Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel

Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel


Plagegeister aller Art und deren Bekämpfung: Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.08.2013, 21:24   #9
Sandra01
 
Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel - Standard

Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel


Rotwerd... Ja ging, weiter im Text....

Hallo Leo,

nein, ich bin nicht weggenickt zwischendurch . Hier die drei Logs:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.000 - Report created 21/08/2013 at 21:46:31
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : SanDi - SANDI-LÄPPI
# Running from : C:\Users\SanDi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UBYH1QZ\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\SanDi\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\SanDi\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\SanDi\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Babylon
Folder Deleted : C:\Users\SanDi\AppData\Roaming\file scout
Folder Deleted : C:\Users\SanDi\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Searchqutoolbar
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\ffxtlbra@softonic.com
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\Askcom.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\delta.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\softonic.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\bprotector_extensions.sqlite
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\bprotector_prefs.js
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\user.js
File Deleted : C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\System32\Tasks\BrowserProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Key Deleted : HKCU\Software\953de88e739ec47
Key Deleted : HKLM\SOFTWARE\953de88e739ec47
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\filescout
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v21.0 (de)

[ File : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("extensions.Softonic.admin", false);
Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Line Deleted : user_pref("extensions.Softonic.cntry", "DE");
Line Deleted : user_pref("extensions.Softonic.cv", "cv5");
Line Deleted : user_pref("extensions.Softonic.dfltLng", "de");
Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Line Deleted : user_pref("extensions.Softonic.dfltlng", "de");
Line Deleted : user_pref("extensions.Softonic.dfltsrch", true);
Line Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.dspOld", "");
Line Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
Line Deleted : user_pref("extensions.Softonic.firsttimeinstallation", "true");
Line Deleted : user_pref("extensions.Softonic.hdrMd5", "8A76A3B2B9199C2E95846C0ACD8E4BA7");
Line Deleted : user_pref("extensions.Softonic.hmpg", true);
Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.Softonic.hpOld", "hxxp://www.psd-tutorials.de");
Line Deleted : user_pref("extensions.Softonic.hrdid", "be0ac506000000000000bc77371ae64b");
Line Deleted : user_pref("extensions.Softonic.id", "be0ac506000000000000bc77371ae64b");
Line Deleted : user_pref("extensions.Softonic.instlDay", "15554");
Line Deleted : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Line Deleted : user_pref("extensions.Softonic.instlday", "15554");
Line Deleted : user_pref("extensions.Softonic.instlref", "INF1205T01");
Line Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Line Deleted : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.Softonic.monitorreport", true);
Line Deleted : user_pref("extensions.Softonic.newTab", true);
Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.Softonic.newtab", true);
Line Deleted : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Line Deleted : user_pref("extensions.Softonic.propectorlck", 87054682);
Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Line Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");
Line Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Line Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Line Deleted : user_pref("extensions.Softonic.sg", "az");
Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Line Deleted : user_pref("extensions.Softonic.srch", "");
Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.tlbrid", "base");
Line Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.vrsn", "1.6.4.3");
Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.Softonic.vrsni", "1.6.4.3");
Line Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.Softonic_i.dnsErr", true);
Line Deleted : user_pref("extensions.Softonic_i.hmpg", true);
Line Deleted : user_pref("extensions.Softonic_i.newTab", true);
Line Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "16");
Line Deleted : user_pref("extensions.delta.cntry", "DE");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "06F48BCA09480D08AB57F2BE58710B5A");
Line Deleted : user_pref("extensions.delta.hmpg", false);
Line Deleted : user_pref("extensions.delta.id", "be0ac506000000000000bc77371ae64b");
Line Deleted : user_pref("extensions.delta.instlDay", "15830");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "tzb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1619:36:46");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");
Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbra%40softonic.com:1.6.0,%7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printin[...]

-\\ Google Chrome v28.0.1500.95

[ File : C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup
Deleted : search_url

*************************

AdwCleaner[R0].txt - [20515 octets] - [21/08/2013 21:35:32]
AdwCleaner[R1].txt - [20576 octets] - [21/08/2013 21:45:33]
AdwCleaner[S0].txt - [20453 octets] - [21/08/2013 21:46:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20514 octets] ##########
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.2 (08.20.2013:1)
OS: Windows 7 Home Premium x64
Ran by SanDi on 21.08.2013 at 22:00:24,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\uniblue\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{266627B6-76C5-49C6-910E-1F76DC991AFB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4B699018-2330-4AB6-A0CE-2C482767F8C0}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho255B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho392E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9879.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA073.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB636.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB95.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE955.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE974.tmp



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{0024A03F-F6DE-4C5A-8BAB-4F51526490F0}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{1884A425-7C99-4B17-82D5-8E715FBFBEFF}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{1DC5DDAB-C9B9-4B9B-A4AD-421DFB2C3E62}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{235C691A-8510-4D1B-A7D1-464CC70CBD8C}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{4402B36D-F1B7-4C63-A7FF-4FC9007A453A}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{5341DC59-95AB-41CD-8C78-FFB189698E6E}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{5674FB5D-926D-4803-AA59-1DE9FEC50820}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{666F8FA5-B15F-4B8F-BCAB-BB03F623A356}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{7C2F0D1A-1F4F-4DA6-B525-4E874CF20FA0}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{825B6363-A7BC-4E89-91DC-DFFE9F4A7F5E}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{8B0D8EF9-E384-4468-9D16-0B41117FA727}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{9660E959-C205-4AA6-88F1-EFCBBC3CB24E}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{A41CB010-A5F2-4F11-B701-99C4FF050444}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{A5A85C38-6735-4736-BD71-4A840BC6A3ED}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{A82762E1-7922-4D49-B5DA-D73D4403A9F8}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{D8D4507A-24F3-4104-A5A1-379028303139}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F58A416B-5CDE-4EFF-BF87-4F5BB88B26B7}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F5E2B0A3-396F-484C-8D9C-877C1C339A7D}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F6766042-6561-4464-A473-D88FB7EC165B}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F7156D76-8D90-4BD1-A839-E02C669B2D88}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{FE5A766C-2110-4FF2-A0D1-C2DD57C8E60D}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\SanDi\AppData\Roaming\mozilla\firefox\profiles\qxo6284e.default\invalidprefs.js
Emptied folder: C:\Users\SanDi\AppData\Roaming\mozilla\firefox\profiles\qxo6284e.default\minidumps [43 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.08.2013 at 22:13:59,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2013 02
Ran by SanDi (administrator) on 21-08-2013 22:20:35
Running from C:\Users\SanDi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UBYH1QZ
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dropbox, Inc.) C:\Users\SanDi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10361616 2011-02-11] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe [12008296 2011-03-02] (Adobe Systems, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
MountPoints2: {1fd7d381-b903-11e1-8632-00262dc73c8e} - F:\CD_Start.exe
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [CaddieSyncConduit] - C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2544960 2013-05-08] (SkyHawke)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe [232368 2012-07-03] (Sun Microsystems, Inc.)
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
AppInit_DLLs:      [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\SanDi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\SanDi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://uploadserver.info/premium/mirror2/uploader/ImageUploader5.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab
Handler: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @fluxdvd.com/NPWMDRMWrapper - C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll ( )
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Extension: No Name - C:\Users\SanDi\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF Extension: No Name - C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions:  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Kaspersky URL Advisor) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0
CHR Extension: (Safe Money) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0
CHR Extension: (Virtual Keyboard) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0
CHR Extension: (Skype Click to Call) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Anti-Banner) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-18] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-05] ()
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [341296 2011-06-21] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3969336 2012-04-05] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe [20480 2009-11-07] (X10)

==================== Drivers (Whitelisted) ====================

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458544 2012-04-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [640344 2012-05-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30000 2012-03-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-05-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [27992 2012-05-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54064 2012-05-12] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [172888 2012-05-24] (Kaspersky Lab)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S1 HWiNFO32; \??\G:\Hwinfo32\HWiNFO64A.SYS [x]
S3 uxddrv; \??\F:\uxddrv64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-21 22:14 - 2013-08-21 22:14 - 00004850 _____ C:\Users\Sandra\Documents\JRT.txt
2013-08-21 22:14 - 2013-08-21 22:13 - 00004850 _____ C:\Users\SanDi\Desktop\JRT.txt
2013-08-21 22:00 - 2013-08-21 22:00 - 00000000 ____D C:\Windows\ERUNT
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:32 - 2013-08-21 21:46 - 00000000 ____D C:\AdwCleaner
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:05 - 2013-08-21 20:05 - 00000000 ____D C:\FRST
2013-08-21 19:42 - 2013-08-21 19:42 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 19:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-15 09:44 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:44 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:44 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:44 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:44 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:44 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:44 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:44 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:44 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:44 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:44 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 09:44 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 16:51 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 16:51 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 16:51 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 16:51 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 16:51 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 16:51 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 16:51 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 16:51 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 16:50 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 16:50 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 16:50 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 16:50 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 16:50 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 16:50 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 16:50 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 16:50 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 16:50 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 16:50 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 16:50 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 16:50 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 16:50 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 16:50 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 16:50 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 16:50 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 16:50 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 16:50 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 16:50 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 21:48 - 2013-08-11 21:48 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-09 13:12 - 2013-08-09 13:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 14:02 - 2013-08-09 20:03 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-08-07 14:02 - 2013-08-09 20:03 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-07-31 14:15 - 2013-08-15 09:37 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 14:56 - 2013-07-29 15:15 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 14:56 - 2013-07-29 15:15 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-28 15:38 - 2013-07-28 15:38 - 00001074 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2013-07-28 15:17 - 2013-07-28 15:17 - 00001409 _____ C:\Users\SanDi\Desktop\Free Audio CD to MP3 Converter.lnk
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls

==================== One Month Modified Files and Folders =======

2013-08-21 22:14 - 2013-08-21 22:14 - 00004850 _____ C:\Users\Sandra\Documents\JRT.txt
2013-08-21 22:14 - 2013-08-21 22:14 - 00004850 _____ C:\Users\Sandra\Documents\JRT.txt
2013-08-21 22:13 - 2013-08-21 22:14 - 00004850 _____ C:\Users\SanDi\Desktop\JRT.txt
2013-08-21 22:00 - 2013-08-21 22:00 - 00000000 ____D C:\Windows\ERUNT
2013-08-21 21:58 - 2011-07-08 21:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-21 21:58 - 2011-07-08 21:01 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-21 21:58 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-21 21:58 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:53 - 2011-10-13 20:25 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Skype
2013-08-21 21:53 - 2011-07-25 11:20 - 00000000 ___RD C:\Users\SanDi\Dropbox
2013-08-21 21:53 - 2011-07-25 11:18 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Dropbox
2013-08-21 21:48 - 2013-07-12 15:32 - 00001884 _____ C:\Windows\PFRO.log
2013-08-21 21:48 - 2013-06-13 07:48 - 00002769 _____ C:\Windows\setupact.log
2013-08-21 21:48 - 2012-03-30 10:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-21 21:48 - 2011-07-08 21:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-21 21:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-21 21:47 - 2011-07-08 20:59 - 01107022 _____ C:\Windows\WindowsUpdate.log
2013-08-21 21:46 - 2013-08-21 21:32 - 00000000 ____D C:\AdwCleaner
2013-08-21 20:46 - 2011-07-08 21:07 - 00000000 ___RD C:\Users\Sandra\Favoriten Internet
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:05 - 2013-08-21 20:05 - 00000000 ____D C:\FRST
2013-08-21 19:42 - 2013-08-21 19:42 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-18 19:38 - 2013-01-11 23:09 - 00000000 ____D C:\ProgramData\fluxDVD
2013-08-15 16:00 - 2012-01-30 16:46 - 00000000 ____D C:\Users\Sandra\Documents\Kontoauszüge Sparkasse Duisburg
2013-08-15 16:00 - 2012-01-30 16:46 - 00000000 ____D C:\Users\Sandra\Documents\Kontoauszüge Sparkasse Duisburg
2013-08-15 15:41 - 2011-11-15 09:38 - 00000000 ____D C:\Users\Sandra\Documents\Outlook-Dateien
2013-08-15 15:41 - 2011-11-15 09:38 - 00000000 ____D C:\Users\Sandra\Documents\Outlook-Dateien
2013-08-15 15:39 - 2012-06-01 17:01 - 00000000 ____D C:\Users\Sandra\Documents\Dirk
2013-08-15 15:39 - 2012-06-01 17:01 - 00000000 ____D C:\Users\Sandra\Documents\Dirk
2013-08-15 09:40 - 2011-04-24 01:02 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-08-15 09:40 - 2011-04-24 01:02 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-08-15 09:40 - 2009-07-14 07:13 - 01520734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 09:37 - 2013-07-31 14:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 08:19 - 2011-04-24 01:44 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 16:38 - 2012-05-28 08:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-13 16:38 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-13 08:07 - 2011-08-26 16:04 - 00118272 ___SH C:\Users\SanDi\Thumbs.db
2013-08-11 21:48 - 2013-08-11 21:48 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-11 21:48 - 2011-10-13 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-11 21:48 - 2011-10-13 20:24 - 00000000 ____D C:\ProgramData\Skype
2013-08-11 21:38 - 2013-06-14 19:41 - 547056337 _____ C:\Windows\MEMORY.DMP
2013-08-09 20:03 - 2013-08-07 14:02 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-08-09 20:03 - 2013-08-07 14:02 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-08-09 13:12 - 2013-08-09 13:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-05 20:03 - 2011-09-29 09:15 - 00000000 ____D C:\Users\Sandra\Documents\Eigene Scans
2013-08-05 20:03 - 2011-09-29 09:15 - 00000000 ____D C:\Users\Sandra\Documents\Eigene Scans
2013-08-01 16:00 - 2011-07-08 21:01 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-31 10:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-29 15:15 - 2013-07-29 14:56 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 15:15 - 2013-07-29 14:56 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-28 15:38 - 2013-07-28 15:38 - 00001074 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2013-07-28 15:38 - 2012-10-14 10:38 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2013-07-28 15:31 - 2012-10-14 11:02 - 00000000 ____D C:\Users\Sandra\Documents\DVDVideoSoft
2013-07-28 15:31 - 2012-10-14 11:02 - 00000000 ____D C:\Users\Sandra\Documents\DVDVideoSoft
2013-07-28 15:17 - 2013-07-28 15:17 - 00001409 _____ C:\Users\SanDi\Desktop\Free Audio CD to MP3 Converter.lnk
2013-07-28 15:17 - 2013-05-05 19:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-28 15:17 - 2012-10-14 10:52 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\DVDVideoSoft
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
2013-07-26 07:13 - 2013-08-15 09:44 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 09:44 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 09:44 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 09:44 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 09:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 09:44 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 09:44 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 09:44 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 09:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 09:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-15 09:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-15 09:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 11:25 - 2013-08-14 16:50 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 16:50 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-27 07:45

==================== End Of Log ============================
--- --- ---

--- --- ---

 

Themen zu Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel
anhang, auswertung, dateien, dienstag, ebenfalls, euro, experten, folgende, gekauft, hinweis, infizierte, interne, konto, logfile, malwarebytes, natürlich, plagegeister, recht, sandra, spielen, spyware, stelle, telekom, termin, zahlen, zugriff


« Habe den Trulauir Virus wie geht der weg | protectedsearch.exe »


Ähnliche Themen: Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel


  1. Windows 7; Malwarebytes findet täglich zw 150 und 200 infizierte Dateien
    Log-Analyse und Auswertung - 26.04.2014 (17)
  2. Malwarebytes Anti-Malware findet infizierte Dateien, was tun?
    Plagegeister aller Art und deren Bekämpfung - 04.02.2014 (9)
  3. Malwarebytes findet Infizierte Dateien/Registrierungsschlüssel/Registrierungswerte/Verzeichnisse!
    Log-Analyse und Auswertung - 28.01.2014 (13)
  4. Malwarebytes Anti-Malware findet 9 infizierte Dateien!Bitte um Hilfe
    Log-Analyse und Auswertung - 04.12.2013 (7)
  5. Malwarebytes findet 6 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 19.11.2013 (7)
  6. Über 300 infizierte Dateien nach Malwarebytes-Scan
    Log-Analyse und Auswertung - 04.11.2013 (20)
  7. Malwarebytes findet über 700 infizierte Objekte!
    Plagegeister aller Art und deren Bekämpfung - 10.10.2013 (9)
  8. Windows7: Malwarebytes findet 8 infizierte Dateien
    Log-Analyse und Auswertung - 19.09.2013 (9)
  9. Malwarebytes findet üb45 40 infizierte Dateien
    Log-Analyse und Auswertung - 05.08.2013 (11)
  10. Malwarebytes findet 18 infizierte Dateien: Pup.VShareRedir - was tun?
    Plagegeister aller Art und deren Bekämpfung - 11.02.2013 (10)
  11. Malwarebytes findet 18 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 21.01.2013 (22)
  12. Brief von der Telekom, Malwarebytes 32 infizierte Dateien, Keine Virussymptome
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (3)
  13. Malwarebytes findet 6 infizierte Objekte und die Telekom will mir den Vertrag kündigen
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (9)
  14. AntiVir findet nichts doch Malwarebytes findet 22 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (21)
  15. malwarebytes findet ucash - infizierte Dateien nicht mehr
    Log-Analyse und Auswertung - 20.07.2012 (3)
  16. Malwarebytes findet 3 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 01.09.2011 (14)
  17. Malwarebytes findet 10 infizierte Dateien!
    Antiviren-, Firewall- und andere Schutzprogramme - 23.05.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel - Rotwerd... Ja ging, weiter im Text.... Hallo Leo, nein, ich bin nicht weggenickt zwischendurch . Hier die drei Logs:AdwCleaner Logfile: Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v3.000 - Report - Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel...
Archiv
Du betrachtest: Malwarebytes findet über 500 infizierte Dateien - Internetschadensfall Telekom Onlinespiel auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131