| |
| |||||||
Log-Analyse und Auswertung: JS/IFrame.JB Trojaner eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.07.2013, 21:00
| #1 |
| |  JS/IFrame.JB Trojaner eingefangen Hallo erneut  Habe durch anklicken eines nicht seriösen Links die Meldung von ESET Smart Security 6 bekommen das dieser Trojaner in die Quarantäne verschoben wurde... Bisher keine Veränderungen gemerkt nur komischerweise startet ESET nicht mehr automatisch mit Win7 mit seit dem. Könnt ihr mir helfen das zu checken ob doch was faul ist ? MFG |
|
29.07.2013, 21:33
| #2 |
| /// TB-Ausbilder   | JS/IFrame.JB Trojaner eingefangen Hallo,
__________________klar, schauen wir rein: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.07.2013, 22:01
| #3 |
| | JS/IFrame.JB Trojaner eingefangenCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 01 Ran by Asra at 2013-07-29 22:44:35 Running from C:\Users\Asra\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.3.0.29462) Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17) AMD Accelerated Video Transcoding (Version: 12.5.100.21116) AMD APP SDK Runtime (Version: 10.0.937.2) AMD Catalyst Install Manager (Version: 8.0.877.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.70405.2224) Canon MG5300 series MP Drivers Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190) CDBurnerXP (x32 Version: 4.5.1.3868) Counter-Strike: Source (x32 Version: 1.0.0.0) Counter-Strike: Source (x32) Creative ALchemy (x32 Version: 1.41) Creative Audio-Systemsteuerung (x32 Version: 3.00) Creative Konsole Starter (x32 Version: 2.61) Creative Software AutoUpdate (x32 Version: 1.40) Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02) Creative-Diagnose (x32 Version: 5.11) CyberLink YouCam 5 (x32 Version: 5.0.1129) D3DX10 (x32 Version: 15.4.2368.0902) Dolby Digital Live Pack (x32 Version: 3.00) DTS Connect Pack (x32 Version: 1.00) eaner (Version: 3.25) ESET Smart Security (Version: 6.0.316.1) Fotogalerie (x32 Version: 16.4.3505.0912) Free YouTube to MP3 Converter version 3.12.8.717 (x32 Version: 3.12.8.717) IrfanView (remove only) (x32 Version: 4.35) Java 7 Update 10 (64-bit) (Version: 7.0.100) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Java(TM) 6 Update 31 (x32 Version: 6.0.310) Java(TM) 6 Update 45 (64-bit) (Version: 6.0.450) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 22.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) OpenAL (x32) OpenOffice.org 3.3 (x32 Version: 3.3.9567) Opera 12.11 (x32 Version: 12.11.1661) Photo Gallery (x32 Version: 16.4.3505.0912) Skype Click to Call (x32 Version: 6.9.12585) Skype™ 6.6 (x32 Version: 6.6.106) SoundFont-Bank-Manager (x32 Version: 3.21) Steam(TM) (x32 Version: 1.0.0.0) TomTom HOME 2.7.3.1894 (x32 Version: 2.7.3.1894) TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) VLC media player 2.0.1 (Version: 2.0.1) VLC media player 2.0.6 (x32 Version: 2.0.6) Winamp (x32 Version: 5.623 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= 29-07-2013 20:35:06 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-06-27 01:39 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {19BBB445-B020-473D-AC4E-15713C40663E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {6A390C9D-E988-4E6A-ABB3-CF701409D6EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-23] (Adobe Systems Incorporated) Task: {B96D3094-519D-405B-85CF-D77EBCBF97A5} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {E9014A4E-9029-41DB-A7A4-0F9CB8B7C4C4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {FCFDE50C-2189-4E51-9ED4-48B363C7B045} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/17/2013 08:40:13 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/03/2013 00:12:04 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x898 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (06/27/2013 09:46:40 PM) (Source: Application Hang) (User: ) Description: Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 304 Startzeit: 01ce736f00280219 Endzeit: 0 Anwendungspfad: C:\Windows\system32\NOTEPAD.EXE Berichts-ID: 457dfadc-df62-11e2-8bc9-0021851027e6 Error: (06/27/2013 09:37:01 PM) (Source: Application Hang) (User: ) Description: Programm egui.exe, Version 6.0.316.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 85c Startzeit: 01ce736154217793 Endzeit: 60000 Anwendungspfad: C:\Program Files\ESET\ESET Smart Security\egui.exe Berichts-ID: 8d4ea026-df60-11e2-9354-0021851027e6 Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service) (User: ) Description: Der Index kann nicht initialisiert werden. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (06/25/2013 09:41:20 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:20 PM) (Source: Windows Search Service) (User: ) Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden. Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) System errors: ============= Error: (07/29/2013 10:39:58 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/29/2013 08:49:44 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/29/2013 09:03:01 AM) (Source: volsnap) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/29/2013 08:55:44 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/27/2013 01:02:01 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/26/2013 08:37:16 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/25/2013 09:34:22 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/25/2013 08:07:56 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (07/24/2013 07:30:48 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (07/24/2013 07:30:43 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (07/17/2013 08:40:13 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668a3c01ce831b6a3898e2C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll50570c38-ef10-11e2-8f7d-0021851027e6 Error: (07/03/2013 00:12:04 AM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc00000050017366889801ce7770c091c211C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll6ce3338f-e364-11e2-8c2d-0021851027e6 Error: (06/27/2013 09:46:40 PM) (Source: Application Hang)(User: ) Description: NOTEPAD.EXE6.1.7600.1638530401ce736f002802190C:\Windows\system32\NOTEPAD.EXE457dfadc-df62-11e2-8bc9-0021851027e6 Error: (06/27/2013 09:37:01 PM) (Source: Application Hang)(User: ) Description: egui.exe6.0.316.085c01ce73615421779360000C:\Program Files\ESET\ESET Smart Security\egui.exe8d4ea026-df60-11e2-9354-0021851027e6 Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service)(User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/25/2013 09:41:21 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (06/25/2013 09:41:20 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (06/25/2013 09:41:20 PM) (Source: Windows Search Service)(User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) ==================== Memory info =========================== Percentage of memory in use: 33% Total physical RAM: 4095.16 MB Available physical RAM: 2738.67 MB Total Pagefile: 8188.5 MB Available Pagefile: 6736.96 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:39.06 GB) (Free:4.77 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:193.82 GB) (Free:63.98 GB) NTFS (Disk=0 Partition=2) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 4290428F) Partition 1: (Active) - (Size=39 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=194 GB) - (Type=OF Extended) ==================== End Of Log ============================ FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 01
Ran by Asra (administrator) on 29-07-2013 22:44:11
Running from C:\Users\Asra\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Asra\AppData\Roaming\Mozilla\Firefox\Profiles\cd2j6spx.default
FF Homepage: about:home
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('.brightcove.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*'))%20%7B%20return%20'PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Extension: No Name - C:\Users\Asra\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\Asra\AppData\Roaming\Mozilla\Firefox\Profiles\cd2j6spx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: videoresumer - C:\Users\Asra\AppData\Roaming\Mozilla\Firefox\Profiles\cd2j6spx.default\Extensions\videoresumer@jetpack.xpi
FF Extension: youtubeunblocker - C:\Users\Asra\AppData\Roaming\Mozilla\Firefox\Profiles\cd2j6spx.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\Asra\AppData\Roaming\Mozilla\Firefox\Profiles\cd2j6spx.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Asra\AppData\Roaming\Mozilla\Firefox\Profiles\cd2j6spx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-04-14] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2012-04-14] ()
==================== Drivers (Whitelisted) ====================
R3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2755072 2010-09-07] (Novatek)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-14] (ESET)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 FIXUSTOR; system32\DRIVERS\fixustor.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-29 22:44 - 2013-07-29 22:44 - 00000000 ____D C:\FRST
2013-07-29 22:43 - 2013-07-29 22:43 - 01780715 _____ (Farbar) C:\Users\Asra\Desktop\FRST64.exe
2013-07-29 22:40 - 2013-07-29 22:40 - 00000998 _____ C:\AdwCleaner[R1].txt
2013-07-29 22:39 - 2013-07-29 22:39 - 00666633 _____ C:\Users\Asra\Desktop\adwcleaner06.exe
2013-07-29 22:38 - 2013-07-29 22:38 - 00000056 _____ C:\Windows\setupact.log
2013-07-29 22:38 - 2013-07-29 22:38 - 00000000 _____ C:\Windows\setuperr.log
2013-07-27 00:02 - 2013-07-27 00:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-27 00:02 - 2013-07-27 00:02 - 00000000 _____ C:\autoexec.bat
2013-07-27 00:01 - 2013-07-29 22:36 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-07-24 19:43 - 2013-07-24 19:43 - 00000000 ____D C:\Users\Asra\dwhelper
2013-07-24 19:30 - 2013-07-24 20:05 - 00000000 ____D C:\Users\Asra\Desktop\Bluetooth
2013-07-10 22:09 - 2013-07-10 22:10 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 21:57 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 21:57 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 21:57 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 21:57 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 21:57 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 21:57 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-10 21:57 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-10 21:57 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 21:57 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 21:57 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-10 21:57 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-10 21:57 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 21:57 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 21:57 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 21:57 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-10 21:57 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 21:57 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 21:57 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 21:57 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 21:57 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-10 21:57 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 21:57 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 21:57 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-10 21:57 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 21:57 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-10 21:57 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-10 21:57 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 21:57 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 21:57 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 21:57 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 21:57 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-10 21:57 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 00:17 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 00:17 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 00:17 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 00:16 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 00:16 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 00:16 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 00:16 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 22:45 - 2013-07-21 23:20 - 00000640 _____ C:\Users\Asra\Desktop\Dates 2013.txt
2013-07-07 18:23 - 2013-07-07 18:23 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-06-29 13:08 - 2013-07-24 20:19 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
==================== One Month Modified Files and Folders =======
2013-07-29 22:43 - 2013-07-29 22:43 - 01780715 _____ (Farbar) C:\Users\Asra\Desktop\FRST64.exe
2013-07-29 22:40 - 2013-07-29 22:40 - 00000998 _____ C:\AdwCleaner[R1].txt
2013-07-29 22:39 - 2013-07-29 22:39 - 00666633 _____ C:\Users\Asra\Desktop\adwcleaner06.exe
2013-07-29 22:38 - 2013-07-29 22:38 - 00000056 _____ C:\Windows\setupact.log
2013-07-29 22:38 - 2013-07-29 22:38 - 00000000 _____ C:\Windows\setuperr.log
2013-07-29 22:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-29 22:37 - 2013-06-09 22:26 - 00362212 _____ C:\Windows\WindowsUpdate.log
2013-07-29 22:36 - 2013-07-27 00:01 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-07-29 22:28 - 2013-03-31 12:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-29 22:11 - 2012-04-12 21:24 - 00694460 _____ C:\Windows\system32\perfh007.dat
2013-07-29 22:11 - 2012-04-12 21:24 - 00147584 _____ C:\Windows\system32\perfc007.dat
2013-07-29 22:11 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 20:55 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-29 20:55 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-27 00:47 - 2012-04-12 23:12 - 00000000 ____D C:\Users\Asra\AppData\Roaming\Winamp
2013-07-27 00:02 - 2013-07-27 00:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-27 00:02 - 2013-07-27 00:02 - 00000000 _____ C:\autoexec.bat
2013-07-24 21:28 - 2013-03-31 12:50 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-24 21:26 - 2012-09-20 00:34 - 00000000 ____D C:\Users\Asra\Desktop\CD Neu
2013-07-24 20:57 - 2012-04-12 22:46 - 00000000 ____D C:\Users\Asra\AppData\Roaming\vlc
2013-07-24 20:23 - 2012-04-12 21:57 - 00000000 ___RD C:\Users\Asra\Desktop\Programme
2013-07-24 20:19 - 2013-06-29 13:08 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-24 20:18 - 2012-04-12 22:46 - 00000000 ____D C:\Users\Asra\AppData\Roaming\DVDVideoSoft
2013-07-24 20:05 - 2013-07-24 19:30 - 00000000 ____D C:\Users\Asra\Desktop\Bluetooth
2013-07-24 19:43 - 2013-07-24 19:43 - 00000000 ____D C:\Users\Asra\dwhelper
2013-07-24 19:43 - 2012-04-12 19:37 - 00000000 ____D C:\Users\Asra
2013-07-23 22:28 - 2012-04-12 22:57 - 00000000 ____D C:\Users\Asra\AppData\Local\Adobe
2013-07-23 22:28 - 2012-04-12 22:34 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-23 22:28 - 2012-04-12 22:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 23:20 - 2013-07-07 22:45 - 00000640 _____ C:\Users\Asra\Desktop\Dates 2013.txt
2013-07-21 22:33 - 2012-04-12 22:48 - 00000000 ____D C:\Users\Asra\AppData\Roaming\Skype
2013-07-18 21:30 - 2012-04-12 22:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-18 21:30 - 2012-04-12 22:48 - 00000000 ____D C:\ProgramData\Skype
2013-07-10 22:17 - 2009-07-14 06:45 - 00304368 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-10 22:16 - 2009-07-14 09:46 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 22:16 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 22:16 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 22:10 - 2013-07-10 22:09 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 00:25 - 2013-01-20 18:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 00:25 - 2013-01-20 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-07 18:23 - 2013-07-07 18:23 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-07-01 19:01 - 2009-07-14 07:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-24 10:24
==================== End Of Log ============================
--- --- --- --- --- --- Sollte noch erwähnen das ich auch durch irgend ne dumme Werbung Spyhunter4 geladen und scannen lassen hab...erst als ich für die Beseitigung Geld zahlen sollte hab i gegoogelt und gesehen das das Programm etwas ganz anderes ist...Ohje ein Fettnäpfchen nach dem andern...Natürlich deinstalliert ! |
|
29.07.2013, 22:43
| #4 |
| /// TB-Ausbilder | JS/IFrame.JB Trojaner eingefangen Hallo, das Logfile sieht gut aus, da scheinst du dir nichts eingefangen zu haben. Läuft der Rechner denn normal oder ist er irgendwie auffällig? Deinstalliere aber unbedingt noch alle nicht mehr aktuellen Java-Versionen (alles, was älter als Java 7 Update 25 ist)!
__________________ cheers, Leo |
|
30.07.2013, 07:06
| #5 |
| | JS/IFrame.JB Trojaner eingefangen Hab ich erledigt !! Nein es läuft alles wie bisher...keine auffälligen Probleme/Veränderungen. Danke schonmal !! |
|
30.07.2013, 20:06
| #6 |
| /// TB-Ausbilder | JS/IFrame.JB Trojaner eingefangen Ok, dann sollte es so in Ordnung sein. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ --> JS/IFrame.JB Trojaner eingefangen |
|
| Themen zu JS/IFrame.JB Trojaner eingefangen |
| anklicken, automatisch, checken, eingefangen, erneut, gefangen, gemerkt, gen, klicke, klicken, links, meldung, nicht mehr, quarantäne, security, smart, smart security, starte, startet, troja, trojaner, verschoben, veränderungen, win, win7 |
Linear-Darstellung
