Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Nur Inrternet Explorer hat Internetverbindung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 28.07.2013, 10:57   #1
blueboyandy
 
Nur Inrternet Explorer hat Internetverbindung - Standard

Nur Inrternet Explorer hat Internetverbindung



Andere Browser oder mailprogramme können die bestehende Internetverbidung nicht nutzen. Auch andere Programme, die updates über das Intenet beziehen (z.B. AVAST) sind betroffen. Anti-Viren-Programme lassen sich nur manuell aktuelisieren. Die Internetverbindung über Fritz-Box Kann wohl nicht schuld sein, da ja IE funktioniert und ein Notebook über W-Lan zugreifen kann. Windows updates funktionieren aber.

Alt 28.07.2013, 11:40   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Nur Inrternet Explorer hat Internetverbindung - Standard

Nur Inrternet Explorer hat Internetverbindung



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 28.07.2013, 15:47   #3
blueboyandy
 
Nur Inrternet Explorer hat Internetverbindung - Standard

Nur Inrternet Explorer hat Internetverbindung




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Andy & Lena (administrator) on 28-07-2013 16:41:11
Running from C:\Users\Andy & Lena\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\Service\BitBoxService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobiles Internet\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [HideLogonScripts] 0
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [273544 2011-06-24] (RealNetworks, Inc.)
HKU\Administrator\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [366024 2011-09-28] (IncrediMail, Ltd.)
HKU\Administrator\...\Run: [EPSON Stylus DX4400 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Users\ADMINI~1\AppData\Local\Temp\E_SD1B0.tmp" /EF "HKCU" [x] <===== ATTENTION
HKU\Administrator\...\Policies\system: [DisableChangePassword] 0
HKU\Administrator\...\Policies\system: [DisableLockWorkstation] 0
HKU\Administrator\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\Administrator\...\Policies\system: [HideLogoffScripts] 0
HKU\Administrator\...\Policies\system: [HideLogonScripts] 0
HKU\Administrator\...\Policies\system: [NoColorChoice] 0
HKU\Administrator\...\Policies\system: [NoDispAppearancePage] 0
HKU\Administrator\...\Policies\system: [NoDispBackgroundPage] 0
HKU\Administrator\...\Policies\system: [NoDispCPL] 0
HKU\Administrator\...\Policies\system: [NoDispScrSavPage] 0
HKU\Administrator\...\Policies\system: [NoDispSettingsPage] 0
HKU\Administrator\...\Policies\system: [NoSizeChoice] 0
HKU\Administrator\...\Policies\system: [NoVisualStyleChoice] 0
HKU\Default\...\Run: [StartUp This] - "C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe" [x]
HKU\Default User\...\Run: [StartUp This] - "C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe" [x]
Startup: C:\Users\Andy & Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
ShortcutTarget: regmonstd.lnk -> C:\Users\ANDY&L~1\AppData\Local\Temp\pybiwtptwsfffyqckkj.bfg ()
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2722653
SearchScopes: HKLM-x32 - {230169A5-BE34-4219-9E9B-C4F204C7B519} URL = google - Search Page
SearchScopes: HKLM-x32 - {9278660D-588A-4C74-8344-452016F55528} URL = google - Search Page
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2722653
SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/german/?search={searchTerms}&loc=search_box&a=6R7NvjZWId
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=f6a564360000000000000026188fddf0
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f6a56436000000000000000000000000&tlver=1.4.19.19&ss=1&affID=17395
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={D00A449A-4E56-4B74-8111-5A6145FC20DD}&mid=775bc98d966663a81485c41dba4ddaa3-3caad277db32ff8263ad0ccceca43f767a7c4806&lang=de&ds=AVG&pr=fr&d=2011-12-29 19:10:25&v=9.0.0.23&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/german/?search={searchTerms}&loc=search_box&a=6R7NvjZWId
SearchScopes: HKCU - {F6008133-C40B-479D-B057-12F15387E183} URL = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=386496&p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DownloadHelper Class - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {C9508125-4747-4733-B048-E4B82DC9716D} -  No File
Toolbar: HKCU - No Name - {D8FB4583-DB9D-4C7B-85BE-294C13A3E5C4} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} -  No File
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {615A1925-0E5B-4767-A65E-3165AEAC32A3} hxxp://quickscan.bitdefender.com/qsax/qsax64.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} -  No File
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\Windows\SysWOW64\wiascr.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} -  No File
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\SysWOW64\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks-x32: ShellHook Class - {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\PROGRA~2\MarkAny\CONTEN~1\MACSMA~1.DLL [192512 2004-11-23] (MarkAny Cooperation.)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll [12872704 2013-02-27] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 02 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 03 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 04 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 05 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 06 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 07 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog9 14 C:\Program Files (x86)\Ashampoo\Ashampoo FireWall\spi.dll [393728] ()
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Andy & Lena\AppData\Roaming\Mozilla\Firefox\Profiles\ufg2sa2n.default
FF user.js: detected! => C:\Users\Andy & Lena\AppData\Roaming\Mozilla\Firefox\Profiles\ufg2sa2n.default\user.js
FF NewTab: hxxp://search.babylon.com/?affID=119828&babsrc=NT_ss&mntrId=f6a564360000000000000026188fddf0
FF SelectedSearchEngine: Search the web (Babylon)
FF Homepage: hxxp://search.babylon.com/?affID=119828&babsrc=HP_ss&mntrId=f6a564360000000000000026188fddf0
FF Keyword.URL: hxxp://search.babylon.com/?affID=119828&babsrc=KW_ss&mntrId=f6a564360000000000000026188fddf0&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @soe.sony.com/installer,version=1.0.3 - C:\PROGRA~2\SONYON~1\npsoe.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\PROGRA~2\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andy & Lena\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andy & Lena\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [jqs@sun.com] C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ff
FF HKLM-x32\...\Firefox\Extensions: [{fa46cb24-1d5b-4048-911a-2857a0944395}] C:\Program Files (x86)\FVD Suite\addons\Firefox
FF Extension: No Name - C:\Program Files (x86)\FVD Suite\addons\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [flashcatch@flashcatch.com] C:\Program Files (x86)\FlashCatch\firefox
FF Extension: FlashCatch - C:\Program Files (x86)\FlashCatch\firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF Extension: AVG E-mail Scanner - C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AudioSrv; C:\Windows\SysWow64\Audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S4 Basics Service; C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\Service\BitBoxService.exe [718848 2012-06-22] (Sirrix AG)
R2 BITS; C:\Windows\SysWow64\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2013-02-25] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.)
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
R2 JavaQuickStarterService; C:\Program Files (x86)\Java\jre6\bin\jqs.exe [153376 2012-02-25] (Sun Microsystems, Inc.)
R2 LanmanServer; C:\Windows\SysWow64\srvsvc.dll [96768 2008-04-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobiles Internet. RunOuc; C:\Program Files (x86)\Mobiles Internet\UpdateDog\ouc.exe [246112 2012-04-03] ()
S2 MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS32.exe [207664 2006-10-13] (Microsoft Corporation)
S4 O&O DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [3382528 2009-09-15] ()
S3 RasAuto; C:\Windows\SysWow64\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\Windows\SysWow64\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2008-10-24] ()
S2 Schedule; C:\Windows\SysWow64\schedsvc.dll [193536 2008-04-14] (Microsoft Corporation)
S3 TermService; C:\Windows\SysWow64\termsrv.dll [297472 2008-04-14] (Microsoft Corporation)
S4 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [145224 2009-10-08] (H+H Software GmbH)
R2 wuauserv; C:\Windows\SysWow64\wuaueng.dll [1809944 2008-10-16] (Microsoft Corporation)
S4 M4-Service; C:\Users\Andy & Lena\AppData\Roaming\Mikogo 4\M4-Service.exe [x]
S2 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [x]
S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [x]

==================== Drivers (Whitelisted) ====================

S3 ASPI; C:\Windows\SysWow64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\ADA.tmp [6144 2011-05-12] (Sophos Plc)
S3 MEMSWEEP2; C:\Windows\system32\ADA.tmp [6144 2011-05-12] (Sophos Plc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [117256 2009-09-15] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [39944 2009-09-15] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [207368 2009-09-15] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [42504 2009-09-15] (O&O Software GmbH)
R3 PciPPorts; C:\Windows\System32\DRIVERS\PciPPorts.sys [96768 2009-07-23] ()
R3 PciSPorts; C:\Windows\System32\DRIVERS\PciSPorts.sys [122880 2008-12-19] ()
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10951552 2009-07-17] (Sonix Co. Ltd.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 ASPI; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [x]
S3 BlueletAudio; No ImagePath
S3 BlueletSCOAudio; No ImagePath
S3 BT; system32\DRIVERS\btnetdrv.sys [x]
S3 BTCOM; system32\DRIVERS\btcomport.sys [x]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [x]
S3 Btcsrusb; System32\Drivers\btcusb.sys [x]
S3 BTHidEnum; No ImagePath
S0 BTHidMgr; No ImagePath
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [x]
S3 MotDev; system32\DRIVERS\motodrv.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S0 PxHelp20; system32\DRIVERS\PxHelp20.sys [x]
S1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S0 SpiderG3; system32\drivers\spiderg3.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-28 16:40 - 2013-07-28 16:40 - 01780547 _____ (Farbar) C:\Users\Andy & Lena\Desktop\FRST64.exe
2013-07-28 16:40 - 2013-07-28 16:40 - 00000000 ____D C:\FRST
2013-07-28 11:29 - 2013-07-28 11:29 - 00602112 _____ (OldTimer Tools) C:\Users\Andy & Lena\Desktop\OTL.exe
2013-07-28 11:20 - 2013-07-28 11:20 - 01548728 _____ C:\Users\Andy & Lena\Desktop\gmer2.log
2013-07-28 10:36 - 2013-07-28 10:36 - 00029552 _____ C:\Users\Andy & Lena\Desktop\blueboyandy-gmer.log
2013-07-27 13:11 - 2013-07-27 13:11 - 00093656 _____ C:\Users\Andy & Lena\Desktop\Extrasblueboyandy.txt
2013-07-27 13:10 - 2013-07-27 13:10 - 00211532 _____ C:\Users\Andy & Lena\Desktop\OTLblueboyandy.Txt
2013-07-27 13:08 - 2013-07-28 10:27 - 00377856 _____ C:\Users\Andy & Lena\Desktop\gmer_2.1.19163.exe
2013-07-27 13:08 - 2013-07-27 13:08 - 00093656 _____ C:\Users\Andy & Lena\Desktop\Extras.Txt
2013-07-27 13:07 - 2013-07-27 13:07 - 00211532 _____ C:\Users\Andy & Lena\Desktop\OTL.Txt
2013-07-27 12:56 - 2013-07-27 12:56 - 00000000 _____ C:\Users\Andy & Lena\defogger_reenable
2013-07-27 12:54 - 2013-07-27 12:54 - 00000256 _____ C:\Users\Andy & Lena\Desktop\defogger_enable.log
2013-07-27 12:52 - 2013-07-27 12:56 - 00000484 _____ C:\Users\Andy & Lena\Desktop\defogger_disable.log
2013-07-27 12:51 - 2013-07-27 12:51 - 00050477 _____ C:\Users\Andy & Lena\Desktop\Defogger.exe
2013-07-27 12:48 - 2013-07-27 12:48 - 00050477 _____ C:\Users\Andy & Lena\Downloads\Defogger.exe
2013-07-25 12:39 - 2013-07-28 13:12 - 1555808013 _____ C:\Windows\MEMORY.DMP
2013-07-25 12:39 - 2013-07-25 12:39 - 00285376 _____ C:\Windows\Minidump\072513-27066-01.dmp
2013-07-25 11:07 - 2013-07-28 16:32 - 00000728 _____ C:\Windows\setupact.log
2013-07-25 11:07 - 2013-07-25 11:07 - 00000000 _____ C:\Windows\setuperr.log
2013-07-24 22:05 - 2013-07-25 22:30 - 00022762 _____ C:\Windows\IE10_main.log
2013-07-18 13:20 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-18 13:20 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-17 22:34 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-17 22:34 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-17 22:34 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-17 22:34 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-17 22:34 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-17 22:34 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-17 22:34 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-17 22:34 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-17 22:34 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-17 22:34 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-17 22:34 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-17 22:34 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-17 22:34 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-17 22:34 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-17 22:34 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-17 22:34 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-17 22:34 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-17 22:34 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-17 22:34 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-17 22:34 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-17 22:34 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-17 22:34 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-17 22:34 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-17 22:34 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-17 22:34 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-17 22:34 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-17 22:34 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-17 22:34 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-17 22:34 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-17 22:34 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-17 22:34 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-17 22:34 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-17 18:25 - 2013-07-17 18:25 - 38103832 _____ (Amazon.com) C:\Users\Andy & Lena\Downloads\KindleForPC-installer.exe
2013-07-17 18:23 - 2013-07-17 18:29 - 00001973 _____ C:\Users\Andy & Lena\Desktop\Kindle.lnk
2013-07-17 18:23 - 2013-07-17 18:29 - 00000000 ____D C:\Program Files (x86)\Amazon
2013-07-17 18:23 - 2013-07-17 18:23 - 00000000 ____D C:\Users\ANDY&L~1\AppData\Local\Amazon
2013-07-17 18:23 - 2013-07-17 18:23 - 00000000 ____D C:\Users\Andy & Lena\Documents\My Kindle Content
2013-07-17 18:23 - 2013-07-17 18:23 - 00000000 ____D C:\Users\Andy & Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-07-16 18:39 - 2013-07-16 18:39 - 00000165 _____ C:\ProgramData\jkkcqyfffswtptwibyp.reg
2013-07-16 18:39 - 2013-07-16 18:39 - 00000070 _____ C:\ProgramData\jkkcqyfffswtptwibyp.bat
2013-07-15 19:51 - 2013-07-15 19:51 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce8183f15f0a7f.job
2013-07-12 18:32 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-12 18:32 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 18:32 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-12 18:32 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-12 18:31 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-05 19:59 - 2013-07-05 19:59 - 00005413 _____ C:\Users\Andy & Lena\Downloads\Part_2.html
2013-07-02 20:57 - 2013-07-02 20:58 - 297779291 ____T C:\Users\Andy & Lena\Desktop\Neutral
2013-07-01 19:50 - 2013-07-01 20:06 - 00000000 ____D C:\Users\Andy & Lena\Documents\IncrediMail Transferred Data
2013-07-01 19:17 - 2013-07-01 19:17 - 00017920 ___SH C:\Users\Andy & Lena\Thumbs.db
110

==================== One Month Modified Files and Folders =======

2018-01-01 18:45 - 2012-11-25 18:33 - 00000000 ____D C:\Users\Andy & Lena\.VirtualBox
2017-12-31 20:48 - 2017-12-31 20:48 - 00000000 ____D C:\Users\Andy & Lena\Downloads\BitBoxPrint
2013-07-28 16:40 - 2013-07-28 16:40 - 01780547 _____ (Farbar) C:\Users\Andy & Lena\Desktop\FRST64.exe
2013-07-28 16:40 - 2013-07-28 16:40 - 00000000 ____D C:\FRST
2013-07-28 16:32 - 2013-07-25 11:07 - 00000728 _____ C:\Windows\setupact.log
2013-07-28 14:37 - 2012-04-04 04:02 - 01185334 _____ C:\Windows\WindowsUpdate.log
2013-07-28 13:20 - 2009-07-14 06:45 - 00014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 13:20 - 2009-07-14 06:45 - 00014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 13:12 - 2013-07-25 12:39 - 1555808013 _____ C:\Windows\MEMORY.DMP
2013-07-28 13:12 - 2012-03-26 18:19 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-28 13:12 - 2009-12-06 09:31 - 00000000 ____D C:\Windows\Minidump
2013-07-28 13:12 - 2009-07-14 07:08 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-28 13:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 12:21 - 2010-12-18 23:11 - 00000000 ____D C:\Users\Andy & Lena\Desktop\Yuliya
2013-07-28 12:06 - 2009-12-05 16:08 - 00000000 ____D C:\Users\Andy & Lena
2013-07-28 11:51 - 2009-12-06 11:42 - 00000000 ____D C:\Users\Andy & Lena\AppData\Roaming\Real
2013-07-28 11:29 - 2013-07-28 11:29 - 00602112 _____ (OldTimer Tools) C:\Users\Andy & Lena\Desktop\OTL.exe
2013-07-28 11:20 - 2013-07-28 11:20 - 01548728 _____ C:\Users\Andy & Lena\Desktop\gmer2.log
2013-07-28 10:36 - 2013-07-28 10:36 - 00029552 _____ C:\Users\Andy & Lena\Desktop\blueboyandy-gmer.log
2013-07-28 10:27 - 2013-07-27 13:08 - 00377856 _____ C:\Users\Andy & Lena\Desktop\gmer_2.1.19163.exe
2013-07-27 13:11 - 2013-07-27 13:11 - 00093656 _____ C:\Users\Andy & Lena\Desktop\Extrasblueboyandy.txt
2013-07-27 13:10 - 2013-07-27 13:10 - 00211532 _____ C:\Users\Andy & Lena\Desktop\OTLblueboyandy.Txt
2013-07-27 13:08 - 2013-07-27 13:08 - 00093656 _____ C:\Users\Andy & Lena\Desktop\Extras.Txt
2013-07-27 13:07 - 2013-07-27 13:07 - 00211532 _____ C:\Users\Andy & Lena\Desktop\OTL.Txt
2013-07-27 12:56 - 2013-07-27 12:56 - 00000000 _____ C:\Users\Andy & Lena\defogger_reenable
2013-07-27 12:56 - 2013-07-27 12:52 - 00000484 _____ C:\Users\Andy & Lena\Desktop\defogger_disable.log
2013-07-27 12:54 - 2013-07-27 12:54 - 00000256 _____ C:\Users\Andy & Lena\Desktop\defogger_enable.log
2013-07-27 12:51 - 2013-07-27 12:51 - 00050477 _____ C:\Users\Andy & Lena\Desktop\Defogger.exe
2013-07-27 12:48 - 2013-07-27 12:48 - 00050477 _____ C:\Users\Andy & Lena\Downloads\Defogger.exe
2013-07-26 16:30 - 2009-12-22 20:47 - 00000000 ____D C:\Program Files\MyDefrag v4.2.7
2013-07-25 22:30 - 2013-07-24 22:05 - 00022762 _____ C:\Windows\IE10_main.log
2013-07-25 12:39 - 2013-07-25 12:39 - 00285376 _____ C:\Windows\Minidump\072513-27066-01.dmp
2013-07-25 11:07 - 2013-07-25 11:07 - 00000000 _____ C:\Windows\setuperr.log
2013-07-24 20:08 - 2012-01-14 19:02 - 00001993 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2013-07-22 09:18 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-22 09:18 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-19 13:10 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-07-19 13:10 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-07-19 13:10 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-18 13:15 - 2009-07-14 06:45 - 00391976 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 22:37 - 2009-12-10 20:17 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-17 22:22 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-17 18:29 - 2013-07-17 18:23 - 00001973 _____ C:\Users\Andy & Lena\Desktop\Kindle.lnk
2013-07-17 18:29 - 2013-07-17 18:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2013-07-17 18:25 - 2013-07-17 18:25 - 38103832 _____ (Amazon.com) C:\Users\Andy & Lena\Downloads\KindleForPC-installer.exe
2013-07-17 18:23 - 2013-07-17 18:23 - 00000000 ____D C:\Users\ANDY&L~1\AppData\Local\Amazon
2013-07-17 18:23 - 2013-07-17 18:23 - 00000000 ____D C:\Users\Andy & Lena\Documents\My Kindle Content
2013-07-17 18:23 - 2013-07-17 18:23 - 00000000 ____D C:\Users\Andy & Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-07-16 18:39 - 2013-07-16 18:39 - 00000165 _____ C:\ProgramData\jkkcqyfffswtptwibyp.reg
2013-07-16 18:39 - 2013-07-16 18:39 - 00000070 _____ C:\ProgramData\jkkcqyfffswtptwibyp.bat
2013-07-16 18:39 - 2009-12-05 16:08 - 00000000 ___RD C:\Users\Andy & Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-15 19:51 - 2013-07-15 19:51 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce8183f15f0a7f.job
2013-07-12 13:55 - 2012-04-07 12:31 - 00000116 _____ C:\Windows\NeroDigital.ini
2013-07-12 13:55 - 2010-01-06 00:11 - 00000214 _____ C:\Users\Andy & Lena\AppData\Roaming\default.rss
2013-07-12 13:41 - 2010-04-27 18:52 - 00000103 _____ C:\Users\Andy & Lena\AppData\default.pls
2013-07-12 13:21 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2013-07-12 13:20 - 2009-12-05 19:55 - 00000000 ____D C:\Users\Administrator
2013-07-12 13:19 - 2009-12-05 20:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-12 13:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-12 13:18 - 2009-12-05 23:07 - 00000000 ____D C:\ProgramData\Adobe
2013-07-11 19:15 - 2009-12-06 10:52 - 00000000 ____D C:\Users\ANDY&L~1\AppData\Local\Adobe
2013-07-08 17:10 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Offline Web Pages
2013-07-08 17:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-08 17:10 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-07 22:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-05 19:59 - 2013-07-05 19:59 - 00005413 _____ C:\Users\Andy & Lena\Downloads\Part_2.html
2013-07-02 20:58 - 2013-07-02 20:57 - 297779291 ____T C:\Users\Andy & Lena\Desktop\Neutral
2013-07-02 20:42 - 2009-12-06 10:55 - 00000000 ____D C:\Users\ANDY&L~1\AppData\Local\IM
2013-07-01 20:06 - 2013-07-01 19:50 - 00000000 ____D C:\Users\Andy & Lena\Documents\IncrediMail Transferred Data
2013-07-01 19:17 - 2013-07-01 19:17 - 00017920 ___SH C:\Users\Andy & Lena\Thumbs.db
2013-06-30 23:12 - 2012-08-29 22:46 - 08403721 _____ C:\Users\ANDY&L~1\AppData\Local\census.cache
2013-06-30 23:04 - 2012-08-29 22:42 - 00179465 _____ C:\Users\ANDY&L~1\AppData\Local\ars.cache
2013-06-30 16:43 - 2010-04-19 22:06 - 00000000 __RSD C:\Users\Andy & Lena\Documents\My Stationery
2013-06-30 16:43 - 2010-04-01 22:23 - 00000000 ___RD C:\Users\Andy & Lena\Desktop\Converter
2013-06-30 16:43 - 2009-12-06 14:46 - 00000000 ___RD C:\Users\Andy & Lena\Favoriten
2013-06-30 16:40 - 2011-03-24 19:16 - 00000000 ____D C:\Users\Andy & Lena\Downloads\settings.php-Dateien
2013-06-30 16:40 - 2010-12-19 19:54 - 00000000 ____D C:\Users\Andy & Lena\dwhelper
2013-06-30 16:40 - 2010-12-14 00:37 - 00000000 ____D C:\Users\Andy & Lena\Downloads\success-Dateien
2013-06-30 16:40 - 2010-12-14 00:37 - 00000000 ____D C:\Users\Andy & Lena\Downloads\holubovsky-Dateien
2013-06-30 16:40 - 2010-12-04 19:49 - 00000000 ____D C:\Users\Andy & Lena\Downloads\webhosting-Dateien
2013-06-30 16:40 - 2010-11-24 20:29 - 00000000 ____D C:\Users\Andy & Lena\Downloads\webscr-Dateien
2013-06-30 16:40 - 2010-01-24 22:44 - 00000000 ____D C:\Users\Andy & Lena\Tiere
2013-06-30 16:40 - 2009-12-29 13:48 - 00000000 ____D C:\Users\Andy & Lena\Filme
2013-06-30 16:40 - 2009-12-26 21:03 - 00000000 ____D C:\Users\Andy & Lena\Documents\Bluetooth
2013-06-30 16:40 - 2009-12-06 14:23 - 00000000 ____D C:\Users\Andy & Lena\Documents\viktjuk
2013-06-30 16:40 - 2009-12-06 14:22 - 00000000 ____D C:\Users\Andy & Lena\Documents\Meine empfangenen Dateien
2013-06-28 13:38 - 2012-09-12 18:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:37 - 2012-04-06 17:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 13:37 - 2011-05-21 12:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 13:28 - 2009-12-05 17:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed

Files to move or delete:
====================
C:\ProgramData\3abh.bat
C:\ProgramData\3abh.pad
C:\ProgramData\3abh.reg
C:\ProgramData\dzejlo.bat
C:\ProgramData\dzejlo.pad
C:\ProgramData\dzejlo.reg
C:\ProgramData\eqirr9.bat
C:\ProgramData\eqirr9.pad
C:\ProgramData\eqirr9.reg
C:\ProgramData\hjofof.bat
C:\ProgramData\hjofof.pad
C:\ProgramData\hjofof.reg
C:\ProgramData\iwz6li.pad
C:\ProgramData\jkkcqyfffswtptwibyp.bat
C:\ProgramData\jkkcqyfffswtptwibyp.reg
C:\Users\Andy & Lena\AdbeRdr920_de_DE.exe
C:\Users\Andy & Lena\avg_free_stf_eu_90_707a1765.exe
C:\Users\Andy & Lena\install_flash_player.exe
C:\Users\Andy & Lena\MyDefrag-v4.2.7.exe
C:\Users\Andy & Lena\Nero-9.4.26.0.exe
C:\Users\Andy & Lena\Nero_BackItUpAndBurn-1.2.17b.exe
C:\Users\Andy & Lena\setupRynga.exe
C:\Users\Andy & Lena\SkypeSetup.exe
C:\Users\Andy & Lena\wlsetup-web.exe
C:\Users\Andy & Lena\AppData\Roaming\AltShell.ini
C:\Users\Andy & Lena\AppData\Roaming\skype.ini
C:\Users\Andy & Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
C:\Windows\Tasks\{47E7CE66-99E7-496E-9F58-85D886F470C9}.job
C:\Windows\Tasks\{6307619E-3FEA-4978-8FE5-D4C7B3A63A14}.job
C:\Windows\Tasks\{907960B6-75D6-4D0F-9996-A5A6B68E44B3}.job
C:\Windows\Tasks\{A806FA7C-2A27-4E5F-B696-E8BA8913A0E7}.job
C:\Windows\Tasks\{B4CC74B3-A9EC-4A2E-AB95-7AC78357E5D3}.job
C:\Windows\Tasks\{CB92455B-8D9F-49C6-80A1-B7E287989712}.job

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-12-05 18:07

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 28.07.2013, 16:58   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Nur Inrternet Explorer hat Internetverbindung - Standard

Nur Inrternet Explorer hat Internetverbindung



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Nur Inrternet Explorer hat Internetverbindung
andere, avast, browser, ebook, explorer, funktionier, funktionieren, funktioniert, inter, interne, internetverbindung, manuell, notebook, nutze, schuld, updates, verbindung, w-lan, windows, windows updates, zugreife, zugreifen




Ähnliche Themen: Nur Inrternet Explorer hat Internetverbindung


  1. Keine Internetverbindung, Firewall nicht aktivierbar, Explorer crash bei rechtsklick
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (12)
  2. Windows 7 Internet Explorer langsam Internet Explorer reagiert lahm oder gar nicht
    Log-Analyse und Auswertung - 28.05.2014 (15)
  3. Windows 7: Laptop lahmt plötzlich und Probleme mit der explorer.exe bzw dem Windowss Explorer
    Log-Analyse und Auswertung - 16.11.2013 (21)
  4. Internet Explorer und viele andere Programme bekommen keine Internetverbindung?
    Plagegeister aller Art und deren Bekämpfung - 25.12.2009 (10)
  5. Windows-Explorer funktioniert nicht mehr - explorer.exe
    Alles rund um Windows - 21.12.2009 (0)
  6. Internetverbindung im Benutzerkonto
    Alles rund um Windows - 07.09.2009 (5)
  7. Probleme mit Internetverbindung
    Log-Analyse und Auswertung - 04.07.2009 (2)
  8. explorer.exe Attribute-Byte Archiv-Bit explorer.lnk
    Alles rund um Windows - 25.06.2009 (0)
  9. explorer.exe - Trojaner , Taskleiste & icons unsichtbar & explorer.exe verschwunden
    Plagegeister aller Art und deren Bekämpfung - 27.03.2009 (0)
  10. Internetverbindung funktioniert nur ab und zu
    Log-Analyse und Auswertung - 22.08.2008 (2)
  11. internetverbindung ok?
    Log-Analyse und Auswertung - 27.03.2008 (3)
  12. Explorer startet von Festplatte Datei explorer.mht
    Log-Analyse und Auswertung - 21.03.2008 (0)
  13. Explorer.exe infiziert? Hab einen zweiten explorer, der ein einziger link ist
    Mülltonne - 01.02.2008 (0)
  14. Explorer / IE-Explorer startet nicht
    Log-Analyse und Auswertung - 06.10.2006 (8)
  15. Internetverbindung stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 17.08.2006 (69)
  16. Internetverbindung defekt
    Netzwerk und Hardware - 02.01.2006 (7)
  17. internetverbindung
    Log-Analyse und Auswertung - 16.09.2005 (5)

Zum Thema Nur Inrternet Explorer hat Internetverbindung - Andere Browser oder mailprogramme können die bestehende Internetverbidung nicht nutzen. Auch andere Programme, die updates über das Intenet beziehen (z.B. AVAST) sind betroffen. Anti-Viren-Programme lassen sich nur manuell aktuelisieren. Die - Nur Inrternet Explorer hat Internetverbindung...
Archiv
Du betrachtest: Nur Inrternet Explorer hat Internetverbindung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.