ---- | M] (Mandiant) -- C:\Users\Butcher\AppData\Roaming\Udifyv\cavu.exe PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2012.08.13 11:08:08 | 000,103,936 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe PRC - [2012.08.08 21:30:31 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.15 14:50:59 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.15 14:50:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.11.21 12:55:52 | 000,989,264 | ---- | M] (1&1 Internet AG) -- C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe PRC - [2010.05.21 11:40:18 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe PRC - [2010.02.19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2009.12.14 22:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.12.14 22:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.12.01 22:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe PRC - [2009.11.21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.11.21 00:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009.10.24 03:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe PRC - [2009.10.15 16:34:36 | 000,427,304 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe PRC - [2009.10.15 16:34:36 | 000,091,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe PRC - [2009.10.15 16:34:36 | 000,075,048 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe PRC - [2009.10.15 16:34:34 | 000,120,104 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe PRC - [2009.10.15 16:34:34 | 000,099,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe PRC - [2009.10.15 16:34:34 | 000,070,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe PRC - [2009.09.14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009.09.14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009.09.04 22:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009.08.26 19:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe ========== Modules (No Company Name) ========== MOD - [2013.05.16 03:08:56 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013.05.16 03:08:34 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll MOD - [2013.05.16 03:08:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013.02.15 20:26:29 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll MOD - [2013.01.10 20:08:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 20:07:36 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.10 20:07:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.10 20:07:06 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.10 20:07:00 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2012.08.10 16:50:56 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.05.22 14:52:26 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.10.26 10:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2012.05.15 14:50:59 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.15 14:50:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.02.19 19:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2010.02.19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2009.12.14 22:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009.12.14 22:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009.11.30 19:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2009.11.21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009.10.15 16:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009.10.15 16:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009.10.15 16:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009.10.15 16:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009.10.15 16:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009.09.14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009.09.14 19:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009.09.14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.09.01 21:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2009.08.31 01:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) SRV - [2009.08.31 01:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.05.15 14:50:59 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.15 14:50:59 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.11.21 12:52:50 | 000,199,752 | ---- | M] (1&1 Internet AG) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ui11rdr.SYS -- (ui11rdr) DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2009.12.16 22:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2009.12.16 22:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.12.16 06:04:17 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.12.16 04:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009.12.14 22:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.11.21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.11.18 06:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.11.18 06:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.11.18 06:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.11.18 06:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.11.18 06:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009.11.13 22:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.11.12 22:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.11.12 22:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.11.06 22:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2009.09.15 22:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2009.08.19 22:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009.05.20 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2007.05.14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV - [2009.07.29 02:55:42 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/ IE - HKCU\..\SearchScopes,DefaultScope = {F308A562-30BE-4C2B-B0B0-10BEFD7A0300} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{5A14CC8B-4642-47CF-AA63-C4EAF5B74895}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKCU\..\SearchScopes\{919724FC-A48D-4B04-8F11-83A0CD7A7D00}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKCU\..\SearchScopes\{E9BCF170-691C-429A-84B2-6A888FE9322F}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKCU\..\SearchScopes\{F308A562-30BE-4C2B-B0B0-10BEFD7A0300}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.05.15 11:39:41 | 000,000,000 | ---D | M] [2013.05.16 12:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.18 23:50:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.04.18 23:50:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.04.18 23:50:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.04.18 23:50:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.05.15 11:39:16 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=SVEC O1 HOSTS File: ([2010.09.23 23:18:46 | 000,419,497 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14473 more lines... O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [1&1_1&1 Upload-Manager] C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) O4 - HKCU..\Run: [Gyewl] C:\Users\Butcher\AppData\Roaming\Udifyv\cavu.exe (Mandiant) O4 - HKCU..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Butcher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Trusted sites) O15 - HKCU\..Trusted Ranges: Range37 ([*] in Local intranet) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.21.2) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{927587AB-1894-493E-8E72-6063314BF69A}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2e1c16af-8edf-11e2-8416-f07bcbef40ab}\Shell - "" = AutoRun O33 - MountPoints2\{2e1c16af-8edf-11e2-8416-f07bcbef40ab}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe O33 - MountPoints2\{6a99b01e-8e12-11e2-a015-5442495f0b65}\Shell - "" = AutoRun O33 - MountPoints2\{6a99b01e-8e12-11e2-a015-5442495f0b65}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.23 09:49:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Butcher\Desktop\OTL.exe [2013.05.23 09:27:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2013.05.22 15:09:53 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.05.22 14:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013.05.22 14:46:12 | 000,000,000 | ---D | C] -- C:\Users\Butcher\AppData\Local\Secunia PSI [2013.05.22 14:46:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2013.05.22 13:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.05.22 13:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2013.05.16 11:29:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.05.15 11:40:08 | 000,000,000 | ---D | C] -- C:\Users\Butcher\AppData\Roaming\RealNetworks [2013.05.15 11:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks [2013.05.15 11:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2013.05.15 11:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2013.05.15 11:39:11 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2013.05.15 11:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2013.05.15 11:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.05.14 01:35:44 | 000,000,000 | ---D | C] -- C:\Users\Butcher\Documents\Downloads [2013.05.14 01:32:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2013.05.14 01:32:24 | 000,000,000 | ---D | C] -- C:\Users\Butcher\AppData\Local\Sun [2013.05.14 01:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.14 01:07:59 | 000,000,000 | ---D | C] -- C:\Users\Butcher\Desktop\Alte Firefox-Daten [2013.05.14 00:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2013.05.14 00:49:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup [2013.05.13 21:17:02 | 000,000,000 | ---D | C] -- C:\Users\Butcher\AppData\Roaming\Ugywor [2013.05.13 21:17:02 | 000,000,000 | ---D | C] -- C:\Users\Butcher\AppData\Roaming\Udifyv [2013.05.13 21:17:02 | 000,000,000 | ---D | C] -- C:\Users\Butcher\AppData\Roaming\Gute [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.23 09:49:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Butcher\Desktop\OTL.exe [2013.05.23 09:48:40 | 000,000,000 | ---- | M] () -- C:\Users\Butcher\defogger_reenable [2013.05.23 09:47:04 | 000,050,477 | ---- | M] () -- C:\Users\Butcher\Desktop\Defogger.exe [2013.05.23 09:46:04 | 000,012,856 | ---- | M] () -- C:\Users\Butcher\Desktop\Trojanerboard.odt [2013.05.23 09:43:44 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 09:43:44 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 09:26:28 | 000,001,239 | ---- | M] () -- C:\Users\Butcher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013.05.23 09:26:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.23 09:21:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.23 09:21:51 | 000,322,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.23 09:21:28 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2013.05.22 14:51:49 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.22 14:05:57 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.22 14:05:57 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.20 21:37:18 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.20 21:37:18 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.20 21:37:18 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.20 21:37:18 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.20 21:37:18 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.16 12:21:54 | 004,959,021 | ---- | M] () -- C:\Users\Butcher\Documents\Firefox 21.0 (de) - 2013-05-16.pcv [2013.05.16 11:29:28 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.05.16 03:34:09 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3020034867-2444215615-2686408888-1000.job [2013.05.15 12:25:44 | 000,015,734 | ---- | M] () -- C:\Users\Butcher\Desktop\RHF.odt [2013.05.15 11:39:46 | 000,001,358 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013.05.15 11:39:11 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2013.05.15 11:19:37 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.05.14 00:50:45 | 007,068,705 | ---- | M] () -- C:\Users\Butcher\Documents\Firefox 20.0.1 (de) - 2013-05-14.pcv [2013.05.14 00:49:20 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk [2013.05.01 20:15:22 | 000,013,863 | ---- | M] () -- C:\Users\Butcher\Desktop\VERKAUFEN.ods [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.23 09:48:40 | 000,000,000 | ---- | C] () -- C:\Users\Butcher\defogger_reenable [2013.05.23 09:46:59 | 000,050,477 | ---- | C] () -- C:\Users\Butcher\Desktop\Defogger.exe [2013.05.23 09:26:28 | 000,001,239 | ---- | C] () -- C:\Users\Butcher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013.05.23 09:25:51 | 000,012,856 | ---- | C] () -- C:\Users\Butcher\Desktop\Trojanerboard.odt [2013.05.22 14:58:08 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013.05.22 14:52:27 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.22 14:51:49 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.22 14:05:57 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.22 14:05:57 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.16 12:21:51 | 004,959,021 | ---- | C] () -- C:\Users\Butcher\Documents\Firefox 21.0 (de) - 2013-05-16.pcv [2013.05.15 11:44:19 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3020034867-2444215615-2686408888-1000.job [2013.05.15 11:39:46 | 000,001,358 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013.05.15 11:19:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.05.15 11:19:37 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.05.15 00:53:10 | 000,015,734 | ---- | C] () -- C:\Users\Butcher\Desktop\RHF.odt [2013.05.14 00:50:41 | 007,068,705 | ---- | C] () -- C:\Users\Butcher\Documents\Firefox 20.0.1 (de) - 2013-05-14.pcv [2013.05.14 00:49:20 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk [2013.04.24 14:35:47 | 000,013,863 | ---- | C] () -- C:\Users\Butcher\Desktop\VERKAUFEN.ods [2013.03.17 12:02:05 | 000,051,058 | ---- | C] () -- C:\Users\Butcher\.recently-used.xbel [2010.11.21 12:34:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.05.21 11:35:52 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.03.27 11:22:59 | 000,000,000 | -HSD | M] -- C:\Users\Butcher\AppData\Roaming\.# [2012.05.16 23:16:31 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\1&1 [2010.09.23 14:46:28 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\CheckPoint [2011.07.19 23:12:58 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\go [2013.03.09 17:18:24 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\gtk-2.0 [2013.05.22 21:37:58 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\Gute [2013.02.23 12:11:18 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\ICQ [2011.02.25 18:29:07 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\kikin [2010.09.26 22:39:21 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\OpenOffice.org [2013.05.13 21:17:02 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\Udifyv [2013.05.13 21:17:02 | 000,000,000 | ---D | M] -- C:\Users\Butcher\AppData\Roaming\Ugywor ========== Purity Check ========== < End of report > Kann mich bitte jemand unterstützen und meinen Rechner mal genauer ansehen? Vielen Dank schon mal! |
|
23.05.2013, 10:26
| #2 |
| /// Malwareteam / Visitor  | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Hi simiange
__________________ Ich bin Smeenk und ich werde versuchen Dir zu helfen  Systemscan mit ZOEK Bitte lade die zoek.exe von hier: http://hijackthis.nl/smeenk/
Bitte alles nach Möglichkeit hier in CODE-Tags posten: [code] Dein Log hier [/code] |
|
23.05.2013, 11:30
| #3 |
| | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Vielen Dank, dass Du mir hilfst!
__________________Hier ist das zoek-results.log: Code:
ATTFilter Zoek.exe Version 4.0.0.2 Updated 22-May-2013
Tool run by Butcher on 23.05.2013 at 11:34:52,33.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
"C:\ProgramData\ezsidmv.dat" deleted
"C:\Users\Butcher\AppData\Roaming\Udifyv\cavu.exe" deleted
"C:\Users\Butcher\AppData\Roaming\Ugywor\fyliu.atu" deleted
"C:\Program Files (x86)\kikin\ie_kikin.dll" deleted
"C:\Users\Butcher\AppData\Roaming\Gute" deleted
"C:\Users\Butcher\AppData\Roaming\Udifyv" deleted
"C:\Users\Butcher\AppData\Roaming\Ugywor" deleted
"C:\Windows\syswow64\appdata" deleted
"C:\Program Files (x86)\kikin" not deleted
"C:\Users\Butcher\AppData\Roaming\kikin" deleted
"C:\ProgramData\Partner" deleted
"C:\Users\Butcher\AppData\LocalLow\Conduit" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Butcher\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2013-05-22 12:05:58 F59A16A9418044C1D505C53DA370B099 2046976 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-05-22 12:05:58 C28A634CF127DA67D566B5E14D0A0170 719360 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-22 12:05:58 C225E5307D8D4982A1687F2702C37C78 158720 ----a-w- C:\Windows\SysWOW64\msls31.dll
2013-05-22 12:05:58 AF0332E09DDBE0172237D1958A7DADB8 79872 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-05-22 12:05:58 9DF7A7C74D8632CB5EBD37E3A374825E 204800 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2013-05-22 12:05:58 96E0F0BED5D9EBABB899D8CA83C36A7E 523264 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-05-22 12:05:58 87E71F2A83681F41B796CA685818EF2D 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll
2013-05-22 12:05:58 81C4D657D37C3A5418B54BFECE821B84 57344 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2013-05-22 12:05:58 7A468BC721C1D34E60389D3F2F87BBEA 14323712 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-05-22 12:05:58 65C95886E1B17001ADDF163AC18C5525 1130496 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-05-22 12:05:58 5ABB3F36AF17007F33FA275E96A2C95E 1767424 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-05-22 12:05:58 5915AA67DECA289F7B4AFB686CDB09E9 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-22 12:05:58 52AA8A8DA4175580F365D275EB53DBE3 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-05-22 12:05:58 52A7D73D5570F757D865DDECD087FB41 138752 ----a-w- C:\Windows\SysWOW64\wextract.exe
2013-05-22 12:05:58 49834B94A8E8383B700EDDEF46C2AE6A 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-05-22 12:05:58 338520304B99471BD0ED121954FE7863 82432 ----a-w- C:\Windows\SysWOW64\inseng.dll
2013-05-22 12:05:58 0402BFC25AB49E02256BC24E32829773 185344 ----a-w- C:\Windows\SysWOW64\elshyph.dll
2013-05-22 12:05:58 038F76279EC64878A072D988DE13C7B2 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2013-05-22 12:05:58 03180AFD271BFD88813F428421BC4A1A 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-05-22 12:05:57 F0D4AE074D9BC0741DC6E91C741F2F8C 23040 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2013-05-22 12:05:57 E14A07B768EC49D382CABCE2F078D576 232960 ----a-w- C:\Windows\SysWOW64\url.dll
2013-05-22 12:05:57 DFDBC397D0DDBD1AFA3CB400D4C003A9 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-05-22 12:05:57 DEFB55D4FF094673DF31FA89A8A8A2F0 226816 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2013-05-22 12:05:57 D5E5A86F49ACC11768D8339094C3AFD8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-05-22 12:05:57 C9A062F32FF600C96795B43CD9A53151 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-05-22 12:05:57 C68FBBF01E86CB6CF0B797748FBD6C1A 357888 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2013-05-22 12:05:57 B96C13B5C85AC4240FE95DE115945D59 38400 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2013-05-22 12:05:57 A7E8E3A9F92D9B0D495F636A1D282883 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2013-05-22 12:05:57 9D9AC6CE9A9D951AC40DE91CD6F0A620 1441280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2013-05-22 12:05:57 9D6BD7D1EE59B6D0FD65F1A6DF5706F9 137216 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-05-22 12:05:57 932571EFF79B93F94E84ADF4989A277F 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll
2013-05-22 12:05:57 8C3D32A4A46326031309A43C52539D7F 1400416 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat
2013-05-22 12:05:57 8A45166CD9874463AB76B552C9C2D3AD 110592 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-22 12:05:57 828B4A41BE891A7AEC07E693422B4A3A 117248 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2013-05-22 12:05:57 80B47F0F45C3EBF41C30E0BA367D25D3 125440 ----a-w- C:\Windows\SysWOW64\occache.dll
2013-05-22 12:05:57 6DF2C6438CFF6EFCBBB88AEE01795501 73728 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-22 12:05:57 56E51C26745FF7413514EA4DDF33BC6C 11776 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2013-05-22 12:05:57 4A47CAEA8D3B82DE439A79771ECED4B1 361984 ----a-w- C:\Windows\SysWOW64\html.iec
2013-05-22 12:05:57 414A3D9AAE072CDEFE0B64C2EBEE18D2 61952 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2013-05-22 12:05:57 404FAD93ABFBD86D1AAAB47D5DFA6505 242200 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2013-05-22 12:05:57 3CC9825BFFE7B7429C8B79B0395ACDA8 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-05-22 12:05:57 3AB2A38F7EA9E62D176A78FB58761E24 12800 ----a-w- C:\Windows\SysWOW64\mshta.exe
2013-05-22 12:05:57 366D8EA2ADCBA228C9487BC6D2427DDC 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-05-22 12:05:57 2D7A29C35D0894481A69FA3AC45F18F0 41984 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-22 12:05:57 28AEB03752D716BF149DBC93A9ACC17E 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-05-22 12:05:57 1FF56AC32B38A94C3C88497BD6E00C96 25185 ----a-w- C:\Windows\SysWOW64\ieuinit.inf
2013-05-22 12:05:57 0F44172A5B34E8F208CD0F209EDD4A73 629248 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2013-05-22 12:05:57 0142341520F0A0F2B0E312335B96705B 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-05-15 09:39:26 A8B28B52CE53F22C6E07A2C27E23FC18 201872 ----a-w- C:\Windows\SysWOW64\rmoc3260.dll
2013-05-15 09:39:12 B74E422BC81236042529DC8A42A18423 5632 ----a-w- C:\Windows\SysWOW64\pndx5032.dll
2013-05-15 09:39:12 33833B3EDA1B07EBD367FA9B38B23E60 6656 ----a-w- C:\Windows\SysWOW64\pndx5016.dll
2013-05-15 09:39:11 B4EB68502E52EBDC0B2C55EA3445284C 272896 ----a-w- C:\Windows\SysWOW64\pncrt.dll
2013-05-15 09:39:06 86F1895AE8C5E8B17D99ECE768A70732 348160 ----a-w- C:\Windows\SysWOW64\msvcr71.dll
2013-05-15 09:39:06 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\Windows\SysWOW64\msvcp71.dll
2013-05-15 09:35:43 565D78187494FB5F08B5A52DEB2AEA7A 12872704 ----a-w- C:\Windows\SysWOW64\shell32.dll
2013-05-15 09:35:42 E904178851A6A44BFA97E064EF779E9D 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll
2013-05-15 09:35:42 1F05F5A16881CD928C82D53CEFCF4477 180224 ----a-w- C:\Windows\SysWOW64\shdocvw.dll
2013-05-13 23:14:49 8255AD29A44B2E14B2DD99319F92A0AB 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-05-22 12:12:17 F6FF7917A2E1270C0DDE19E096A7808F 28672 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE
2013-05-22 12:05:58 5051BB40FFB2BA4870C0A059CA03294F 1054720 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2013-05-22 12:05:58 3531FA12A76A32ECECD972196775DF7C 226304 ----a-w- C:\Windows\Sysnative\elshyph.dll
2013-05-22 12:05:57 FE6CB2001A8C2A85B617CD3FC85D8242 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-05-22 12:05:57 FC6B4D5450871A4D5CB344AFF6C090EF 281600 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2013-05-22 12:05:57 F651D95B5043EFC20A6108A853553984 92160 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe
2013-05-22 12:05:57 EC6E8273B6CB79CA5B7B00CA82D1FCEE 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2013-05-22 12:05:57 EC08E38751854C5B8899139B7DD29FF9 197120 ----a-w- C:\Windows\Sysnative\msrating.dll
2013-05-22 12:05:57 E965529C43D25F2BDA77D705098BF777 135680 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2013-05-22 12:05:57 E34F0440799F9A0F9DC4265F4ADA75C1 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-05-22 12:05:57 E1055A7FAD39F1F7C44F6152044056EA 905728 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2013-05-22 12:05:57 D9C10A4A0B3411146E6FC8936B079934 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe
2013-05-22 12:05:57 D8DD5CBB9668EEE98915EA49C72F78FA 441856 ----a-w- C:\Windows\Sysnative\html.iec
2013-05-22 12:05:57 D8076F8A3C34064582035AE6696DC34A 27648 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2013-05-22 12:05:57 D0F66CFAED5B85543216EF526D380B8B 270848 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2013-05-22 12:05:57 D0D4CE6C6CE87269A34A184356475D17 149504 ----a-w- C:\Windows\Sysnative\occache.dll
2013-05-22 12:05:57 C56EF4C50A1FEED0CC9B7AE068CBBBBB 19231232 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-05-22 12:05:57 C2F21E3059AFF5E616F3E361D9FA10CD 62976 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2013-05-22 12:05:57 BC0D4AFBE94D8E1F81C8926D805C3366 247296 ----a-w- C:\Windows\Sysnative\webcheck.dll
2013-05-22 12:05:57 ADE73A865A5F136E84F49BB6B1627C6E 1509376 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2013-05-22 12:05:57 A197763AA7487807279AB61CD6835CEF 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2013-05-22 12:05:57 9D6B9124B582F0FBF275B434CE5A672C 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-05-22 12:05:57 9B2BB51ED6D28860A48CFF46FD6D3DC1 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-05-22 12:05:57 97588F2871E1FE8E3EB57B17B98DF03B 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
2013-05-22 12:05:57 942E110384668EEFF44751A02EDDF5E4 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll
2013-05-22 12:05:57 8C3D32A4A46326031309A43C52539D7F 1400416 ----a-w- C:\Windows\Sysnative\ieapfltr.dat
2013-05-22 12:05:57 82D602EBBBA6D08E4691F32269FD3494 12800 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2013-05-22 12:05:57 7EC25F7ABF7CE6B0FE93787524EE537B 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2013-05-22 12:05:57 7DAA72F6C30D81EE31EC2BDC90054326 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-05-22 12:05:57 772EC073332D1BA2DBEC32C6D063811A 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-05-22 12:05:57 658E8FEC79A4AB5BFDE032627B5C9667 13824 ----a-w- C:\Windows\Sysnative\mshta.exe
2013-05-22 12:05:57 63CAE56FE4215F98FEB0188748A99378 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2013-05-22 12:05:57 5B15164486C66B76699E1CD2CD2F3A2A 51200 ----a-w- C:\Windows\Sysnative\imgutil.dll
2013-05-22 12:05:57 4E426A67C46379B75A5E671B46FC07F6 102912 ----a-w- C:\Windows\Sysnative\inseng.dll
2013-05-22 12:05:57 4CFBEC37E4FAD530E623E1541E1EA958 599552 ----a-w- C:\Windows\Sysnative\vbscript.dll
2013-05-22 12:05:57 42758AF68D3C4912C8D8A18088AD2555 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-05-22 12:05:57 40738329209CBE2C9B48F7E30F7C1414 144896 ----a-w- C:\Windows\Sysnative\wextract.exe
2013-05-22 12:05:57 402D797A7905DC3C6FE11E75CD5252EB 235008 ----a-w- C:\Windows\Sysnative\url.dll
2013-05-22 12:05:57 31E219322B8D765F9F84B80D1D92A07F 173568 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2013-05-22 12:05:57 2C96C695B6015042AC867EA419A45C20 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-05-22 12:05:57 2AAE2B8FED8390879C2369FC63F7001F 97280 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2013-05-22 12:05:57 27A9000C534AA9BADC9EE74940F50C6D 2242048 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-05-22 12:05:57 254502230F2259D255D4149C235173B1 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-05-22 12:05:57 23556D116D5FB93395B2A648EEB24251 81408 ----a-w- C:\Windows\Sysnative\icardie.dll
2013-05-22 12:05:57 1FF56AC32B38A94C3C88497BD6E00C96 25185 ----a-w- C:\Windows\Sysnative\ieuinit.inf
2013-05-22 12:05:57 18A94D6E9D27D169D38DAB91F6A97518 136192 ----a-w- C:\Windows\Sysnative\iepeers.dll
2013-05-22 12:05:57 168602AB16D30D5D6E091CA609FC7E75 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2013-05-22 12:05:57 1456EECCB5CF6B91513200F95D61706E 762368 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2013-05-22 12:05:57 112183DF91C9BAECB498E4A86ECDE598 216064 ----a-w- C:\Windows\Sysnative\msls31.dll
2013-05-22 12:05:56 7F4F74880E0B586EB7A9E225C34B1296 15404032 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-05-22 12:05:56 440104AEB9DAF8AC9842080AE59740FA 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx
2013-05-15 09:35:56 943F527DF79E6B400104341AA7023C75 144384 ----a-w- C:\Windows\Sysnative\cdd.dll
2013-05-15 09:35:45 1BFC94665BCA35F9001ADC7BFB167C63 14172672 ----a-w- C:\Windows\Sysnative\shell32.dll
2013-05-15 09:35:43 3EF480BFED1B5947A32585E30A58D4ED 1930752 ----a-w- C:\Windows\Sysnative\authui.dll
2013-05-15 09:35:43 22A0AE97360C1B146FDD9AA55AC0E989 197120 ----a-w- C:\Windows\Sysnative\shdocvw.dll
2013-05-15 09:35:42 E948D1D42DC68923ABD75EEB5BCCD1D3 111448 ----a-w- C:\Windows\Sysnative\consent.exe
2013-05-15 09:35:42 9D2A2369AB4B08A4905FE72DB104498F 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll
2013-05-15 09:35:22 FE90B750AB808FB9DD8FBB428B5FF83B 230400 ----a-w- C:\Windows\Sysnative\wwansvc.dll
2013-05-15 09:35:22 30B1489F2DCD8DC1AB6BB60CA6093615 48640 ----a-w- C:\Windows\Sysnative\wwanprotdim.dll
2013-05-15 09:35:20 A11523523B31086DD760C0189C763359 3153920 ----a-w- C:\Windows\Sysnative\win32k.sys
2013-05-13 23:11:08 315781E506D97F08E22F164B36EB5C11 108448 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll
====== C:\Windows\Sysnative\drivers =====
2013-05-15 09:35:56 AF2E16242AA723F68F461B6EAE2EAD3D 983400 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2013-05-15 09:35:56 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys
2013-04-24 12:34:54 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
2013-05-22 12:52:27 2700099D93F799C16C010E218A13810C 884 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-15 09:44:19 41021124B66873BD0BDC34C14A484508 342 ----a-w- C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3020034867-2444215615-2686408888-1000.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-05-22 12:57:24 -------- d-----w- C:\Program Files\GIMP 2
======= C:\Program Files (x86) =====
2013-05-22 12:46:06 -------- d-----w- C:\Program Files (x86)\Secunia
2013-05-15 09:39:41 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-05-15 09:39:32 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2013-05-15 09:19:36 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe
2013-05-13 22:49:20 -------- d-----w- C:\Program Files (x86)\MozBackup
======= C: =====
====== C:\Users\Butcher\AppData\Roaming ======
2013-05-22 12:46:12 -------- d-----w- C:\users\Butcher\AppData\Local\Secunia PSI
2013-05-15 09:40:08 -------- d-----w- C:\users\Butcher\AppData\Roaming\RealNetworks
2013-05-13 23:32:24 -------- d-----w- C:\users\Butcher\AppData\Local\Sun
====== C:\Users\Butcher ======
2013-05-23 07:48:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Butcher\defogger_reenable
2013-05-22 13:09:53 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
2013-05-16 09:29:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2013-05-15 09:39:39 -------- d-----w- C:\ProgramData\RealNetworks
2013-05-15 09:39:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2013-05-13 22:49:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
====== C: exe-files ==
2013-05-23 08:16:18 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Butcher\Desktop\gmer_2.1.19163.exe
2013-05-23 07:49:30 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Butcher\Desktop\OTL.exe
2013-05-23 07:46:59 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Users\Butcher\Desktop\Defogger.exe
2013-05-23 07:24:20 20B8E9389DE13E793F622113E80B8B36 109065 ----a-w- C:\Users\Butcher\AppData\Local\Temp\tmp7ffa86a7\gw01.exe
2013-05-22 19:02:58 C9BA33919AE05DE7A7F5EF0AF3136DBE 108960 ----a-w- C:\Users\Butcher\AppData\Local\Temp\tmp25fa7cc2\gw01.exe
2013-05-22 13:06:25 AF18955096B8AA87CAA6575881388AED 473600 ----a-w- C:\Users\Butcher\AppData\Local\Temp\asdsd24312-a0fb-49b0-adba-9c435df33687\setup.exe
2013-05-22 13:02:51 FDE357AD891B8EE410EE7C7558D11BE5 108960 ----a-w- C:\Users\Butcher\AppData\Local\Temp\tmpc2b628fc\gw01.exe
2013-05-22 12:58:05 ED0FDE686788CAEC4F2CB1EC9C31680C 61440 ----a-w- C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-8.0.exe
2013-05-22 12:58:05 AE6CE17005C63B7E9BF15A2A21ABB315 65536 ----a-w- C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-7.1.exe
2013-05-22 12:58:05 8AA98031128EF0C81D34207E3C60D003 196096 ----a-w- C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-9.0.exe
2013-05-22 12:58:05 7B112B1FB864C90EC5B65EAB21CB40B8 61440 ----a-w- C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-6.0.exe
2013-05-22 12:58:05 5F1707646575D375C50155832477A437 223744 ----a-w- C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-9.0-amd64.exe
2013-05-22 12:58:03 69EF407E98408509A74F0C0D34D5B058 63317 ----a-w- C:\Program Files\GIMP 2\libexec\dbus-bash-completion-helper.exe
2013-05-22 12:58:03 545EA4EA886B7948C958D0C2E0476475 27136 ----a-w- C:\Program Files\GIMP 2\Python\pythonw.exe
2013-05-22 12:58:03 1588F0003D06C1E58AE17F4C0FC40F18 26624 ----a-w- C:\Program Files\GIMP 2\Python\python.exe
2013-05-22 12:57:57 D969AEE485B4768C863AE0DE7CD5D4B2 63709 ----a-w- C:\Program Files\GIMP 2\bin\bzip2.exe
2013-05-22 12:57:57 6A7275144C6897C8F5357CCCBB8D9A0F 43847 ----a-w- C:\Program Files\GIMP 2\bin\gspawn-win64-helper-console.exe
2013-05-22 12:57:57 4821B41FDF5F7DFC12A650E1631ABA9F 43847 ----a-w- C:\Program Files\GIMP 2\bin\gspawn-win64-helper.exe
2013-05-22 12:57:47 FDB406BBF0D8B9F3333EF150185A6DAA 55824 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sinus.exe
2013-05-22 12:57:47 F723D76B4E7EED755BB680194CC7205C 46400 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\qbist.exe
2013-05-22 12:57:47 F1BA0088F580914DC5FAF6762C501213 54696 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\maze.exe
2013-05-22 12:57:47 F1361113D7B7FF340C5D0350B50F6208 65272 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw.exe
2013-05-22 12:57:47 EA03C9A9F18E0AB7A38AAEE4716E7E38 41800 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plasma.exe
2013-05-22 12:57:47 DCB76A11378B1D1635AEC4C3D5B40006 31112 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-browser.exe
2013-05-22 12:57:47 DCAB2D86ED76B5A0B4046C007A9299D6 64032 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\iwarp.exe
2013-05-22 12:57:47 DBF1FCC80D11B2D2C8621BE206710DB1 43456 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\wind.exe
2013-05-22 12:57:47 D477A97FB6A532658819CEA8EE4E7F47 31072 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\procedure-browser.exe
2013-05-22 12:57:47 D34A27C994319BDA2AAB53F49AB8883B 44680 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unsharp-mask.exe
2013-05-22 12:57:47 D14884D5B86C70F9257FAD9EFC38F6F9 43760 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-randomize.exe
2013-05-22 12:57:47 D05B6541B6B2959DEF60D586E5E436C1 79936 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pagecurl.exe
2013-05-22 12:57:47 CEE48823EF61B6045796316FA62743CE 94552 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata.exe
2013-05-22 12:57:47 C7CC89A3CD09DA2F6803CE0192025F96 33824 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-map.exe
2013-05-22 12:57:47 BE7D68E4A3F0B09D8E0E89057360078B 41832 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\illusion.exe
2013-05-22 12:57:47 BA12FA55ADFB4D20582B2984F3080B5F 46944 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nl-filter.exe
2013-05-22 12:57:47 B8DC1F2BF99B2C0A58D55B95E88768E0 72872 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\video.exe
2013-05-22 12:57:47 B388368BEDEEF918C28940B328F6EAC5 46616 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\van-gogh-lic.exe
2013-05-22 12:57:47 AFB4D84AAABBA09FDEF82D0F7DE30D43 40920 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\smooth-palette.exe
2013-05-22 12:57:47 A8C71D89A5239A2562290056238CB3CD 34280 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\guillotine.exe
2013-05-22 12:57:47 A3A3136292B13B1EE67A34CEAD0A408D 31328 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\semi-flatten.exe
2013-05-22 12:57:47 9D310A3E8B6A3727F2D46132D8BA1D55 40480 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\shift.exe
2013-05-22 12:57:47 992260CD3B7241089ED1020BBDF96CC7 48664 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-flare.exe
2013-05-22 12:57:47 992219FF26DBDBBCC10B8D97F1323E78 82496 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help-browser.exe
2013-05-22 12:57:47 98A461C6D293DEF116B5A7B6E54A874D 42784 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-rgb.exe
2013-05-22 12:57:47 95DBB43C66F22A00DB38D56F372A25C7 86576 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sphere-designer.exe
2013-05-22 12:57:47 908F45B79BC73D8CEDE2A55BB7D4312E 48928 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\value-propagate.exe
2013-05-22 12:57:47 8D22011DC85BDA6DB60D4E581A6256E3 42496 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pixelize.exe
2013-05-22 12:57:47 8B6369DB943573D2A48CE4E47FB2B1BA 37936 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\rotate.exe
2013-05-22 12:57:47 8912A1F719194A2C47F1706FBBC322C9 80040 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\print.exe
2013-05-22 12:57:47 8833756545ACBBA5E85BCFCB9CCFA9BE 40872 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sharpen.exe
2013-05-22 12:57:47 871902F1CE80B363E15119AD81E7341F 58608 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lcms.exe
2013-05-22 12:57:47 8000A7470A336415E676054880BA9872 44384 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ripple.exe
2013-05-22 12:57:47 7BE743C349F52F8782201F45C5560E0E 61336 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\warp.exe
2013-05-22 12:57:47 77DF44DF1749CE5FC56BA721AA015E4E 43680 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help.exe
2013-05-22 12:57:47 767C3A15D9C091C457B93D43AF737A76 34168 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-seamless.exe
2013-05-22 12:57:47 7252AC4560F26AB0320BC1963AD1D07E 49088 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unit-editor.exe
2013-05-22 12:57:47 7196C855CC63B3951A846B6A14C50CDC 43960 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\win-snap.exe
2013-05-22 12:57:47 71747365A73E141620C0FCE295E6C97B 37456 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\threshold-alpha.exe
2013-05-22 12:57:47 69254AF3FD8C1824E3FB19C29BFE4AEE 137464 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lighting.exe
2013-05-22 12:57:47 68CF5F9AD06E61B475D0C71855E039CB 48168 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\photocopy.exe
2013-05-22 12:57:47 67EAA359BAFAA4DFA749D3CA75BABAEA 40600 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-glass.exe
2013-05-22 12:57:47 6224D576155A9512A9CB67A9B8D1613C 72808 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sample-colorize.exe
2013-05-22 12:57:47 5EFB8CC7E876AF1B560BEE92260C9E64 46976 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\whirl-pinch.exe
2013-05-22 12:57:47 5D2E2F8FE28AC29B7B35DDFD0CAE9E82 41568 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\waves.exe
2013-05-22 12:57:47 566384616AB2E6E1255146ECBC7E8E38 66912 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\mosaic.exe
2013-05-22 12:57:47 5484CA5ED96D01E3D831F395A3B22430 58360 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sparkle.exe
2013-05-22 12:57:47 547A768F271D207505F32AF419FAF1F2 43712 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-solid.exe
2013-05-22 12:57:47 53E43B160953B61A12F3256995981D5A 45760 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-distortion.exe
2013-05-22 12:57:47 53C6E11A147FE464FD623ED8B9D43655 40840 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile.exe
2013-05-22 12:57:47 52EBB5285838B831C79E82B684D35B0F 98064 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ifs-compose.exe
2013-05-22 12:57:47 5079E289DBD9E3944E4F491F14783DF4 45208 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\polar-coords.exe
2013-05-22 12:57:47 4C18CA68DE56E943195C04E0BFF3CCBE 43680 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\hot.exe
2013-05-22 12:57:47 4B4A9D66E3E7B2D22B5DB75DD13277F3 42880 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-apply.exe
2013-05-22 12:57:47 45AE6B8310AC4BEF9BC3BF76C09B10F8 155664 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\map-object.exe
2013-05-22 12:57:47 43F743A19059168C380C13CE47F2C029 48040 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-paper.exe
2013-05-22 12:57:47 4147689A538A3A09EA868812AFA828C0 47280 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plugin-browser.exe
2013-05-22 12:57:47 3C15B12DE0DD752ADD2230368BEE78A5 39792 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-hsv.exe
2013-05-22 12:57:47 3BED7E0EE5CAC8692E2E6B5EAFEC52C2 79504 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\selection-to-path.exe
2013-05-22 12:57:47 39DE94ED82574D59095E5D8C217B6B72 79288 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ps.exe
2013-05-22 12:57:47 31F0EEE58A5217DB94000F30AC6889DF 50728 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-small.exe
2013-05-22 12:57:47 2BDCD08CD30DE1F90A5171E1922C6089 33272 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\value-invert.exe
2013-05-22 12:57:47 2B20E60C391C7E50ED692BB48D0CCE84 208112 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\imagemap.exe
2013-05-22 12:57:47 29D93E2366D3D6C33DF0092ACF78F7CF 45608 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\softglow.exe
2013-05-22 12:57:47 25C5DE953866A02E6E76E4C32DE68108 36544 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\max-rgb.exe
2013-05-22 12:57:47 19B6A578A2F19280BAA101EF88553F4D 61120 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\newsprint.exe
2013-05-22 12:57:47 17C46F782D22B2CADE7A89F286303C4D 39200 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\red-eye-removal.exe
2013-05-22 12:57:47 0F5F7EA91B19BAF5DAE85E77C29452B9 177840 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
2013-05-22 12:57:47 0BF9304BB620BF1250A85EE47293FEB6 49224 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\oilify.exe
2013-05-22 12:57:47 0B710BA952B9CAF3EE0A9DB8BFB33A6E 51696 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\grid.exe
2013-05-22 12:57:47 033F93BF529A81535DA62EB859A9F625 52232 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nova.exe
2013-05-22 12:57:47 02714B8F86E01D43302AFD99C8D222AD 44488 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-page.exe
2013-05-22 12:57:47 002D6C8FD7D58A9F343599662B7DFAD9 39456 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-spread.exe
2013-05-22 12:57:46 EEA9EF09FE2AC688CF09ADC3F440690A 61728 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-save.exe
2013-05-22 12:57:46 E80F579595586393450502A7E8BE9576 51760 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-svg.exe
2013-05-22 12:57:46 DF053B8DAB15040BBC35E27754C92D49 44624 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sgi.exe
2013-05-22 12:57:46 D240B3164A4A36E9A44BF72E532D33B0 39680 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pcx.exe
2013-05-22 12:57:46 CA9B0BD3B61B1C41524C2743D59961FD 57832 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-load.exe
2013-05-22 12:57:46 C70ED8B12A21AC4B2BE583ECACDE0D59 50136 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff-save.exe
2013-05-22 12:57:46 C61C0FD5BCC4127A0D9C7A378783FD03 64400 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-png.exe
2013-05-22 12:57:46 C077E641BF9A404776AC415F6819AA06 71608 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd-load.exe
2013-05-22 12:57:46 AD6172A4822A4505D61851AD4CE0F725 50048 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw.exe
2013-05-22 12:57:46 A68C58A7C883803052612376F9006748 147704 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\flame.exe
2013-05-22 12:57:46 A6329B37C95A63E36EC213506BE3E284 45496 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-trace.exe
2013-05-22 12:57:46 A5EC55CBD9626281C215412283F9C22F 168912 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gfig.exe
2013-05-22 12:57:46 886D2548E07747D63C72AB5D9BF0D00C 101360 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-flare.exe
2013-05-22 12:57:46 86447CAFA759ED1C91EAB434DC6D9AF7 51520 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-wmf.exe
2013-05-22 12:57:46 71905A2E353B1F444E71717B93D4835A 78488 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\filter-pack.exe
2013-05-22 12:57:46 6CEDC234FF55310527E2832111A5F00C 49496 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psp.exe
2013-05-22 12:57:46 69C80FCE6DDB1DD1F865D958791A290F 41752 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pat.exe
2013-05-22 12:57:46 657E24F25E04B58FA23D512798F79CBF 50600 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xwd.exe
2013-05-22 12:57:46 5C4360B2953264C327B30EE53C62D62F 48024 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd-save.exe
2013-05-22 12:57:46 5BEF738120040726428DD6588BC273CB 45944 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pnm.exe
2013-05-22 12:57:46 5A9CDC431B4B5D6BAA4D556D467F75DC 50216 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xbm.exe
2013-05-22 12:57:46 54A4BCAA6E46F80541CD1CAD7D999366 57576 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff-load.exe
2013-05-22 12:57:46 53EB74E76C130CC070B2D904B7AB43F2 37352 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-uri.exe
2013-05-22 12:57:46 455E878F5AC0C774730B708ADB7F0677 58016 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\film.exe
2013-05-22 12:57:46 433522620FC55C1F88222C58ECA2C24A 84664 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-explorer.exe
2013-05-22 12:57:46 3F456F51D7858EB8B468E9D1C3100165 36296 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pix.exe
2013-05-22 12:57:46 38CC52D8CDFEF95224740F873DD79380 147304 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gimpressionist.exe
2013-05-22 12:57:46 2AAEF14AB1E19DDCC01F2A53BB627956 42656 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xpm.exe
2013-05-22 12:57:46 0A8C22D251E2FC2E26BF7BD00E0776C3 46920 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tga.exe
2013-05-22 12:57:46 09EA8A42C5EB66373E4EF9E5CAF0A659 47936 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sunras.exe
2013-05-22 12:57:45 FBD8D287610BD281753C6A652D57D384 40784 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-sobel.exe
2013-05-22 12:57:45 F6A9D74EE1606DBFE8ECACE5233E84D0 48928 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-dog.exe
2013-05-22 12:57:45 F03855E406CFF358B14ADFE7A3BBDCEE 42384 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-load.exe
2013-05-22 12:57:45 DAB4A1F72521C575F215B4B5F1757B02 56104 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\apply-canvas.exe
2013-05-22 12:57:45 DA4849B4A1ED06C3CC1644EE9C140957 45088 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\diffraction.exe
2013-05-22 12:57:45 D34E7CDE455AEEB8905459FCB4079351 45200 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cubism.exe
2013-05-22 12:57:45 D320E161E1FD72900F99B1B62A9CAADD 39888 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-cube-analyze.exe
2013-05-22 12:57:45 D206A81537AFAA7C324C34DA1B7AAAE6 32720 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-glob.exe
2013-05-22 12:57:45 D101DD3CA5D2B8A1C7D4D296C224356E 39312 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-faxg3.exe
2013-05-22 12:57:45 CD9C035E532C51E6EEB134336C4CBF47 46368 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge.exe
2013-05-22 12:57:45 CB9C5E245FA4E90FD0F66C33B0FC916C 37464 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jp2-load.exe
2013-05-22 12:57:45 C77EE97420B6A6DD2E72B50A890C547D 79616 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cml-explorer.exe
2013-05-22 12:57:45 C640E3F3796FD371D56040E9D9D04A90 35648 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-auto.exe
2013-05-22 12:57:45 C133BE7CC8100B2D2375E0EA3B21F1D9 47232 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-retinex.exe
2013-05-22 12:57:45 C042272BEA014C95E9F80E5F1CBB7A0F 46544 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-csource.exe
2013-05-22 12:57:45 BC90F3E03805859C0A3A388AC077BE9A 33104 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-stretch.exe
2013-05-22 12:57:45 BB5696B1B88B6EB361EE1E94C73A22B9 58456 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-bmp.exe
2013-05-22 12:57:45 B9886831382DF7325BA2947E4EF77B32 39704 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\checkerboard.exe
2013-05-22 12:57:45 B4015F31247A18CD53DF4D42F7FDA075 32560 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-normalize.exe
2013-05-22 12:57:45 B2A4B5C00CA8518A87A761B262466B06 31840 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-compressor.exe
2013-05-22 12:57:45 A8EA639BBC4FC58D5BAB4B15BD92E152 74080 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\curve-bend.exe
2013-05-22 12:57:45 A525EAC3FC2A593ECC403243F0C7A036 50896 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-gauss-selective.exe
2013-05-22 12:57:45 A43E0AD30072ECCB3FE836431BF35F90 47768 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cartoon.exe
2013-05-22 12:57:45 A3C39518C2949E928C7B64855D333DB1 41832 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\emboss.exe
2013-05-22 12:57:45 9F3716E7B18A8FCBFDE07AA8CAD94CB9 80680 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-rotate.exe
2013-05-22 12:57:45 9D519A23AC03E321A3B5426AF98C8131 44976 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dicom.exe
2013-05-22 12:57:45 9C969DCCE05B225F20567AA45BE0968C 56256 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-gauss.exe
2013-05-22 12:57:45 96B31FA69C851CC8F02AA51A2805EBEA 53032 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\channel-mixer.exe
2013-05-22 12:57:45 95231060B204DA7EF3BE6048B78D09E6 43256 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-optimize.exe
2013-05-22 12:57:45 94B81C40D7DA9C2CC02D245977490471 63752 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ico.exe
2013-05-22 12:57:45 9303277060FFFB81DF07D82A829C12B4 55960 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-play.exe
2013-05-22 12:57:45 8D217838A9D14C01045F5F7C3502E935 59520 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\compose.exe
2013-05-22 12:57:45 877D1491D0DA014DCB691EE95E74E831 43056 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blinds.exe
2013-05-22 12:57:45 82BFAC9426F21D1A86DDB3073C106694 31608 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-desktop-link.exe
2013-05-22 12:57:45 811CC05FC8244F2A1F46C52C1E507554 33968 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-zealous.exe
2013-05-22 12:57:45 8064DBC1A268F77B590854EFDC55F743 48752 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\depth-merge.exe
2013-05-22 12:57:45 7562B979FD072B4E79318CC053E1C405 48136 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\displace.exe
2013-05-22 12:57:45 74DD191F1895E2E8391DA30D140BD134 55864 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\decompose.exe
2013-05-22 12:57:45 73E1AC7BFA0FA22A2050644C8559F262 56520 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-mng.exe
2013-05-22 12:57:45 710AD75C8B15131B2E679FF6B2F8C45F 64272 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fits.exe
2013-05-22 12:57:45 6AAC2B035C803F860F36B0C1B10416E0 44352 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gbr.exe
2013-05-22 12:57:45 67D41B3220D1F911DBD2CA32D624E3DE 51736 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fli.exe
2013-05-22 12:57:45 5F63A8179B5ED20BDC846A98883AFB2B 45400 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-html-table.exe
2013-05-22 12:57:45 5D12A6553DB70C7C8B75C4F1EC69F4CD 40008 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\destripe.exe
2013-05-22 12:57:45 5190575C494ADC4880BAE1783C4BC0B5 41056 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-cel.exe
2013-05-22 12:57:45 4FE2F8DF533D79F8AD09C6288823FDFE 46848 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colormap-remap.exe
2013-05-22 12:57:45 4A6600DBBA228CD67C61E9892DE3B4C8 46576 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-neon.exe
2013-05-22 12:57:45 4901FA8FF398CF39F5D0586E66C50631 38000 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\deinterlace.exe
2013-05-22 12:57:45 457A1CACA0CB18BD883574DA6CA5FA2E 39336 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\engrave.exe
2013-05-22 12:57:45 3F83749EECBEA10D860EBE3D5EAE9A71 51112 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-motion.exe
2013-05-22 12:57:45 3D709A3D3C6887459FDCD41BE587B65F 34784 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur.exe
2013-05-22 12:57:45 3CFC3738E71C10DC1E7829777835E03C 33280 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-enhance.exe
2013-05-22 12:57:45 3868A4B4F8074D7CD0CC0282C4692AC3 34120 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-header.exe
2013-05-22 12:57:45 382BB26940816D1F61A8DA3106E101F3 52952 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-save.exe
2013-05-22 12:57:45 2900A7DE89B40C9E56ACFE8C38EE4E9A 50664 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-exchange.exe
2013-05-22 12:57:45 1F8B0D35F95BA1D84B2624D072788F25 86544 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpeg.exe
2013-05-22 12:57:45 1CCA35A52714A8CAEFD7F8D39342A7EB 40352 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\border-average.exe
2013-05-22 12:57:45 1ADEA517B6096C7A26FC3C1392EC4557 38840 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-to-alpha.exe
2013-05-22 12:57:45 149691EA2687CE1A3EB0B060211EEAA9 55144 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gih.exe
2013-05-22 12:57:45 0ED436B73DA89175BB85A8CFECFBC1C2 54840 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\bump-map.exe
2013-05-22 12:57:45 08E70C11D3CB0DEF00DE07B8AAD9566F 38512 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colorify.exe
2013-05-22 12:57:45 0726381BAB030F3A89B01E8B845AE164 34720 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\antialias.exe
2013-05-22 12:57:45 06697025E37EF7611A900E0B6A93ACB7 32720 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-stretch-hsv.exe
2013-05-22 12:57:45 04FE9C9085B0309A36F1745723FF40E3 45104 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\despeckle.exe
2013-05-22 12:57:45 007CE61177240A0B5DC06EF8A80A4725 48216 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\convolution-matrix.exe
2013-05-22 12:57:45 00599964FEC233999D402C6AC4ED3C89 34784 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-laplace.exe
2013-05-22 12:57:44 DAFE858A9C410B93518700213DED33B4 2509008 ----a-w- C:\Program Files\GIMP 2\bin\gimp-console-2.8.exe
2013-05-22 12:57:44 931181DB81C61AFD17723DF8E7301387 40600 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\align-layers.exe
2013-05-22 12:57:44 8E305E7A82F1F8F7AD05F2A04FCB3CEF 33528 ----a-w- C:\Program Files\GIMP 2\bin\gimptool-2.0.exe
2013-05-22 12:57:44 637D9E1E3E7B9B4A86F46F85E80D2047 45112 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\alien-map.exe
2013-05-22 12:57:44 0141EB711A2DC24DE850E01C01E3947C 5331368 ----a-w- C:\Program Files\GIMP 2\bin\gimp-2.8.exe
2013-05-22 12:57:41 E96C4D0D07E1E15B4D996E213BC14E37 39664 ----a-w- C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\twain.exe
2013-05-22 12:57:40 E87884D052C8E0B5AD3FE04A46C5C520 40290 ----a-w- C:\Program Files\GIMP 2\32\bin\gspawn-win32-helper-console.exe
2013-05-22 12:57:40 89909534A1390ADA768635622C55701F 40290 ----a-w- C:\Program Files\GIMP 2\32\bin\gspawn-win32-helper.exe
2013-05-22 12:57:24 DCAE21A3B9ED59EF050ABD39DAA50AB6 1175224 ----a-w- C:\Program Files\GIMP 2\uninst\unins000.exe
2013-05-22 12:54:19 C7A117E7370406448BD32FC99BA5C593 76902472 ----a-w- C:\Users\Butcher\Downloads\Software\gimp-2.8.4-setup.exe
2013-05-22 12:45:32 D80BA0E582F7C9CC70EEF2D39EC68D4D 3270960 ----a-w- C:\Users\Butcher\Downloads\Software\PSISetup7009.exe
2013-05-22 12:12:17 F6FF7917A2E1270C0DDE19E096A7808F 28672 ----a-w- C:\Windows\System32\IEUDINIT.EXE
2013-05-22 12:05:58 AAD90795E84E710543C6C7C2F7048E30 770608 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-05-22 12:05:58 5915AA67DECA289F7B4AFB686CDB09E9 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-22 12:05:58 52A7D73D5570F757D865DDECD087FB41 138752 ----a-w- C:\Windows\SysWOW64\wextract.exe
2013-05-22 12:05:58 5051BB40FFB2BA4870C0A059CA03294F 1054720 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-22 12:05:58 038F76279EC64878A072D988DE13C7B2 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2013-05-22 12:05:57 F651D95B5043EFC20A6108A853553984 92160 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-05-22 12:05:57 D9C10A4A0B3411146E6FC8936B079934 167424 ----a-w- C:\Windows\System32\iexpress.exe
2013-05-22 12:05:57 CEA304830B4770BDA3572B87D0841848 775232 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-05-22 12:05:57 A197763AA7487807279AB61CD6835CEF 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-22 12:05:57 9D6BD7D1EE59B6D0FD65F1A6DF5706F9 137216 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-05-22 12:05:57 82D602EBBBA6D08E4691F32269FD3494 12800 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-05-22 12:05:57 6DF2C6438CFF6EFCBBB88AEE01795501 73728 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-22 12:05:57 658E8FEC79A4AB5BFDE032627B5C9667 13824 ----a-w- C:\Windows\System32\mshta.exe
2013-05-22 12:05:57 56E51C26745FF7413514EA4DDF33BC6C 11776 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2013-05-22 12:05:57 5397E32E882C0148CEC13D9EACFB7157 222208 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2013-05-22 12:05:57 42758AF68D3C4912C8D8A18088AD2555 51712 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-05-22 12:05:57 40738329209CBE2C9B48F7E30F7C1414 144896 ----a-w- C:\Windows\System32\wextract.exe
2013-05-22 12:05:57 3AB2A38F7EA9E62D176A78FB58761E24 12800 ----a-w- C:\Windows\SysWOW64\mshta.exe
2013-05-22 12:05:57 31E219322B8D765F9F84B80D1D92A07F 173568 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-05-22 12:05:57 3090B888E263E56744F8BFEF3A36D67D 467456 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2013-05-22 12:05:57 15CCEAC53648FF7C17AE98923BCD3D75 24576 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
2013-05-22 12:05:57 05277EDA27E5A55CA22AC37DAC47DD23 223744 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-05-22 12:05:56 D57BCCD989555B0D6E47AE0F364DD4D3 327680 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
2013-05-22 12:05:56 4BA4770D890B320DAB575B07C7DAF59D 481280 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-05-22 12:00:55 615483B8E9439D63F6A79195A7D1D386 51415040 ----a-w- C:\Users\Butcher\Downloads\Software\IE10-Windows6.1-x64-de-de_b16521.exe
2013-05-22 12:00:04 32357DB0A54BB3CE2EEF53EA7738483B 8192 ----a-w- C:\Users\Butcher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N9MAEV8R\IE10-Windows6.1-x86-de-de_b16521[1].exe
2013-05-22 11:59:53 C4CEEF155128E61ED57BB3ECE4DCBC42 810108 ----a-w- C:\Users\Butcher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\79M6MHVE\IE10-Windows6.1-x86-de-de_b16521[1].exe
2013-05-22 11:10:31 15B86AEBC342B42AB5CAFA3E7A743A60 4346816 ----a-w- C:\Users\Butcher\Downloads\Software\ccsetup401.exe
2013-05-22 07:02:27 F29E384CAAB7BED7767994F2E95E59C6 109061 ----a-w- C:\Users\Butcher\AppData\Local\Temp\tmp53aeb831\gw01.exe
2013-05-21 20:43:44 4F3E36CCB0FD550775B4257E79C39500 109077 ----a-w- C:\Users\Butcher\AppData\Local\Temp\tmp849019e7\gw01.exe
2013-05-21 14:43:08 BC069CFF6D790FE5E26D2551EFD25467 109030 ----a-w- C:\Users\Butcher\AppData\Local\Temp\tmp43e39d7f\gw01.exe
2013-05-16 14:18:53 CCB6C951E059A172CAAE39D7765016C8 21151576 ----a-w- C:\Users\Butcher\Downloads\Firefox_Setup_21.0.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"1&1_1&1 Upload-Manager"="C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE /hide"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ICQ"="C:\Program Files (x86)\ICQ7.2\ICQ.exe silent loginmode=4"
"Gyewl"="C:\Users\Butcher\AppData\Roaming\Udifyv\cavu.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"MarketingTools"="C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"SHTtray.exe"="C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"1&1_1&1 Upload-Manager"="C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE /hide"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ICQ"="C:\Program Files (x86)\ICQ7.2\ICQ.exe silent loginmode=4"
"Gyewl"="C:\Users\Butcher\AppData\Roaming\Udifyv\cavu.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Folders ======================
2013-05-23 07:26:28 1239 ----a-w- C:\users\Butcher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
2010-05-19 21:28:34 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undertermined Task]
C:\Windows\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3020034867-2444215615-2686408888-1000.job --a------ C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [16.04.2013 03:09]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16.04.2013 03:11]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17.01.2012 11:45]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.web.de/"
"Default_Page_URL"="hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.web.de/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{F308A562-30BE-4C2B-B0B0-10BEFD7A0300}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{5A14CC8B-4642-47CF-AA63-C4EAF5B74895} eBay Url="hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{919724FC-A48D-4B04-8F11-83A0CD7A7D00} Zinio Url="hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search"
{E9BCF170-691C-429A-84B2-6A888FE9322F} Shopping.com Url="hxxp://de.shopping.com/?linkin_id=8056363"
{F308A562-30BE-4C2B-B0B0-10BEFD7A0300} Google Url="hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2} deleted successfully
HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Butcher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Butcher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kathrin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\users\Kathrin\AppData\Local\Mozilla\Firefox\Profiles\h03qi354.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Butcher\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Butcher\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\kikin" not found
"C:\users\Kathrin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7XGQVWKC\admin.brightcove.com" not found
==== EOF on 23.05.2013 at 12:25:20,70 ======================
|
|
23.05.2013, 11:43
| #4 |
| /// Malwareteam / Visitor | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Es hat Prima gelaufen 
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
23.05.2013, 12:16
| #5 |
| | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Danke für die schnelle Antwort! Hier ist das zoek-results.log: Code:
ATTFilter Zoek.exe Version 4.0.0.2 Updated 22-May-2013
Tool run by Butcher on 23.05.2013 at 12:52:22,27.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Older Logs ======================
C:\zoek-results23.05.2013-1225.log 55258 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gyewl"=-
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3020034867-2444215615-2686408888-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"1&1_1&1 Upload-Manager"="C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE /hide"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ICQ"="C:\Program Files (x86)\ICQ7.2\ICQ.exe silent loginmode=4"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"MarketingTools"="C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"SHTtray.exe"="C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"1&1_1&1 Upload-Manager"="C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE /hide"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"ICQ"="C:\Program Files (x86)\ICQ7.2\ICQ.exe silent loginmode=4"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Folders ======================
2013-05-23 07:26:28 1239 ----a-w- C:\users\Butcher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
2010-05-19 21:28:34 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undertermined Task]
C:\Windows\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3020034867-2444215615-2686408888-1000.job --a------ C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [16.04.2013 03:09]
==== EOF on 23.05.2013 at 12:53:34,32 ======================
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.23.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Butcher :: BUTCHER-VAIO [administrator]
23.05.2013 13:10:44
mbar-log-2013-05-23 (13-10-44).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31046
Time elapsed: 12 minute(s), 50 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
23.05.2013, 12:58
| #6 |
| /// Malwareteam / Visitor | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Es sieht schon ziemlich sauber aus  Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Downloade Dir bitte  SecurityCheck und:
|
|
23.05.2013, 13:45
| #7 |
| | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Na das hört sich ja gut an! AdwCleaner: Code:
ATTFilter # AdwCleaner v2.301 - Datei am 23/05/2013 um 14:29:54 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Butcher - BUTCHER-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Butcher\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Kathrin\AppData\Local\Temp\boost_interprocess
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Butcher\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1509 octets] - [23/05/2013 14:29:54]
########## EOF - C:\AdwCleaner[S1].txt - [1569 octets] ##########
SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.63
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 7 Update 21
Adobe Flash Player 11.7.700.202
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
23.05.2013, 14:36
| #8 |
| /// Malwareteam / Visitor | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Meiner Meinung nach ist es jetzt sauber Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Tools deinstallieren Die Reihenfolge ist hier entscheidend.
Abschließend noch Tipps zu folgenden Themen:
 Lesestoff:Systemupdates Man kann es gar nicht oft genug erwähnen, wie wichtig es ist, sein System aktuell zu halten. Dein Auto bringst du ja auch regelmässig zur Inspektion in die Werkstatt. Stelle also bitte sicher, dass die Systemupdates aktiviert sind:
Lesestoff:Softwareupdates Ebenso wichtig wie die Systemprogramme ist auch die Software, die du täglich nutzt. Die folgende Liste gibt dir einen kleinen Überblick mit Links zu den Updates, welche Programme dringend aktuell gehalten werden müssen (falls du sie überhaupt installiert hast und nutzt), weil durch deren Sicherheitslücken oft Malware auf die Computer gelangen kann:
Lesestoff:Sicherheitssoftware Würde dich jemand nackt auf dem Motorrad auf der Autobahn überholen würdest du auch den Kopf schütteln. Dein Computer braucht auch einen Schutz vor den täglichen kleinen Angriffen durch Schädlinge. Neben hervorragenden kommerziellen Anti-Viren-Lösungen gibt es auch durchaus gute Schutzprogramme, die kostenfrei mit reduziertem Funktionsumfang erhältlich sind. Aber vorsicht, hier gilt nicht "je mehr desto besser". Was du brauchst ist genau einen Virenscanner mit Hintergrundwächter. Nicht mehr und nicht weniger. Es gibt hier viele Produkte auf dem Markt, die einem gute Dienste leisten. Ich persönlich empfehle dir Avast Free Antivirus. Es bietet relativ guten Schutz, bei wenig nerviger Werbung und installiert dir ein Browserplugin, das dich vor gefährlichen Webseiten warnt.
Lesestoff:Sicheres Surfen Zunächst muss man sagen, dass es üblicherweise immer der menschliche Faktor ist, der es Malware ermöglicht auf einen Computer zu gelangen. Kaufst du Leuten, die an deiner Haustür klingeln, auch sofort ohne nachzudenken irgendwelches Zeug ab? Gewöhne dir daher zunächst einige Verhaltensregeln beim Surfen im Internet an:
Aber selbst bei der peinlichen Einhaltung dieser Regeln kann es dennoch zu einer sogenannten Drive-By-Infektion kommen, bei der ein Schädling aus dem Schutzmechanismus des Webbrowsers ausbricht. Um die Sicherheit noch weiter zu erhöhen gibt es spezielle Schutzsoftware, die deinen Browser noch weiter absichert.
Zuletzt denke bitte über die Benutzung eines alternativen Browsers nach. Programme, die nicht so oft verwendet werden, sind auch nicht so sehr im Focus der "bösen Jungs". D.h. du bist mit einem exotischen Browser eher auf der sicheren Seite. Grundsätzlich bist du erst einmal deutlich sicherer, wenn du nicht den Internet Explorer benutzt.
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Grüße Smeenk |
|
23.05.2013, 23:24
| #9 |
| | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden Super. Vielen Dank für Deine tolle Unterstützung Smeenk! Habe alles durchgearbeitet und auch eine Spende gemacht. Zwei kleine Abschlussfragen noch: - Sollte ich den Windows Defender neben einem Virenscanner zusätzlich aktivieren oder deaktivieren? - Ich hatte in einem andere Thread mal etwas gelesen, dass man unbedingt Service Pack 2 installieren soll? Soll ich das auch tun? |
|
24.05.2013, 06:41
| #10 | |
| /// Malwareteam / Visitor | Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefundenZitat:
Im namen Trojaner-Board danke für deine Spende SP 2 fur Windows 7 gibt es noch gar nicht: Service Pack Center - Microsoft Windows Windows Defender kann Problemlos aktiviert werden, nur wenn man Microsoft Security Essentials als AV verwendet wird Windows Defender automatisch deaktiviert. |
|
| Themen zu Schädlinge "EXP/CVE-2013-2423.J" und "TR/Spy.ZBot.Intt.12" über Avira gefunden |
| adobe, antivir, avg, avira, bho, bonjour, cpu, error, exp/cve-2013-2423.j, explorer, firefox, flash player, format, home, homepage, internet, internet explorer, intranet, logfile, object, opera, plug-in, realtek, registry, safer networking, scan, server, software, symantec |
Linear-Darstellung
