| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ist loadtbs-2.1 ein Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.08.2013, 22:10
| #46 |
 |  Ist loadtbs-2.1 ein Virus?Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-08-2013 02
Ran by Jesslette at 2013-08-12 22:58:38 Run:1
Running from C:\Users\Jesslette\Downloads
Boot Mode: Normal
==============================================
"C:\ProgramData\????0" directory move:
Could not move "C:\ProgramData\????0" directory. => Scheduled to move on reboot.
"C:\ProgramData\?e?e?????????????????????????" => File/Directory not found.
"C:\ProgramData\?ä?ä?????????????????????????" directory move:
Could not move "C:\ProgramData\?ä?ä?????????????????????????" directory. => Scheduled to move on reboot.
"C:\ProgramData\?E?E?????????????????????????" => File/Directory not found.
"C:\ProgramData\?,?,?????????????????????????" directory move:
Could not move "C:\ProgramData\?,?,?????????????????????????" directory. => Scheduled to move on reboot.
"C:\ProgramData\?U?U?????????????????????????" => File/Directory not found.
"C:\ProgramData\?C?C?????????????????????????" => File/Directory not found.
"C:\ProgramData\?o?o?????????????????????????" => File/Directory not found.
"C:\ProgramData\?=?=?????????????????????????" directory move:
Could not move "C:\ProgramData\?=?=?????????????????????????" directory. => Scheduled to move on reboot.
"C:\ProgramData\?R?R?????????????????????????" => File/Directory not found.
"C:\ProgramData\?????????????????????????????" directory move:
Could not move "C:\ProgramData\?????????????????????????????" directory. => Scheduled to move on reboot.
"C:\ProgramData\?‘?‘?????????????????????????" => File/Directory not found.
"C:\ProgramData\?I?I?????????????????????????" => File/Directory not found.
"C:\ProgramData\?o?o?????????????????????????" => File/Directory not found.
"C:\ProgramData\?A?A?????????????????????????" directory move:
Could not move "C:\ProgramData\?A?A?????????????????????????" directory. => Scheduled to move on reboot.
"C:\ProgramData\?????????????????????????????" directory move:
Could not move "C:\ProgramData\?????????????????????????????" directory. => Scheduled to move on reboot.
C:\Program Files\Plus-HD-1.6 => Moved successfully.
"C:\ProgramData\?????????????????????????????" directory move:
Could not move "C:\ProgramData\?????????????????????????????" directory. => Scheduled to move on reboot.
=========== Result of Scheduled Files to move ===========
"C:\ProgramData\????0" => Directory could not move.
"C:\ProgramData\?ä?ä?????????????????????????" => Directory could not move.
"C:\ProgramData\?,?,?????????????????????????" => Directory could not move.
"C:\ProgramData\?=?=?????????????????????????" => Directory could not move.
"C:\ProgramData\?????????????????????????????" => Directory could not move.
"C:\ProgramData\?A?A?????????????????????????" => Directory could not move.
"C:\ProgramData\?????????????????????????????" => Directory could not move.
"C:\ProgramData\?????????????????????????????" => Directory could not move.
==== End of Fixlog ====
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013 02
Ran by Jesslette (administrator) on 12-08-2013 23:05:37
Running from C:\Users\Jesslette\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(ATK0100) C:\Program Files\ATK Hotkey\Hcontrol.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Spotify Ltd) C:\Users\Jesslette\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Jesslette\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Farbar) C:\Users\Jesslette\Downloads\FRST (3).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [ASUSTPE] - C:\Windows\system32\ASUSTPE.exe [106496 2007-10-12] (ASUS)
HKLM\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtADYATgBBAFIAUwAtADYAUgBXAEcAQQAtAEEASwBEAFUANwAtAFYAWAAzADcATQA"&"inst=NwA3AC0ANwAxADAAMwA5ADMAOQA2ADAALQBGAEwAKwA5AC0AWABPADkAKwAxAC0AWABPADMANgArADEALQBEAEQAVAArADMAMAA0ADIAOQAtAFMAVAA5ADAARgBBAFAAUAArADEALQBEAEQAOQAwAEYAKwAxAC0AUwA5ADAARgBEAEQARgArADEALQBGADkAMABUAEIAKwAyAC0ARgA5ADAATQAxADIAUgArADEALQBWAEkAUAAxADIAKwAxAC0AVABMACsAMQA"&"prod=90"&"ver=9.0.894 [x]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Jesslette\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-08-06] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Jesslette\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-06] (Spotify Ltd)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
ProxyServer: 192.168.100.1:800
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKCU -No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF Extension: Speed Analysis 2 - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Zula Games - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [zulagames@ZulaGames.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: Zula Games - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF HKLM\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF HKCU\...\Firefox\Extensions: [goobar@gootoolbar.com] C:\Users\Jesslette\AppData\Roaming\GooToolBar\GooToolBar Installer\1.0.0.0
FF HKCU\...\Firefox\Extensions: [zulagames@ZulaGames.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: Zula Games - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
Chrome:
=======
CHR Extension: () - C:\Users\JESSLE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5
CHR Extension: () - C:\Users\JESSLE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.3
CHR HKLM\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Jesslette\AppData\Roaming\zulagames\zulagames.crx
CHR HKLM\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Jesslette\AppData\Roaming\PlusWinks\PlusWinks.crx
========================== Services (Whitelisted) =================
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-09-13] (Google)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-09-06] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software)
==================== Drivers (Whitelisted) ====================
R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [29752 2007-08-11] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-04-07] (Generic)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-09-28] ()
S3 catchme; \??\C:\Users\JESSLE~1\AppData\Local\Temp\catchme.sys [x]
U2 ccEvtMgr;
U2 ccSetMgr;
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U3 navapsvc;
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
U3 SAVRT;
U1 SAVRTPEL;
U3 TlntSvr;
S3 vpnva; system32\DRIVERS\vpnva.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-12 22:55 - 2013-08-12 22:56 - 00001751 _____ C:\Users\Jesslette\Desktop\fixlist.txt
2013-08-11 20:49 - 2013-08-11 20:49 - 00891098 _____ C:\Users\Jesslette\Downloads\SecurityCheck (1).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (2).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (1).exe
2013-08-09 00:34 - 2013-08-09 00:34 - 01230104 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (3).exe
2013-08-09 00:27 - 2013-08-09 00:27 - 00001661 _____ C:\Users\Jesslette\Desktop\JRT.txt
2013-08-09 00:15 - 2013-08-09 00:15 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Jesslette\Downloads\JRT (1).exe
2013-08-09 00:09 - 2013-08-09 00:09 - 00020956 _____ C:\Windows\PFRO.log
2013-08-09 00:07 - 2013-08-09 00:07 - 00003293 _____ C:\AdwCleaner[S3].txt
2013-08-08 23:42 - 2013-08-08 23:42 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (2).exe
2013-08-08 23:06 - 2013-08-08 23:06 - 00000913 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 23:06 - 2013-08-08 23:06 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 23:06 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-08 23:03 - 2013-08-08 23:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jesslette\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner.exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (1).exe
2013-08-08 16:37 - 2013-08-08 16:38 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (2).exe
2013-08-08 16:34 - 2013-08-08 16:34 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (1).exe
2013-08-06 15:18 - 2013-08-12 22:49 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Spotify
2013-08-06 15:17 - 2013-08-12 23:05 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Spotify
2013-08-06 15:17 - 2013-08-06 15:17 - 00001781 _____ C:\Users\Jesslette\Desktop\Spotify.lnk
2013-08-06 15:17 - 2013-08-06 15:17 - 00001767 _____ C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-08-06 15:16 - 2013-08-06 15:16 - 00092776 _____ (Spotify Ltd) C:\Users\Jesslette\Downloads\SpotifySetup.exe
2013-08-05 13:22 - 2013-08-05 13:22 - 00000000 ____D C:\ProgramData\䕐Ʊ䈀Ʊ0
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (4).exe
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (3).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup.exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (2).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (1).exe
2013-08-04 16:36 - 2013-08-04 16:36 - 00001733 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-04 16:36 - 2013-08-04 16:36 - 00000000 ____D C:\Program Files\QuickTime
2013-08-01 09:05 - 2013-08-01 09:05 - 00000000 ____D C:\ProgramData\䘀ę䏀ę浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-29 22:26 - 2013-07-29 22:26 - 00000000 ____D C:\ProgramData\䘀ä䏀ä浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-28 20:21 - 2013-07-28 20:21 - 00000000 ____D C:\ProgramData\䘀Ĕ䏀Ĕ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-27 10:57 - 2013-07-27 10:57 - 00000000 ____D C:\ProgramData\䘀,䏀,浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-26 01:29 - 2013-07-26 01:29 - 00000000 ____D C:\ProgramData\䘀Ǘ䏀Ǘ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-25 13:21 - 2013-07-25 13:21 - 00000000 ____D C:\ProgramData\䘀Ċ䏀Ċ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-25 09:18 - 2013-07-25 09:22 - 00000000 ____D C:\Windows\system32\MRT
2013-07-25 09:14 - 2013-07-25 09:14 - 00000000 ____D C:\ProgramData\䘀ő䏀ő浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-24 19:39 - 2013-07-24 19:39 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-24 19:25 - 2013-07-24 19:25 - 00000000 ____D C:\ProgramData\䘀=䏀=浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-23 14:26 - 2013-07-23 14:26 - 00000000 ____D C:\ProgramData\䘀Ŗ䏀Ŗ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-23 01:29 - 2013-07-23 01:29 - 00000000 ____D C:\ProgramData\䘀Lj䏀Lj浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-21 22:55 - 2013-07-21 22:55 - 00000000 ____D C:\ProgramData\䘀‘䏀‘浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-21 22:50 - 2013-07-21 22:50 - 00448512 _____ (OldTimer Tools) C:\Users\Jesslette\Downloads\TFC (1).exe
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Opera Software
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Opera Software
2013-07-19 13:05 - 2013-07-19 13:05 - 00000804 _____ C:\Users\Public\Desktop\Opera.lnk
2013-07-19 13:05 - 2013-07-19 13:05 - 00000000 ____D C:\Program Files\Opera
2013-07-19 12:23 - 2013-07-19 12:23 - 00072466 _____ C:\Users\Jesslette\Desktop\bookmarks-2013-07-19.json
2013-07-19 10:18 - 2013-07-19 10:18 - 00000000 ____D C:\ProgramData\䘀Ǐ䏀Ǐ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-18 19:26 - 2013-07-18 19:26 - 00000000 ____D C:\Users\Jesslette\Downloads\Three Days
2013-07-18 19:06 - 2013-07-18 19:08 - 115010318 _____ C:\Users\Jesslette\Downloads\Three Days.zip
2013-07-17 01:24 - 2013-07-17 01:24 - 01218600 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST(1).exe
2013-07-16 15:04 - 2013-07-16 15:04 - 00559035 _____ (Oleg N. Scherbakov) C:\Users\Jesslette\Downloads\JRT.exe
2013-07-16 14:48 - 2013-07-16 14:48 - 00009926 _____ C:\AdwCleaner[S2].txt
2013-07-16 13:19 - 2013-07-16 13:19 - 00000000 ____D C:\Users\Jesslette\Downloads\__MACOSX
2013-07-16 13:18 - 2013-07-16 13:18 - 00000000 ____D C:\Users\Jesslette\Downloads\A Different Kind Of Buzz
2013-07-16 13:18 - 2013-04-26 15:44 - 00000000 ____D C:\Users\Jesslette\Downloads\Tina
2013-07-16 13:17 - 2013-07-16 13:17 - 114252960 _____ C:\Users\Jesslette\Downloads\A Different Kind Of Buzz.zip.zip
2013-07-16 13:15 - 2013-07-16 13:53 - 01336148 _____ C:\Users\Jesslette\Downloads\howtoholdontosomething.zip
2013-07-16 13:13 - 2013-07-16 13:34 - 01115407 _____ C:\Users\Jesslette\Downloads\A Different Kind Of Buzz.zip
2013-07-16 12:42 - 2013-07-16 12:42 - 01218590 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST(3).exe
2013-07-16 11:49 - 2013-07-16 11:49 - 00000000 ____D C:\ProgramData\䘀ơ䏀ơ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-16 01:00 - 2013-07-16 01:00 - 00000000 ____D C:\ProgramData\䘀A䏀A浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-15 02:12 - 2013-07-15 02:12 - 00000000 ____D C:\ProgramData\䘀ǹ䏀ǹ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-14 14:41 - 2013-07-14 14:41 - 00000000 ____D C:\ProgramData\䘀ǝ䏀ǝ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-14 14:06 - 2013-07-14 14:06 - 00448512 _____ (OldTimer Tools) C:\Users\Jesslette\Downloads\TFC.exe
2013-07-14 14:03 - 2013-07-14 14:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-14 12:25 - 2013-07-14 12:25 - 00000000 ____D C:\Users\Jesslette\Desktop\ogsy aktuell
2013-07-14 12:25 - 2013-07-14 12:25 - 00000000 ____D C:\Users\Jesslette\Desktop\bewerbung
2013-07-14 12:24 - 2013-07-14 12:25 - 00000000 ____D C:\Users\Jesslette\Desktop\RE
2013-07-14 12:23 - 2013-07-14 12:23 - 00000104 _____ C:\Users\Jesslette\Desktop\Papierkorb - Verknüpfung.lnk
2013-07-14 10:26 - 2013-07-14 10:26 - 00890988 _____ C:\Users\Jesslette\Downloads\SecurityCheck.exe
2013-07-13 10:37 - 2013-07-13 10:37 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu.exe
==================== One Month Modified Files and Folders =======
2013-08-12 23:05 - 2013-08-06 15:17 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Spotify
2013-08-12 23:04 - 2013-07-09 18:21 - 00000000 ____D C:\FRST
2013-08-12 23:01 - 2012-04-04 22:20 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-12 23:01 - 2009-03-14 05:05 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-08-12 23:00 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-12 23:00 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-12 23:00 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-12 22:59 - 2010-02-14 22:44 - 01198214 _____ C:\Windows\WindowsUpdate.log
2013-08-12 22:59 - 2006-11-02 15:01 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-12 22:56 - 2013-08-12 22:55 - 00001751 _____ C:\Users\Jesslette\Desktop\fixlist.txt
2013-08-12 22:49 - 2013-08-06 15:18 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Spotify
2013-08-11 23:10 - 2012-04-14 11:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-11 22:38 - 2012-04-04 22:20 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-11 20:49 - 2013-08-11 20:49 - 00891098 _____ C:\Users\Jesslette\Downloads\SecurityCheck (1).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (2).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (1).exe
2013-08-10 12:09 - 2006-11-02 12:33 - 01475254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-09 00:34 - 2013-08-09 00:34 - 01230104 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (3).exe
2013-08-09 00:27 - 2013-08-09 00:27 - 00001661 _____ C:\Users\Jesslette\Desktop\JRT.txt
2013-08-09 00:15 - 2013-08-09 00:15 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Jesslette\Downloads\JRT (1).exe
2013-08-09 00:09 - 2013-08-09 00:09 - 00020956 _____ C:\Windows\PFRO.log
2013-08-09 00:09 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Provisioning
2013-08-09 00:07 - 2013-08-09 00:07 - 00003293 _____ C:\AdwCleaner[S3].txt
2013-08-09 00:07 - 2013-07-11 09:41 - 00000326 _____ C:\Windows\DeleteOnReboot.bat
2013-08-08 23:42 - 2013-08-08 23:42 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (2).exe
2013-08-08 23:06 - 2013-08-08 23:06 - 00000913 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 23:06 - 2013-08-08 23:06 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 23:04 - 2013-08-08 23:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jesslette\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner.exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (1).exe
2013-08-08 16:38 - 2013-08-08 16:37 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (2).exe
2013-08-08 16:34 - 2013-08-08 16:34 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (1).exe
2013-08-06 15:17 - 2013-08-06 15:17 - 00001781 _____ C:\Users\Jesslette\Desktop\Spotify.lnk
2013-08-06 15:17 - 2013-08-06 15:17 - 00001767 _____ C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-08-06 15:16 - 2013-08-06 15:16 - 00092776 _____ (Spotify Ltd) C:\Users\Jesslette\Downloads\SpotifySetup.exe
2013-08-05 13:22 - 2013-08-05 13:22 - 00000000 ____D C:\ProgramData\䕐Ʊ䈀Ʊ0
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (4).exe
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (3).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup.exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (2).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (1).exe
2013-08-04 16:36 - 2013-08-04 16:36 - 00001733 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-04 16:36 - 2013-08-04 16:36 - 00000000 ____D C:\Program Files\QuickTime
2013-08-04 16:36 - 2009-07-01 12:42 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-01 09:05 - 2013-08-01 09:05 - 00000000 ____D C:\ProgramData\䘀ę䏀ę浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-29 22:26 - 2013-07-29 22:26 - 00000000 ____D C:\ProgramData\䘀ä䏀ä浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-28 20:21 - 2013-07-28 20:21 - 00000000 ____D C:\ProgramData\䘀Ĕ䏀Ĕ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-27 10:57 - 2013-07-27 10:57 - 00000000 ____D C:\ProgramData\䘀,䏀,浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-26 01:29 - 2013-07-26 01:29 - 00000000 ____D C:\ProgramData\䘀Ǘ䏀Ǘ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-25 13:21 - 2013-07-25 13:21 - 00000000 ____D C:\ProgramData\䘀Ċ䏀Ċ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-25 09:22 - 2013-07-25 09:18 - 00000000 ____D C:\Windows\system32\MRT
2013-07-25 09:14 - 2013-07-25 09:14 - 00000000 ____D C:\ProgramData\䘀ő䏀ő浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-24 19:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-24 19:39 - 2013-07-24 19:39 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-24 19:39 - 2012-06-16 18:25 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-24 19:39 - 2012-06-16 18:25 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-24 19:25 - 2013-07-24 19:25 - 00000000 ____D C:\ProgramData\䘀=䏀=浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-23 14:26 - 2013-07-23 14:26 - 00000000 ____D C:\ProgramData\䘀Ŗ䏀Ŗ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-23 01:29 - 2013-07-23 01:29 - 00000000 ____D C:\ProgramData\䘀Lj䏀Lj浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-21 22:55 - 2013-07-21 22:55 - 00000000 ____D C:\ProgramData\䘀‘䏀‘浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-21 22:50 - 2013-07-21 22:50 - 00448512 _____ (OldTimer Tools) C:\Users\Jesslette\Downloads\TFC (1).exe
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Opera Software
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Opera Software
2013-07-19 13:05 - 2013-07-19 13:05 - 00000804 _____ C:\Users\Public\Desktop\Opera.lnk
2013-07-19 13:05 - 2013-07-19 13:05 - 00000000 ____D C:\Program Files\Opera
2013-07-19 12:52 - 2009-05-29 12:46 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Mozilla
2013-07-19 12:26 - 2013-07-06 01:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-19 12:23 - 2013-07-19 12:23 - 00072466 _____ C:\Users\Jesslette\Desktop\bookmarks-2013-07-19.json
2013-07-19 10:18 - 2013-07-19 10:18 - 00000000 ____D C:\ProgramData\䘀Ǐ䏀Ǐ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-18 21:48 - 2009-08-15 20:39 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\vlc
2013-07-18 19:26 - 2013-07-18 19:26 - 00000000 ____D C:\Users\Jesslette\Downloads\Three Days
2013-07-18 19:08 - 2013-07-18 19:06 - 115010318 _____ C:\Users\Jesslette\Downloads\Three Days.zip
2013-07-17 01:24 - 2013-07-17 01:24 - 01218600 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST(1).exe
2013-07-16 15:04 - 2013-07-16 15:04 - 00559035 _____ (Oleg N. Scherbakov) C:\Users\Jesslette\Downloads\JRT.exe
2013-07-16 14:48 - 2013-07-16 14:48 - 00009926 _____ C:\AdwCleaner[S2].txt
2013-07-16 13:53 - 2013-07-16 13:15 - 01336148 _____ C:\Users\Jesslette\Downloads\howtoholdontosomething.zip
2013-07-16 13:34 - 2013-07-16 13:13 - 01115407 _____ C:\Users\Jesslette\Downloads\A Different Kind Of Buzz.zip
2013-07-16 13:19 - 2013-07-16 13:19 - 00000000 ____D C:\Users\Jesslette\Downloads\__MACOSX
2013-07-16 13:18 - 2013-07-16 13:18 - 00000000 ____D C:\Users\Jesslette\Downloads\A Different Kind Of Buzz
2013-07-16 13:17 - 2013-07-16 13:17 - 114252960 _____ C:\Users\Jesslette\Downloads\A Different Kind Of Buzz.zip.zip
2013-07-16 12:42 - 2013-07-16 12:42 - 01218590 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST(3).exe
2013-07-16 11:49 - 2013-07-16 11:49 - 00000000 ____D C:\ProgramData\䘀ơ䏀ơ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-16 01:00 - 2013-07-16 01:00 - 00000000 ____D C:\ProgramData\䘀A䏀A浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-15 02:12 - 2013-07-15 02:12 - 00000000 ____D C:\ProgramData\䘀ǹ䏀ǹ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-14 14:41 - 2013-07-14 14:41 - 00000000 ____D C:\ProgramData\䘀ǝ䏀ǝ浡䘠汩獥䵜䅣敦敓畣楲祴匠慣屮⸳⸰ㄳ尸瑦潣普杩椮楮
2013-07-14 14:06 - 2013-07-14 14:06 - 00448512 _____ (OldTimer Tools) C:\Users\Jesslette\Downloads\TFC.exe
2013-07-14 14:05 - 2009-05-29 12:22 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Adobe
2013-07-14 14:03 - 2013-07-14 14:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-14 14:03 - 2009-07-17 07:51 - 00000000 ____D C:\Program Files\Adobe
2013-07-14 14:03 - 2009-05-29 12:21 - 00000000 ____D C:\ProgramData\Adobe
2013-07-14 12:25 - 2013-07-14 12:25 - 00000000 ____D C:\Users\Jesslette\Desktop\ogsy aktuell
2013-07-14 12:25 - 2013-07-14 12:25 - 00000000 ____D C:\Users\Jesslette\Desktop\bewerbung
2013-07-14 12:25 - 2013-07-14 12:24 - 00000000 ____D C:\Users\Jesslette\Desktop\RE
2013-07-14 12:23 - 2013-07-14 12:23 - 00000104 _____ C:\Users\Jesslette\Desktop\Papierkorb - Verknüpfung.lnk
2013-07-14 10:26 - 2013-07-14 10:26 - 00890988 _____ C:\Users\Jesslette\Downloads\SecurityCheck.exe
2013-07-13 10:37 - 2013-07-13 10:37 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu.exe
2013-07-13 10:25 - 2006-11-02 14:47 - 00372120 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 10:22 - 2009-05-29 12:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 10:22 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-12 23:07
==================== End Of Log ============================
--- --- --- --- --- --- und bin ich nun geheilt? |
|
13.08.2013, 11:46
| #47 |
| /// the machine /// TB-Ausbilder    | Ist loadtbs-2.1 ein Virus? Geh mal bitte im Windows Explorer zu C:\ProgramData und mach mir nen Screenshot von dem was Du dann siehst an Ordnern.
__________________
__________________ |
|
16.08.2013, 09:19
| #48 |
| | Ist loadtbs-2.1 ein Virus? hier die screenshots
__________________ |
|
16.08.2013, 16:05
| #49 |
| /// the machine /// TB-Ausbilder | Ist loadtbs-2.1 ein Virus? Kannste den ganzen china-KRam von Hand löschen und den Papierkorb leeren?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2013, 16:21
| #50 |
| | Ist loadtbs-2.1 ein Virus? ja geht und schon erledigt!!! |
|
16.08.2013, 16:58
| #51 |
| /// the machine /// TB-Ausbilder | Ist loadtbs-2.1 ein Virus? Dann ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Ist loadtbs-2.1 ein Virus? |
|
17.08.2013, 02:56
| #52 |
| | Ist loadtbs-2.1 ein Virus?FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013 (ATTENTION: ====> FRST version is 9 days old and could be outdated)
Ran by Jesslette (administrator) on 17-08-2013 03:54:06
Running from C:\Users\Jesslette\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Spotify Ltd) C:\Users\Jesslette\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
() C:\Program Files\Opera\15.0.1147.148\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Opera Software) C:\Program Files\Opera\15.0.1147.148\opera.exe
(Farbar) C:\Users\Jesslette\Downloads\FRST (2).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [HControlUser] - C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [ASUSTPE] - C:\Windows\system32\ASUSTPE.exe [106496 2007-10-12] (ASUS)
HKLM\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtADYATgBBAFIAUwAtADYAUgBXAEcAQQAtAEEASwBEAFUANwAtAFYAWAAzADcATQA"&"inst=NwA3AC0ANwAxADAAMwA5ADMAOQA2ADAALQBGAEwAKwA5AC0AWABPADkAKwAxAC0AWABPADMANgArADEALQBEAEQAVAArADMAMAA0ADIAOQAtAFMAVAA5ADAARgBBAFAAUAArADEALQBEAEQAOQAwAEYAKwAxAC0AUwA5ADAARgBEAEQARgArADEALQBGADkAMABUAEIAKwAyAC0ARgA5ADAATQAxADIAUgArADEALQBWAEkAUAAxADIAKwAxAC0AVABMACsAMQA"&"prod=90"&"ver=9.0.894 [x]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Jesslette\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-08-06] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Jesslette\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-06] (Spotify Ltd)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jesslette\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
ProxyServer: 192.168.100.1:800
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKCU -No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF Extension: Speed Analysis 2 - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Zula Games - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [zulagames@ZulaGames.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: Zula Games - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF HKLM\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF HKCU\...\Firefox\Extensions: [goobar@gootoolbar.com] C:\Users\Jesslette\AppData\Roaming\GooToolBar\GooToolBar Installer\1.0.0.0
FF HKCU\...\Firefox\Extensions: [zulagames@ZulaGames.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: Zula Games - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\Jesslette\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=485800224383ADAF
CHR DefaultSuggestURL: (Delta Search) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\JESSLE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\JESSLE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\JESSLE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Jesslette\AppData\Roaming\zulagames\zulagames.crx
CHR HKLM\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Jesslette\AppData\Roaming\PlusWinks\PlusWinks.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-09-13] (Google)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-09-06] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software)
==================== Drivers (Whitelisted) ====================
R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [29752 2007-08-11] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-04-07] (Generic)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-09-28] ()
S3 catchme; \??\C:\Users\JESSLE~1\AppData\Local\Temp\catchme.sys [x]
U2 ccEvtMgr;
U2 ccSetMgr;
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U3 navapsvc;
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
U3 SAVRT;
U1 SAVRTPEL;
U3 TlntSvr;
S3 vpnva; system32\DRIVERS\vpnva.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-16 15:16 - 2013-08-16 15:16 - 00139886 _____ C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift.zip
2013-08-16 11:12 - 2013-08-16 11:12 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YOU DON'T KNOW JACK®
2013-08-16 11:12 - 2013-08-16 11:12 - 00000000 ____D C:\Program Files\YDKJ
2013-08-15 21:29 - 2013-08-15 21:29 - 00000000 ____D C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift (10)
2013-08-15 21:29 - 2013-08-15 21:29 - 00000000 ____D C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c
2013-08-15 21:25 - 2013-08-15 21:25 - 00139886 _____ C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift (10).zip
2013-08-15 20:58 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-15 20:58 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 20:57 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 20:56 - 2013-07-24 02:32 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 20:55 - 2013-07-24 02:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 20:55 - 2013-07-24 02:33 - 00916480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 20:55 - 2013-07-24 02:33 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-08-15 20:55 - 2013-07-24 02:33 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-15 20:55 - 2013-07-24 02:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 06016512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 20:55 - 2013-07-24 02:32 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-15 20:55 - 2013-07-24 02:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 20:55 - 2013-07-24 01:56 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-15 20:55 - 2013-07-24 01:49 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 20:55 - 2013-07-24 01:49 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 20:55 - 2013-07-24 01:49 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 20:55 - 2013-07-24 01:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-15 20:55 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 20:54 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 20:54 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 20:54 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 20:54 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 20:53 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 20:53 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 20:53 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 20:53 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 20:33 - 2013-08-15 20:33 - 00139886 _____ C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift (9).zip
2013-08-15 20:33 - 2013-08-15 20:33 - 00000000 ____D C:\Program Files\7-Zip
2013-08-15 20:32 - 2013-08-15 20:32 - 01110476 _____ C:\Users\Jesslette\Downloads\7z920 (2).exe
2013-08-15 20:32 - 2013-08-15 20:32 - 01110476 _____ C:\Users\Jesslette\Downloads\7z920 (1).exe
2013-08-12 22:55 - 2013-08-12 22:56 - 00001751 _____ C:\Users\Jesslette\Desktop\fixlist.txt
2013-08-11 20:49 - 2013-08-11 20:49 - 00891098 _____ C:\Users\Jesslette\Downloads\SecurityCheck (1).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (2).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (1).exe
2013-08-09 00:34 - 2013-08-09 00:34 - 01230104 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (3).exe
2013-08-09 00:15 - 2013-08-09 00:15 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Jesslette\Downloads\JRT (1).exe
2013-08-09 00:09 - 2013-08-09 00:09 - 00020956 _____ C:\Windows\PFRO.log
2013-08-09 00:07 - 2013-08-09 00:07 - 00003293 _____ C:\AdwCleaner[S3].txt
2013-08-08 23:42 - 2013-08-08 23:42 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (2).exe
2013-08-08 23:03 - 2013-08-08 23:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jesslette\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner.exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (1).exe
2013-08-08 16:37 - 2013-08-08 16:38 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (2).exe
2013-08-08 16:34 - 2013-08-08 16:34 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (1).exe
2013-08-06 15:18 - 2013-08-12 22:49 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Spotify
2013-08-06 15:17 - 2013-08-16 08:22 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Spotify
2013-08-06 15:17 - 2013-08-06 15:17 - 00001781 _____ C:\Users\Jesslette\Desktop\Spotify.lnk
2013-08-06 15:17 - 2013-08-06 15:17 - 00001767 _____ C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-08-06 15:16 - 2013-08-06 15:16 - 00092776 _____ (Spotify Ltd) C:\Users\Jesslette\Downloads\SpotifySetup.exe
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (4).exe
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (3).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup.exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (2).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (1).exe
2013-08-04 16:36 - 2013-08-04 16:36 - 00000000 ____D C:\Program Files\QuickTime
2013-07-25 09:18 - 2013-08-15 23:08 - 00000000 ____D C:\Windows\system32\MRT
2013-07-24 19:39 - 2013-07-24 19:39 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-21 22:50 - 2013-07-21 22:50 - 00448512 _____ (OldTimer Tools) C:\Users\Jesslette\Downloads\TFC (1).exe
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Opera Software
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Opera Software
2013-07-19 13:05 - 2013-07-19 13:05 - 00000804 _____ C:\Users\Public\Desktop\Opera.lnk
2013-07-19 13:05 - 2013-07-19 13:05 - 00000000 ____D C:\Program Files\Opera
2013-07-18 19:26 - 2013-07-18 19:26 - 00000000 ____D C:\Users\Jesslette\Downloads\Three Days
2013-07-18 19:06 - 2013-07-18 19:08 - 115010318 _____ C:\Users\Jesslette\Downloads\Three Days.zip
100
==================== One Month Modified Files and Folders =======
2013-08-17 03:43 - 2012-04-14 11:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-17 03:43 - 2012-04-04 22:20 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-17 03:43 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-17 03:43 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-16 15:17 - 2013-08-16 15:17 - 00000000 ____D C:\Users\Jesslette\Desktop\Jessica adam c
2013-08-16 15:16 - 2013-08-16 15:16 - 00139886 _____ C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift.zip
2013-08-16 15:13 - 2010-02-14 22:44 - 01504620 _____ C:\Windows\WindowsUpdate.log
2013-08-16 14:10 - 2012-04-14 11:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-16 14:10 - 2011-08-04 16:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-16 14:10 - 2009-05-29 12:22 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Adobe
2013-08-16 11:12 - 2013-08-16 11:12 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YOU DON'T KNOW JACK®
2013-08-16 11:12 - 2013-08-16 11:12 - 00000000 ____D C:\Program Files\YDKJ
2013-08-16 10:38 - 2012-04-04 22:20 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-16 08:53 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 08:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-16 08:29 - 2009-03-14 03:48 - 00000000 ____D C:\Program Files\Google
2013-08-16 08:22 - 2013-08-06 15:17 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Spotify
2013-08-16 08:21 - 2012-06-06 12:18 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Dropbox
2013-08-16 08:20 - 2013-04-22 23:33 - 00000000 ___RD C:\Users\Jesslette\Dropbox
2013-08-16 08:16 - 2009-03-14 05:05 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-08-16 08:16 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-16 08:13 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-15 23:08 - 2013-07-25 09:18 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 23:08 - 2006-11-02 15:01 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-15 23:04 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-15 23:01 - 2009-03-14 02:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 22:51 - 2006-11-02 12:33 - 01499358 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 21:29 - 2013-08-15 21:29 - 00000000 ____D C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift (10)
2013-08-15 21:29 - 2013-08-15 21:29 - 00000000 ____D C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c
2013-08-15 21:25 - 2013-08-15 21:25 - 00139886 _____ C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift (10).zip
2013-08-15 20:33 - 2013-08-15 20:33 - 00139886 _____ C:\Users\Jesslette\Downloads\14.08.2013 Jessica adam c-o Büttner stornierte Kontolastschrift (9).zip
2013-08-15 20:33 - 2013-08-15 20:33 - 00000000 ____D C:\Program Files\7-Zip
2013-08-15 20:32 - 2013-08-15 20:32 - 01110476 _____ C:\Users\Jesslette\Downloads\7z920 (2).exe
2013-08-15 20:32 - 2013-08-15 20:32 - 01110476 _____ C:\Users\Jesslette\Downloads\7z920 (1).exe
2013-08-12 23:04 - 2013-07-09 18:21 - 00000000 ____D C:\FRST
2013-08-12 22:56 - 2013-08-12 22:55 - 00001751 _____ C:\Users\Jesslette\Desktop\fixlist.txt
2013-08-12 22:49 - 2013-08-06 15:18 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Spotify
2013-08-11 20:49 - 2013-08-11 20:49 - 00891098 _____ C:\Users\Jesslette\Downloads\SecurityCheck (1).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (2).exe
2013-08-10 12:09 - 2013-08-10 12:09 - 02347384 _____ (ESET) C:\Users\Jesslette\Downloads\esetsmartinstaller_enu (1).exe
2013-08-09 00:34 - 2013-08-09 00:34 - 01230104 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (3).exe
2013-08-09 00:15 - 2013-08-09 00:15 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Jesslette\Downloads\JRT (1).exe
2013-08-09 00:09 - 2013-08-09 00:09 - 00020956 _____ C:\Windows\PFRO.log
2013-08-09 00:09 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Provisioning
2013-08-09 00:07 - 2013-08-09 00:07 - 00003293 _____ C:\AdwCleaner[S3].txt
2013-08-09 00:07 - 2013-07-11 09:41 - 00000326 _____ C:\Windows\DeleteOnReboot.bat
2013-08-08 23:42 - 2013-08-08 23:42 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (2).exe
2013-08-08 23:04 - 2013-08-08 23:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jesslette\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner.exe
2013-08-08 16:52 - 2013-08-08 16:52 - 00666633 _____ C:\Users\Jesslette\Downloads\adwcleaner (1).exe
2013-08-08 16:38 - 2013-08-08 16:37 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (2).exe
2013-08-08 16:34 - 2013-08-08 16:34 - 01229980 _____ (Farbar) C:\Users\Jesslette\Downloads\FRST (1).exe
2013-08-06 15:17 - 2013-08-06 15:17 - 00001781 _____ C:\Users\Jesslette\Desktop\Spotify.lnk
2013-08-06 15:17 - 2013-08-06 15:17 - 00001767 _____ C:\Users\Jesslette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-08-06 15:16 - 2013-08-06 15:16 - 00092776 _____ (Spotify Ltd) C:\Users\Jesslette\Downloads\SpotifySetup.exe
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (4).exe
2013-08-05 01:23 - 2013-08-05 01:23 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (3).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup.exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (2).exe
2013-08-05 01:21 - 2013-08-05 01:21 - 00875072 _____ C:\Users\Jesslette\Downloads\FLVPlayerSetup (1).exe
2013-08-04 16:36 - 2013-08-04 16:36 - 00000000 ____D C:\Program Files\QuickTime
2013-08-04 16:36 - 2009-07-01 12:42 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-24 19:39 - 2013-07-24 19:39 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-24 19:39 - 2013-07-24 19:39 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-24 19:39 - 2012-06-16 18:25 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-24 19:39 - 2012-06-16 18:25 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-24 02:33 - 2013-08-15 20:55 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-24 02:33 - 2013-08-15 20:55 - 00916480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-24 02:33 - 2013-08-15 20:55 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-07-24 02:33 - 2013-08-15 20:55 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-24 02:33 - 2013-08-15 20:55 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-24 02:32 - 2013-08-15 20:56 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 06016512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-24 02:32 - 2013-08-15 20:55 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-24 02:32 - 2013-08-15 20:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-24 01:56 - 2013-08-15 20:55 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-24 01:49 - 2013-08-15 20:55 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-24 01:49 - 2013-08-15 20:55 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-24 01:49 - 2013-08-15 20:55 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-24 01:49 - 2013-08-15 20:55 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-21 22:50 - 2013-07-21 22:50 - 00448512 _____ (OldTimer Tools) C:\Users\Jesslette\Downloads\TFC (1).exe
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Opera Software
2013-07-19 13:06 - 2013-07-19 13:06 - 00000000 ____D C:\Users\JESSLE~1\AppData\Local\Opera Software
2013-07-19 13:05 - 2013-07-19 13:05 - 00000804 _____ C:\Users\Public\Desktop\Opera.lnk
2013-07-19 13:05 - 2013-07-19 13:05 - 00000000 ____D C:\Program Files\Opera
2013-07-19 12:52 - 2009-05-29 12:46 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\Mozilla
2013-07-19 12:26 - 2013-07-06 01:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-18 21:48 - 2009-08-15 20:39 - 00000000 ____D C:\Users\Jesslette\AppData\Roaming\vlc
2013-07-18 19:26 - 2013-07-18 19:26 - 00000000 ____D C:\Users\Jesslette\Downloads\Three Days
2013-07-18 19:08 - 2013-07-18 19:06 - 115010318 _____ C:\Users\Jesslette\Downloads\Three Days.zip
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-16 08:28
==================== End Of Log ============================
|
|
17.08.2013, 23:37
| #53 |
| /// the machine /// TB-Ausbilder | Ist loadtbs-2.1 ein Virus? Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.08.2013, 13:22
| #54 |
| | Ist loadtbs-2.1 ein Virus? Hallo Schrauber, vielen dank für alles und deine geduld. Werde deine Ratschläge befolgen und nun kannste alles löschen. Lg Jessi |
|
19.08.2013, 16:50
| #55 |
| /// the machine /// TB-Ausbilder | Ist loadtbs-2.1 ein Virus? Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Ist loadtbs-2.1 ein Virus? |
| dateien, extras.txt, freue, hochladen, laptop, loadtbs-2.1, nicht sicher, programm, virus, virus?, wichtiges |
Linear-Darstellung
