Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
QV 06 und Spyhunter 4 auf meinem Rechner...

QV 06 und Spyhunter 4 auf meinem Rechner...


Log-Analyse und Auswertung: QV 06 und Spyhunter 4 auf meinem Rechner...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 04.07.2013, 09:15   #1
bongsen
 
QV 06 und Spyhunter 4 auf meinem Rechner... - Standard

QV 06 und Spyhunter 4 auf meinem Rechner...


Moin zusammen,

Ihr könntet meine Rettung sein...in schlafduseliger dämlichkeit lade ich mir gestern Abend einen angeblich sauberen Kartensatz Seekarten runter mit einem Programm namens FT Downloader....und fange mir QV06 ein...im Anschluss in meisterlicher Glanzleistung bin ich noch auf spyhunter 4 reingefallen.
Ich habe gerade nach einem Check mit Hitman Pro ( hxxp://blog.botfrei.de/2013/05/was-mache-ich-bei-einer-zeuszbot-infektion/ ) habe ich eine Menge Adware entfernen lassen:

Code:
ATTFilter
HitmanPro 3.7.6.201
www.hitmanpro.com

   Computer name . . . . : BONG-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : bong-PC\bong
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2013-07-04 09:45:40
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 48s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 20
   Traces  . . . . . . . : 306

   Objects scanned . . . : 1.568.518
   Files scanned . . . . : 69.206
   Remnants scanned  . . : 511.040 files / 988.272 keys

Malware _____________________________________________________________________

   C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\WebCakesetup[1].exe
      Size . . . . . . . : 1.212.288 bytes
      Age  . . . . . . . : 0.7 days (2013-07-03 18:03:46)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 02E10E9B754D5C283066180E5D651335A1706841362C6F7721A6C50CFD73B7A2
      Product  . . . . . : WebCake
      Publisher  . . . . : WebCake LLC
      Description  . . . : Installer
      Version  . . . . . : 2013.6.20.1708
      Copyright  . . . . : Copyright (c) 2013 WebCake LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      Source URL . . . . : hxxp://dl-cdn.getwebcake.com/install/v8/WebCakesetup.exe
      Authenticode . . . : Valid
    > Ikarus . . . . . . : AdWare.Yontoo!IK
      Fuzzy  . . . . . . : 103.0
      Forensic Cluster
         -174.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\activityfeed[1]
         -173.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\GIF[1]
         -173.6s C:\Users\bong\AppData\Local\Spotify\Storage\26\26969eacefc332456ceb2a2e1201c044db2f3410.file
         -172.7s C:\Users\bong\AppData\Local\Spotify\Storage\5c\5cd0b1a1fd4d1d9c17634b213fd4519b205a55d9.file
         -161.0s C:\Users\bong\AppData\Local\Spotify\Storage\e1\e1db69d5ec3bdde01039eb9f4646c9c0d028c42b.file
         -157.7s C:\Users\bong\AppData\Local\Spotify\Storage\53\5324735d21581ef20de644bbe10e64cf695e5a5a.file
         -154.6s C:\$Recycle.Bin\S-1-5-21-1864449660-13589033-3980891257-1000\$R6I6FRL.lnk
         -154.6s C:\$Recycle.Bin\S-1-5-21-1864449660-13589033-3980891257-1000\$R8G623C.com\
         -154.6s C:\$Recycle.Bin\S-1-5-21-1864449660-13589033-3980891257-1000\$R8G623C.com\FTDownloader.lnk
         -154.0s C:\Users\bong\AppData\Local\Spotify\Storage\5f\5fdb52d8bb5696bfddb55d8005918f071430e55f.file
         -152.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\FTDownloader[1].exe
         -137.5s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_AD9E7615297A3A83320AACE5801A04F9
         -137.5s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_AD9E7615297A3A83320AACE5801A04F9
         -137.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DBBE0AEF-CB59-426E-8467-5CB0AC4841F0}
         -136.8s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F39B5CFACECFDE48DB25BCA2231FAC6_82E8352AAE480E73671F10D8A0421CE6
         -136.8s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F39B5CFACECFDE48DB25BCA2231FAC6_82E8352AAE480E73671F10D8A0421CE6
         -135.4s C:\Users\bong\AppData\Local\PutLockerDownloader\
         -135.4s C:\Users\bong\AppData\Local\PutLockerDownloader\FTDownloader.exe_Url_pbohkzvgtsuxit2rcc3uu50tvv1mqx1b\
         -135.4s C:\Users\bong\AppData\Local\PutLockerDownloader\FTDownloader.exe_Url_pbohkzvgtsuxit2rcc3uu50tvv1mqx1b\1.1.1.1\
         -135.4s C:\Users\bong\AppData\Local\PutLockerDownloader\FTDownloader.exe_Url_pbohkzvgtsuxit2rcc3uu50tvv1mqx1b\1.1.1.1\user.config
         -129.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\rebrand_style[1].css
         -129.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\download[1].js
         -129.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\jquery-1.8.3.min[1].js
         -129.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\jquery-ui-1.8.23.custom.min[1].js
         -129.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\jquery-ui-1.8.4.custom[1].css
         -129.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\icon_close[1].png
         -128.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\premium[1].css
         -128.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\jQueryRotate.2.2[1].js
         -128.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\bg_arrow_down[1].png
         -128.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\bg_pointer2[1].png
         -128.5s C:\Windows\Prefetch\FTDOWNLOADER.EXE-6E692261.pf
         -127.9s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4302E4BD4246B8416A3626782DD3C8B9_E59C93B2413902CF7F9DD030C2CF42A0
         -127.9s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4302E4BD4246B8416A3626782DD3C8B9_E59C93B2413902CF7F9DD030C2CF42A0
         -127.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\script[1].js
         -127.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\bg_header[1].gif
         -127.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\bg_lang_switcher[1].gif
         -127.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\icon_downloader_medium[1].png
         -127.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\share1[1].js
         -127.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\bg_btn_round[1].png
         -127.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\img_sigmal_premium[1].jpg
         -127.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\pay[1].htm
         -127.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\bg_logo[1].gif
         -127.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\bg_lang_arrow[1].gif
         -127.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\bg_langs[1].gif
         -127.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\img_sigmal_free[1].jpg
         -127.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\inst_forex_724x105[1].png
         -127.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\bg_btn[1].png
         -127.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\bg_btn_double_fon2[1].png
         -127.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\bg_pnl_header[1].png
         -127.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\br_num_2[1].gif
         -127.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\br_num_3[1].gif
         -126.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\res_mail[1].gif
         -126.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\bg_pnl[1].gif
         -126.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\bg_pnl_round[1].gif
         -126.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\br_num_1[1].gif
         -126.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\bg_pnl_round_rb[1].gif
         -126.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\bg_pnl_round_lt[1].gif
         -126.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\img_monline[1].png
         -126.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\fstdata_sub[1].js
         -126.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\draw_stat[1].js
         -126.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\jquery.cookie[1].js
         -126.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\jquery.json-2.4.min[1].js
         -126.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\img_step_1[1].png
         -126.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\img_step_2[1].png
         -126.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\img_step_3[1].png
         -126.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\index[1].htm
         -126.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\analytics[1].js
         -126.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\we_pay_grey_wide[1].png
         -126.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\blue_rus[1].gif
         -126.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\watch[1].js
         -126.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\jspimggen[1].png
         -126.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\ui-bg_highlight-soft_100_eeeeee_1x100[1].png
         -125.9s C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\VBUTQETJ.txt
         -125.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\collect[1].gif
         -125.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\device[1].js
         -125.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\jspimggen[1].htm
         -125.3s C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\QPG59SRF.txt
         -123.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\top_slider[1].js
         -123.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\script[1].js
         -123.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\collect[2].gif
         -123.2s C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\UP7N4ZRS.txt
         -123.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\counter[1].htm
         -123.1s C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\5HQ1ALTF.txt
         -123.0s C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\9T20NCB1.txt
         -122.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\pay[2].htm
         -122.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\bg_grads[1].png
         -122.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\bg_slider[1].png
         -122.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\icons_paym[1].png
         -122.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\index[1].htm
         -122.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\main[1].css
         -122.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\jquery-1.7.2.min[1].js
         -122.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\msn[1].js
         -122.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\schliessen_button[1].png
         -121.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\letitbit[1].jpg
         -121.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\logos_provider_0001_telekom[1].png
         -121.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\logos_provider_0000_vodafone[1].png
         -121.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\logos_provider_0003_o2[1].png
         -121.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\logos_provider_0002_e-plus[1].png
         -121.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\logos_provider_0004_mobilcom[1].png
         -121.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\grauer_verlauf_hintergrund[1].png
         -121.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\verlauf_schwarz[1].png
         -121.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\gradient_button_one_line[1].jpg
         -121.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\fade_grauer_verlauf_hintergrund[1].png
         -121.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\verlauf_grau[1].png
         -121.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\button-bestellen_grey[1].png
         -121.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\check_richtig[1].png
         -103.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D8C32CE2-83CA-4766-A6EB-45201D30AB40}
         -100.2s C:\Windows\Prefetch\FLTEXTSETUP.EXE-2919EFFC.pf
         -98.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{10791706-FEEA-4150-A371-D87D6587C775}
         -90.5s C:\Windows\Prefetch\FTDOWNLOADERIE.EXE-7F56708F.pf
         -89.6s C:\Users\bong\AppData\Local\Temp\FTdownloader V4.0Installer_1372867335.log
         -88.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AC861EDD-3458-46D3-A42C-5575099F2DBA}
         -86.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\installer[1].gif
         -85.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\monetization[1].gif
         -81.1s C:\Windows\Prefetch\VSCLHGE.EXE-C23780D8.pf
         -79.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C64E6143-3368-4986-A0CB-697567C09FDC}
         -77.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\manifest[1].xml
         -76.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E0F2A988-3273-48C4-93F6-6DF75F92BEBF}
         -73.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\app_code[1].js
         -71.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\bg_code[1].js
         -70.9s C:\Windows\Prefetch\FTDOWNLOADER V4.0-CODEDOWNLOA-2E5EAC2B.pf
         -70.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\plugins[1].json
         -68.7s C:\Windows\Prefetch\PHDSETUP.EXE-E3A8917A.pf
         -67.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\CrossriderAppUtils[1].js
         -67.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\CrossriderUtils[1].js
         -66.7s C:\Users\bong\AppData\Local\Temp\Plus-HD-2.2Installer_1372867359.log
         -66.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\jQuery[1].js
         -65.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\installer[2].gif
         -65.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{4CDE7765-AE2E-48C0-82FC-D119132DF7C1}
         -65.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\monetization[2].gif
         -64.3s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\prefs-1.js
         -57.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\base[1].js
         -57.0s C:\Windows\Prefetch\WOCTNQWHTTEBJ.EXE-6DCD8B7B.pf
         -53.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0E1E7566-6BE2-4B33-A832-3907A2322751}
         -53.2s C:\Windows\Prefetch\PLUS-HD-2.2-FIREFOXINSTALLER.-3DEE9434.pf
         -51.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\manifest[1].xml
         -50.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\app_code[1].js
         -50.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DF41D4F0-2C91-49ED-B812-C956D00C9025}
         -50.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\bg_code[1].js
         -50.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\plugins[1].json
         -49.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\CrossriderAppUtils[1].js
         -49.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\CrossriderUtils[1].js
         -49.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\jQuery[1].js
         -48.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\base[1].js
         -48.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\jquery-1_7_1_min[1].js
         -47.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\ie8_fix_1[1].js
         -47.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\ie8_fix_2[1].js
         -47.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\initializer[1].js
         -46.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\debug[1].js
         -46.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\resources[1].js
         -46.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\IEAjax[1].js
         -45.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\IEBackground[1].js
         -45.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\IEBrowserEvents[1].js
         -45.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\IECallbacks[1].js
         -44.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\IEDatabase[1].js
         -44.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\IEExtension[1].js
         -44.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\IEInfo[1].js
         -43.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\IEInternal[1].js
         -43.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\IEMessaging[1].js
         -43.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\IEMisc[1].js
         -42.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\IEOnRequest[1].js
         -42.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\IETimers[1].js
         -42.3s C:\Windows\Prefetch\PLUS-HD-2.2-CODEDOWNLOADER.EX-77785A59.pf
         -42.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\resources_background[1].js
         -41.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\appApiMessage[1].js
         -41.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\appApiValidation[1].js
         -40.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\CrossriderInfo[1].js
         -40.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\monetizationLoader[1].js
         -39.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\superfish_m[1].js
         -39.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\superfish_no_coupons_m[1].js
         -39.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\IEPopup[1].js
         -38.9s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\jetpack\ftd@ftd.com\
         -38.9s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\jetpack\
         -38.9s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\jetpack\ftd@ftd.com\simple-storage\
         -38.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\cortica_m[1].js
         -38.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\dealply_m[1].js
         -36.8s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\indexedDB\chrome\
         -36.8s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\indexedDB\
         -35.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\intext_5_m[1].js
         -35.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\jollywallet_m[1].js
         -34.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\corticas_m[1].js
         -34.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\ginyas_wrapper[1].js
         -33.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\coupish_m[1].js
         -33.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\icm_m[1].js
         -30.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\ads_only_5_m[1].js
         -30.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\coupons_intext_ads_5_m[1].js
         -29.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\similar_web_m[1].js
         -29.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\luck_m[1].js
         -29.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\intext_adv_m[1].js
         -28.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\superfish_no_search_no_coupons_m[1].js
         -28.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\arcadi2_m[1].js
         -28.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\revizer_ws_m[1].js
         -27.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\revizer_p_m[1].js
         -27.6s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\superfish_pricora_m[1].js
         -27.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\widdit_m[1].js
         -25.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\stats[1].gif
         -21.5s C:\Windows\Prefetch\PLUS-HD-2.2-HELPER.EXE-25B7440F.pf
         -18.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\ie-error[1].gif
         -16.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\stats[1].gif
         -16.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\ie-error[1].gif
         -14.7s C:\Windows\Prefetch\FTDOWNLOADER V4.0-HELPER.EXE-A9403661.pf
         -14.3s C:\Windows\Prefetch\REGSVR32.EXE-03D3FB87.pf
         -12.9s C:\Windows\Prefetch\PLUS-HD-2.2-BG.EXE-C50029B4.pf
         -10.5s C:\Windows\Prefetch\PLUS-HD-2.2-ENABLER.EXE-CC69C3A4.pf
         -7.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\installer[1].gif
         -6.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\apps[1].gif
         -6.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\monetization[3].gif
         -5.0s C:\Windows\Prefetch\FTDOWNLOADER V4.0-BG.EXE-65341846.pf
         -2.5s C:\Windows\Prefetch\FTDOWNLOADER V4.0-ENABLER.EXE-33C19C26.pf
         -1.6s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\
         -1.6s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe
         -1.6s C:\ProgramData\Tarma Installer\
         -1.6s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
         -1.6s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
         -1.6s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache\
         -1.6s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
         -1.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6AA49101-1883-4EAA-B14C-A881D25E364C}
         -0.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1ACADBCC-BF20-4331-B524-B0D10C5A9F7C}
         -0.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\a[1].txt
          0.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\WebCakesetup[1].exe
          0.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\installer[3].gif
          1.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\apps[1].gif
          1.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\monetization[1].gif
          7.2s C:\Windows\Prefetch\WBCSETUP.EXE-412175FA.pf
          7.7s C:\Windows\Prefetch\WBCSETUP-15D0.EXE-0067C6F0.pf
          9.9s C:\Users\bong\AppData\Local\Microsoft\Windows\WebCache\V01.log
         13.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B4CE0D8D-9B31-4AEC-AF1F-9DA913681F26}
         13.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\Meh[1].json
         13.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F948C430-9E7E-4017-BE16-541E135CEB93}
         14.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\a[1].txt
         16.6s C:\Windows\Prefetch\7ZA.EXE-4ABEEABC.pf
         16.6s C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\user.js
         16.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\a[1].js
         17.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{934340C1-2B19-4E01-AA1E-2E3F2E5432EB}
         17.6s C:\Windows\Prefetch\SC.EXE-F4E1A8F7.pf
         18.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FCD95BFE-7556-4F86-8E5A-E76B415C7784}
         18.5s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_538D903C0A81D46E90DBA469E6311D92
         18.5s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_538D903C0A81D46E90DBA469E6311D92
         18.7s C:\Windows\Prefetch\CMD.EXE-6D6290C5.pf
         18.9s C:\Windows\Prefetch\WC-1628.EXE-A5C48BC4.pf
         18.9s C:\Windows\Prefetch\WC.EXE-FB312742.pf
         19.0s C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
         20.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DF9EDD58-E603-4DFA-AEDB-3192C1288E21}
         20.7s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F6DEB9C1F3251400F7D6EB743CB14FB4
         20.7s C:\Users\bong\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F6DEB9C1F3251400F7D6EB743CB14FB4
         27.4s C:\Windows\Prefetch\WEBCAKEDESKTOP.EXE-E96E71BE.pf
         28.5s C:\Windows\Prefetch\WEBCAKEDESKTOP.UPDATER.EXE-7443D81B.pf
         30.3s C:\Users\bong\AppData\Roaming\eIntaller\B9614D886F7B4f9c9937FCC7773D9637\
         30.3s C:\Users\bong\AppData\Roaming\eIntaller\B9614D886F7B4f9c9937FCC7773D9637\Config.ini
         30.3s C:\Users\bong\AppData\Roaming\eIntaller\
         30.3s C:\Users\bong\AppData\Roaming\eIntaller\B9614D886F7B4f9c9937FCC7773D9637\eXQ.exe
         30.3s C:\Users\bong\AppData\Roaming\eIntaller\B9614D886F7B4f9c9937FCC7773D9637\Desk365.exe
         30.3s C:\Users\bong\AppData\Roaming\eIntaller\B9614D886F7B4f9c9937FCC7773D9637\eGdpSvc.exe
         31.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{073D2944-2EAD-4A06-A643-BAC8ADBFC607}
         40.2s C:\Windows\Prefetch\ELEXINST.EXE-2F947125.pf
         48.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\ping2[1].htm
         48.6s C:\Windows\Prefetch\TASKKILL.EXE-0ECD41EC.pf
         49.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D360BE3B-C019-4462-9CD1-4A2B91EF8DD2}
         52.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9CD6304E-480A-420C-B91D-F0B89C1CA2EE}
         52.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9CD6304E-480A-420C-B91D-F0B89C1CA2EE}
         52.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9CD6304E-480A-420C-B91D-F0B89C1CA2EE}
         57.6s C:\Windows\Prefetch\EXQ.EXE-21C50F24.pf
         61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6F50467C-66C2-4154-87F3-6B2078A74C4A}
         61.6s C:\Windows\Prefetch\DESK365.EXE-027D2917.pf
         62.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\softupdate[1].htm
         62.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\softupdate[1].htm
         62.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\softupdate[1].htm
         62.7s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\softupdate[1].htm
         65.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{011E5ED9-87E1-48B9-B4E3-256996CEEBC5}
         67.2s C:\Windows\Prefetch\DESKSVC.EXE-AA93EA6E.pf
         67.2s C:\Windows\Prefetch\DESKSVC.EXE-AA93EA6E.pf
         67.2s C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
         67.4s C:\Windows\Prefetch\EINSTALL.EXE-0FE83655.pf
         67.4s C:\Windows\Prefetch\EINSTALL.EXE-0FE83655.pf
         67.4s C:\Windows\Prefetch\EINSTALL.EXE-0FE83655.pf
         67.4s C:\Windows\Prefetch\EINSTALL.EXE-0FE83655.pf
         67.4s C:\Windows\Prefetch\EINSTALL.EXE-0FE83655.pf
         68.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7A8D1136-DCD2-439B-8886-D37A4420F18C}
         69.6s C:\ProgramData\eSafe\
         70.5s C:\ProgramData\eSafe\log\
         70.5s C:\ProgramData\eSafe\log\eGdpSvc.LOG
         70.6s C:\Windows\Prefetch\EGDPSVC.EXE-9BF97A22.pf
         70.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{32B8D6E5-5C70-42BE-8A61-9142907420AF}
         71.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\1440_900[1].jpg
         71.3s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\1440_900[2].jpg
         71.7s C:\Windows\Prefetch\EGDPSVC.EXE-C2B2CC3E.pf
         72.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{77979213-612F-4FE0-AE0A-738774F012FC}
         72.9s C:\Users\bong\AppData\Roaming\Dropbox\shellext\l\51d44bab
         73.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\1440_900[1].jpg
         74.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\89dWlkPVNelhbkRpc2tYU1NEWFUxMDBYMjU2R0JfMTE1MjQxMzeAx1Mzgy86[1].htm
         74.8s C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\O008F5XF.txt
         74.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\en_us[1].htm
         74.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\en_us[1].htm
         74.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\softupdate[1].htm
         75.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\angrybirds[1].ico
         75.2s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\1440_900[1].jpg
         75.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\1440_900[2].jpg
         75.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPF6SSX3\1440_900[2].jpg
         76.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\AngryBirds[1].db
         77.1s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\1440_900[2].jpg
         77.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\bigfarm[1].ico
         77.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\1440_900[3].jpg
         77.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMATGQMO\1440_900[3].jpg
         78.9s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\1440_900[1].jpg
         79.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\1440_900[2].jpg
         79.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
         79.6s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
         80.0s C:\Windows\Prefetch\UP2519.EXE-97C957C7.pf
         80.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_538D903C0A81D46E90DBA469E6311D92
         80.3s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_538D903C0A81D46E90DBA469E6311D92
         80.4s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82WD8J9F\BigFarm[1].db
         80.8s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\empire[1].ico
         82.0s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\1440_900[3].jpg
         82.5s C:\Users\bong\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V39NH6BT\Empire[1].db


Potential Unwanted Programs _________________________________________________

   C:\ProgramData\Babylon\ (Babylon)
   C:\Users\bong\AppData\Local\Babylon\ (Babylon)
   C:\Users\bong\AppData\Local\Babylon\Setup\ (Babylon)
   C:\Users\bong\AppData\Local\Babylon\Setup\bab149.spreg.zpb (Babylon)
   C:\Users\bong\AppData\Local\Babylon\Setup\latest_tb.zpb (Babylon)
   C:\Users\bong\AppData\Local\Babylon\Setup\Setup-deltatb.zpb (Babylon)
   C:\Users\bong\AppData\Roaming\Babylon\ (Babylon)
   C:\Users\bong\AppData\Roaming\Babylon\log_file.txt (Babylon)
   HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
   HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search)
   HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon)
   HKU\S-1-5-21-1864449660-13589033-3980891257-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ (Babylon)

Cookies _____________________________________________________________________

   C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\AGVQXHWB.txt
   C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\JZAKHFR7.txt
   C:\Users\bong\AppData\Roaming\Microsoft\Windows\Cookies\PZH3SPO1.txt
   C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\cookies.sqlite:ad.360yield.com
   C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\cookies.sqlite:advertising.com
   C:\Users\bong\AppData\Roaming\Mozilla\Firefox\Profiles\g1n15s23.default\cookies.sqlite:casalemedia.com
Nach einem weiteren Check mit Malwarebytes hat dieses aber keine Malware gefunden...dabei ist Spyhunter ja noch auf meinem Rechner.
Wer kann mir helfen? --> Ist mir noch zu helfen???!?

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
bong :: BONG-PC [Administrator]

Schutz: Aktiviert

04.07.2013 10:00:37
mbam-log-2013-07-04 (10-00-37).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 212143
Laufzeit: 2 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Vielen dank schon einmal im Voraus!!!!

 

Themen zu QV 06 und Spyhunter 4 auf meinem Rechner...
administrator, adware.yontoo!ik, anschluss, computer, coupons, crypt, entfernen, explorer, forensic, hintergrund, internet explorer, java/exploit.agent.oqx, malware / spyware, malwarebytes, microsoft, pricora, programm, qv06 / spyhunter 4, software, spyhunter, spyhunter entfernen, system, system32, tarma, traces, webcake, webcake entfernen, windows, wrapper


« bizcoaching.info | 'PHP/WebShell.A.80' »


Ähnliche Themen: QV 06 und Spyhunter 4 auf meinem Rechner...


  1. PROBLEME mit Spyhunter und mystart! Wie bekomme ich Spyhunter wieder weg?
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (13)
  2. Mit Spyhunter 47 Bedrohungen gefunden, Spyhunter wurde aber wieder deinstalliert.
    Log-Analyse und Auswertung - 25.10.2013 (9)
  3. BKA Trojaner auf meinem Rechner
    Log-Analyse und Auswertung - 27.09.2013 (3)
  4. Rechner mit Spyhunter 4 infiziert
    Plagegeister aller Art und deren Bekämpfung - 04.06.2013 (34)
  5. Trojaner TR/Sirefef.BC.57, TR/Sirefef.AG.9, TR/ATRAPS.Gen2, TR/Necurs.A.71 und SpyHunter 4 auf Rechner
    Log-Analyse und Auswertung - 07.05.2013 (7)
  6. Spyhunter 4 auf dem Rechner
    Log-Analyse und Auswertung - 02.05.2013 (1)
  7. GVU Trojaner auf meinem Rechner
    Log-Analyse und Auswertung - 11.04.2013 (13)
  8. Trojaner auf meinem Laptop (serialcodes_net[1].htm) + SpyHunter 4
    Plagegeister aller Art und deren Bekämpfung - 15.03.2013 (29)
  9. Schädlinge auf meinem Rechner.
    Plagegeister aller Art und deren Bekämpfung - 20.12.2012 (31)
  10. Incredibar auf meinem Rechner...was tun!
    Log-Analyse und Auswertung - 23.07.2012 (1)
  11. TR/Sirefef.BV.2 auf meinem Rechner
    Log-Analyse und Auswertung - 29.03.2012 (8)
  12. XP REchner: kann nicht erkennen, ob ich immer noch Trojaner auf meinem Rechner habe
    Plagegeister aller Art und deren Bekämpfung - 13.09.2011 (43)
  13. 'TR/Dropper.Gen' auf meinem Rechner.
    Plagegeister aller Art und deren Bekämpfung - 27.08.2009 (5)
  14. Silentbanker auf meinem Rechner
    Log-Analyse und Auswertung - 03.12.2008 (2)
  15. Was hab ich auf meinem Rechner?
    Plagegeister aller Art und deren Bekämpfung - 15.10.2008 (2)
  16. Was ist faul auf meinem Rechner?
    Log-Analyse und Auswertung - 13.10.2005 (1)
  17. Was ist nur los mit meinem Rechner???
    Log-Analyse und Auswertung - 16.01.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema QV 06 und Spyhunter 4 auf meinem Rechner... - Moin zusammen, Ihr könntet meine Rettung sein...in schlafduseliger dämlichkeit lade ich mir gestern Abend einen angeblich sauberen Kartensatz Seekarten runter mit einem Programm namens FT Downloader....und fange mir QV06 ein...im - QV 06 und Spyhunter 4 auf meinem Rechner......
Archiv
Du betrachtest: QV 06 und Spyhunter 4 auf meinem Rechner... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131