| |
| |||||||
Log-Analyse und Auswertung: Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.08.2013, 21:21
| #16 |
 |  Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-08-2013 03
Ran by FUJI-PC (administrator) on 27-08-2013 21:52:45
Running from C:\Users\FUJI-PC\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ib\olycamdetect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(EasyBits Software AS) C:\Windows\System32\ezSharedSvcHost.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6266880 2008-07-03] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [x]
HKLM\...\Run: [Olympus ib] - C:\Program Files\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [MDS_Menu] - C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {3a17668a-ec65-11e2-8846-f708c7c1dbde} - D:\LGAutoRun.exe
MountPoints2: {68363262-f366-11df-801c-0019994c5cf7} - E:\SETUP.EXE
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk
ShortcutTarget: OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
ShellExecuteHooks: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default
FF Homepage: http://www.trojaner-board.de/140403-...ml#post1139821
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%0A%20if%20(%20%09url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20)%0A%09return%20'PROXY%20proxy.personalitycores.com%3A8000'%3B%0Areturn%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-hu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\sztaki-en-hu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vatera.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-hu.xml
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
========================== Services (Whitelisted) =================
R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [328536 2011-08-09] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [165984 2008-06-05] (Intel Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S4 oxpar; C:\Windows\system32\drivers\oxpar.sys [80128 2007-01-24] (OEM)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-05] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [x]
S4 oxser; \SystemRoot\system32\drivers\oxser.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-26 20:07 - 2013-08-27 15:33 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-26 20:05 - 2013-08-26 20:05 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\tweaking.com_windows_repair_aio
2013-08-26 18:02 - 2013-08-26 18:02 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\New Folder
2013-08-26 16:09 - 2013-08-26 16:09 - 00003194 ____C C:\Users\FUJI-PC\Desktop\FSS 26.08.2013.txt
2013-08-26 15:50 - 2013-08-26 15:51 - 00003194 ____C C:\Users\FUJI-PC\Desktop\FSS.txt
2013-08-26 15:22 - 2013-08-26 15:22 - 00358507 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FSS.exe
2013-08-26 00:09 - 2013-08-26 00:09 - 00001159 ____C C:\Users\FUJI-PC\Desktop\checkup.txt
2013-08-26 00:03 - 2013-08-26 00:03 - 00891115 ____C C:\Users\FUJI-PC\Desktop\SecurityCheck.exe
2013-08-25 20:55 - 2013-08-25 20:55 - 02347384 ____C (ESET) C:\Users\FUJI-PC\Desktop\esetsmartinstaller_enu.exe
2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:10 - 2013-08-25 15:13 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2013-08-27 15:35 - 00005378 ____C C:\Windows\PFRO.log
2013-08-25 13:21 - 2013-08-25 13:22 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-25 13:21 - 2013-04-04 14:50 - 00022856 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-25 12:44 - 2013-08-26 00:11 - 00025166 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 12:19 - 2013-08-21 12:21 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:25 - 2013-08-27 18:10 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-20 10:17 - 2013-08-20 12:38 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-16 01:04 - 2013-08-27 15:36 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-14 16:51 - 2013-07-25 04:40 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:51 - 2013-07-25 04:32 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:51 - 2013-07-25 04:30 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:51 - 2013-07-25 04:25 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:51 - 2013-07-25 04:24 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:51 - 2013-07-25 04:24 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:51 - 2013-07-25 04:22 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:51 - 2013-07-25 04:22 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:51 - 2013-07-25 04:22 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:57 - 2013-07-17 21:41 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:57 - 2013-07-10 11:47 - 00783360 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:57 - 2013-07-05 06:53 - 00905664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:57 - 2013-06-15 15:22 - 00015872 ____C (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 14:57 - 2013-06-15 13:23 - 00024064 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 14:56 - 2013-07-09 14:10 - 01205168 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:56 - 2013-07-08 06:55 - 03603904 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:56 - 2013-07-08 06:55 - 03551680 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:56 - 2013-07-08 06:20 - 00172544 ____C (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00992768 ____C (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00133120 ____C (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00098304 ____C (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-06 19:52 - 2013-08-14 17:07 - 00000000 ___DC C:\Windows\system32\MRT
==================== One Month Modified Files and Folders =======
2013-08-27 21:52 - 2013-08-27 21:52 - 01072975 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-27 21:42 - 2013-03-14 22:30 - 00000936 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job
2013-08-27 21:42 - 2013-03-14 22:30 - 00000914 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job
2013-08-27 21:41 - 2010-12-28 01:15 - 00001018 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-27 21:35 - 2010-12-28 01:14 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Skype
2013-08-27 21:04 - 2012-09-10 09:27 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-27 21:01 - 2012-07-30 20:05 - 00000288 ____C C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job
2013-08-27 20:10 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-27 20:10 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-27 18:10 - 2013-08-20 10:25 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-27 18:10 - 2009-06-26 03:26 - 01751949 ____C C:\Windows\WindowsUpdate.log
2013-08-27 18:10 - 2006-11-02 13:18 - 00000000 __HDC C:\Windows\tracing
2013-08-27 17:09 - 2009-06-25 19:46 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK
2013-08-27 15:50 - 2009-06-25 19:47 - 00101216 ____C C:\Users\FUJI-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-27 15:44 - 2006-11-02 12:33 - 00797126 ____C C:\Windows\system32\PerfStringBackup.INI
2013-08-27 15:37 - 2011-03-11 12:37 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-27 15:36 - 2013-08-16 01:04 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-27 15:36 - 2010-12-28 01:15 - 00001014 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-27 15:36 - 2006-11-02 15:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-08-27 15:36 - 2006-11-02 14:47 - 00377264 ____C C:\Windows\system32\FNTCACHE.DAT
2013-08-27 15:35 - 2013-08-25 14:37 - 00005378 ____C C:\Windows\PFRO.log
2013-08-27 15:34 - 2006-11-02 15:01 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-27 15:33 - 2013-08-26 20:07 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-26 23:36 - 2011-01-02 18:56 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-26 20:05 - 2013-08-26 20:05 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\tweaking.com_windows_repair_aio
2013-08-26 18:02 - 2013-08-26 18:02 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\New Folder
2013-08-26 16:09 - 2013-08-26 16:09 - 00003194 ____C C:\Users\FUJI-PC\Desktop\FSS 26.08.2013.txt
2013-08-26 15:51 - 2013-08-26 15:50 - 00003194 ____C C:\Users\FUJI-PC\Desktop\FSS.txt
2013-08-26 15:22 - 2013-08-26 15:22 - 00358507 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FSS.exe
2013-08-26 00:11 - 2013-08-25 12:44 - 00025166 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-26 00:09 - 2013-08-26 00:09 - 00001159 ____C C:\Users\FUJI-PC\Desktop\checkup.txt
2013-08-26 00:03 - 2013-08-26 00:03 - 00891115 ____C C:\Users\FUJI-PC\Desktop\SecurityCheck.exe
2013-08-25 20:55 - 2013-08-25 20:55 - 02347384 ____C (ESET) C:\Users\FUJI-PC\Desktop\esetsmartinstaller_enu.exe
2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:13 - 2013-08-25 15:10 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:13 - 2013-04-03 21:37 - 00000000 ___DC C:\ProgramData\Uniblue
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\L2Schemas
2013-08-25 14:25 - 2013-03-17 18:35 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\KastorTubeToMp3
2013-08-25 13:22 - 2013-08-25 13:21 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-24 10:52 - 2013-06-27 19:58 - 00000000 ___DC C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-08-23 12:38 - 2011-11-04 19:12 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\AUTO
2013-08-21 15:36 - 2010-12-28 01:15 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Google
2013-08-21 15:00 - 2010-12-27 21:07 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Mozilla
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 14:35 - 2013-01-09 17:24 - 00000000 ___DC C:\Program Files\A1
2013-08-21 12:21 - 2013-08-21 12:19 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-21 12:05 - 2012-08-16 10:26 - 00692104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 12:05 - 2011-06-25 10:45 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 12:38 - 2013-08-20 10:17 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-18 18:04 - 2012-07-05 15:20 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK\Pályázatok német területre
2013-08-18 14:54 - 2012-10-06 11:05 - 00000000 ___DC C:\Program Files\Common Files\DivX Shared
2013-08-18 14:54 - 2012-10-06 11:04 - 00000000 ___DC C:\Program Files\DivX
2013-08-18 14:54 - 2012-10-06 11:03 - 00000000 ___DC C:\ProgramData\DivX
2013-08-17 16:47 - 2013-03-09 16:42 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\ALBÉRLET_Ligetsor
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-15 20:25 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\Microsoft.NET
2013-08-14 18:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:07 - 2013-08-06 19:52 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-14 17:03 - 2006-11-02 12:24 - 75778376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 17:00 - 2008-04-30 11:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-04 23:38 - 2009-06-25 19:46 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Adobe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-27 15:47
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-08-2013 03 Ran by FUJI-PC at 2013-08-27 21:53:37 Running from C:\Users\FUJI-PC\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0) Adobe Flash Player 11 ActiveX (Version: 11.8.800.94) Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Reader X (10.1.7) (Version: 10.1.7) Adobe Shockwave Player 12.0 (Version: 12.0.2.122) Advanced SystemCare 4 (Version: 4.2.0) Advertising Center (Version: 0.0.0.1) Autodesk Design Review 2013 (Version: 13.0.0.82) Autodesk DWF Viewer (Version: 6.5) Avira Free Antivirus (Version: 13.0.0.3885) CCleaner (Version: 4.03) ClipGrab 3.2.1.0 D3DX10 (Version: 15.4.2368.0902) DivX-Setup (Version: 2.6.1.44) dm FOTO Paradies + CEWE FOTOBUCH (Version: 5.0.1) EasyBits GO Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0) Farming Simulator 2011 (Version: 1.0) Google Earth (Version: 7.1.1.1888) Google Update Helper (Version: 1.3.21.153) Google Video Player HNS SPCea HNSKY 2.3.0N Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2555) Java 7 Update 25 (Version: 7.0.250) Java Auto Updater (Version: 2.1.9.5) Java(TM) 6 Update 26 (Version: 6.0.260) JavaFX 2.1.0 (Version: 2.1.0) Junk Mail filter update (Version: 15.4.3502.0922) LG United Mobile Drivers (Version: 3.6.0.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Mesh Runtime (Version: 15.4.5722.2) Messenger Companion (Version: 15.4.3502.0922) Messenger kísérő (Version: 15.4.3502.0922) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Corporation (Version: 9.1.0.0) Microsoft LifeCam (Version: 3.22.270.0) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel 2007 Help-frissítés (KB963678) Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Groove MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook Connector (Version: 14.0.5118.5000) Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Powerpoint 2007 Help-frissítés (KB963669) Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Word 2007 Help-frissítés (KB963665) Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1) MOTORM4X (Version: 1.0.821.1) Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1) MSVC80_x86_v2 (Version: 1.0.3.0) MSVC90_x86 (Version: 1.0.1.2) MSVCRT (Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0) Nero 9 Essentials Nero ControlCenter (Version: 9.0.0.1) Nero Installer (Version: 4.4.9.0) Nero Online Upgrade (Version: 1.3.0.0) Nero StartSmart (Version: 9.4.12.100) Nero StartSmart OEM (Version: 9.4.10.100) neroxml (Version: 1.0.0) NexStar Observer List Nokia Connectivity Cable Driver (Version: 7.1.101.0) Nokia PC Suite (Version: 7.1.62.1) OLYMPUS Digital Camera Updater (Version: 1.0.1) Olympus ib (Version: 1.3.2207) OLYMPUS Viewer 2 (Version: 1.1.1) OpenAL PC Connectivity Solution (Version: 12.0.76.0) PDFCreator (Version: 1.7.0) Realtek High Definition Audio Driver RegCure Pro (Version: 3.1.6.0) RescuePRO 3.5 Segoe UI (Version: 15.4.2271.0615) Skype Click to Call (Version: 5.6.8442) Skype™ 6.3 (Version: 6.3.107) swMSM (Version: 12.0.0.1) SystemDiagnostics (Version: 2.01.0004) Uninstall 1.0.0.1 Unity Web Player (HKCU Version: ) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0) Visual C++ 9.0 ATL (x86) WinSXS MSM (Version: 9.0) Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0) VLC media player 1.0.5 (Version: 1.0.5) Windows 7 Upgrade Advisor (Version: 2.0.5000.0) Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7) Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9) Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0) Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3555.0308) Windows Live Family Safety (Version: 15.4.3555.0308) Windows Live Fotótár (Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Mail (Version: 15.4.3502.0922) Windows Live Mesh (Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2) Windows Live Messenger (Version: 15.4.3538.0513) Windows Live Messenger Companion Core (Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live Photo Gallery (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) Windows Live Writer (Version: 15.4.3502.0922) Windows Live Writer Resources (Version: 15.4.3502.0922) ==================== Restore Points ========================= 06-08-2013 17:37:42 Windows Update 14-08-2013 14:49:00 Windows Update 26-08-2013 18:57:02 Tweaking.com - Windows Repair 27-08-2013 13:07:21 Tweaking.com - Windows Repair ==================== Hosts content: ========================== 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0A430ED2-218A-4391-AF4E-F7F3A80F9DBA} - System32\Tasks\SBWUpdateTask_Logon_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File Task: {13DF6A5E-DE96-4DF7-9F88-18C3EDD2D0EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {1C3C8F8C-FA3F-4375-90E3-F37E420E604A} - System32\Tasks\{875C5C39-9E6B-4421-BA43-AA3775BC6D08} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.) Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {27387C70-D7FB-4FC3-873A-05FDFCE0416F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {2BC608CA-C7DB-4129-8C18-0EBFF54BB5F8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.) Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {2E509CDE-6129-4AFD-B247-0CADCFDBD5C5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation) Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation) Task: {40271557-01FC-46CE-BE01-5E223CCEB45E} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation) Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {586AEBE5-CC1C-42C7-A615-A17EB2E321C1} - System32\Tasks\HP Photo Creations HPIX DigiPont Messager => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe No File Task: {5ABB2304-5D3F-4087-A934-CF2402557701} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {75AFF32E-D18B-4A33-B370-6680875E94FC} - System32\Tasks\Microsoft\Windows\RestartManager\{480C4FDE-8403-485c-8458-01A5E6FDA060} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {9C207FA1-7195-4D2C-9586-6B74DD9D80C4} - System32\Tasks\VRRIOXEI => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation) Task: {AA59AA4F-EB9E-4511-9449-39A316036422} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.) Task: {B108F19D-30C3-448D-9622-48A688E29BC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.) Task: {BD471436-D935-48B0-81E1-C5E1B54273F9} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - FUJI-PC => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation) Task: {D6AC5649-6CF6-4477-9F3B-022FF74D8A12} - System32\Tasks\Microsoft\Windows\RestartManager\{44CAB43A-C2CA-4b9e-BFEF-C7931531D5C0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {DA2A2822-DB26-472F-88BE-CCB3F49F0344} - System32\Tasks\User_Feed_Synchronization-{1D9FA663-13B6-4F3B-B5F6-AB69105B23A0} => C:\Windows\system32\msfeedssync.exe [2011-04-07] (Microsoft Corporation) Task: {DDD24667-5C12-4758-867D-0B63AC2C4247} - System32\Tasks\{FC29B661-6898-4222-840D-D2064925C6AB} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-08-17] (Mozilla Corporation) Task: {DE3C1C63-4014-4BE9-83FC-FAC45AFC4203} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation) Task: {EA8CF6AB-3D3D-45E9-856C-00E65405E244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.) Task: {F0E872E3-EFC4-4C3C-855D-B96158AB32E9} - System32\Tasks\SBWUpdateTask_Time_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File Task: {FB5A5461-C602-48C7-8209-557730297EAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll Task: C:\Windows\Tasks\VRRIOXEI.job => C:\Windows\system32\mprddmd.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\FUJI-PC\Documents_DOKUK\Sie wurden ausgewählt. Testen Sie das neue Google Maps..eml:OECustomProperty AlternateDataStreams: C:\Users\FUJI-PC\Documents_DOKUK\Zoli jo hatorvos Terminvereinbarung.eml:OECustomProperty ==================== Faulty Device Manager Devices ============= Name: 6TO4 Adapter Description: Microsoft 6to4 Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: 6TO4 Adapter Description: Microsoft 6to4 Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: isatap.{B6736736-1C70-4860-9EEA-C617225A5B79} Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (08/27/2013 03:30:24 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\ISCSIDSC.MFL Error: (08/27/2013 03:30:24 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\ISCSIPRF.MFL Error: (08/27/2013 03:30:24 PM) (Source: WinMgmt) (User: ) Description: 0x80041002C:\WINDOWS\SYSTEM32\WBEM\NL-NL\SERVICEMODEL.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\USERPROFILEWMIPROVIDER.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\TSCFGWMI.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\RSOP.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\VDS.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\VSS.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\WMIPSESS.MFL Error: (08/27/2013 03:30:23 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\WMIPDSKQ.MFL System errors: ============= Error: (08/27/2013 03:45:19 PM) (Source: Service Control Manager) (User: ) Description: Windows Update Error: (08/27/2013 03:42:43 PM) (Source: Service Control Manager) (User: ) Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86 Error: (08/27/2013 03:40:12 PM) (Source: Service Control Manager) (User: ) Description: MSCamSvc Error: (08/27/2013 03:38:52 PM) (Source: Service Control Manager) (User: ) Description: Net.Pipe Listener Adapter%%1053 Error: (08/27/2013 03:38:52 PM) (Source: Service Control Manager) (User: ) Description: 30000Net.Pipe Listener Adapter Error: (08/27/2013 03:38:18 PM) (Source: Service Control Manager) (User: ) Description: Windows Search%%1053 Error: (08/27/2013 03:38:18 PM) (Source: Service Control Manager) (User: ) Description: 30000Windows Search Error: (08/27/2013 03:37:58 PM) (Source: Service Control Manager) (User: ) Description: Net.Tcp Listener AdapterNet.Tcp Port Sharing Service%%1058 Error: (08/27/2013 03:37:58 PM) (Source: Service Control Manager) (User: ) Description: Net.Msmq Listener Adaptermsmq Error: (08/27/2013 02:09:27 PM) (Source: Service Control Manager) (User: ) Description: MSCamSvc Microsoft Office Sessions: ========================= Error: (03/12/2012 00:35:17 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-07-02 19:51:23.955 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.721 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.471 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.237 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.003 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:22.754 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:38.327 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:37.988 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:37.601 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:37.224 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 56% Total physical RAM: 1947.51 MB Available physical RAM: 849.54 MB Total Pagefile: 4142.04 MB Available Pagefile: 2607.03 MB Total Virtual: 2047.88 MB Available Virtual: 1919.12 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:147.04 GB) (Free:62.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 7AB852FC) Partition 1: (Not Active) - (Size=2 GB) - (Type=27) Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Farbar Service Scanner Version: 18-08-2013
Ran by FUJI-PC (administrator) on 27-08-2013 at 21:57:33
Running from "C:\Users\FUJI-PC\Desktop"
Microsoft® Windows Vista™ Business Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-14 14:57] - [2013-07-05 06:53] - 0905664 ___AC (Microsoft Corporation) D18D53974FD715D50FC76F9FFE1C830D
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-08-14 14:56] - [2013-07-08 06:16] - 0133120 ___AC (Microsoft Corporation) 684C130BBC6DB681BAD4920A4C944AA5
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
Momentan ist es so, dass ich nicht auf die Homepage: ihavanet.com umgleitet werde. Sollte ich noch etwas machen? Schönen Abend, Valeria |
|
28.08.2013, 08:25
| #17 |
| /// the machine /// TB-Ausbilder    | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. http://download.bleepingcomputer.com...sta/wscsvc.reg
__________________auf dem Desktop speichern udn ausführen, erlauben. Reboot und frisches FSS bitte.
__________________ |
|
28.08.2013, 14:45
| #18 |
| | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.Code:
ATTFilter Farbar Service Scanner Version: 18-08-2013
Ran by FUJI-PC (administrator) on 28-08-2013 at 15:44:05
Running from "C:\Users\FUJI-PC\Desktop"
Microsoft® Windows Vista™ Business Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-14 14:57] - [2013-07-05 06:53] - 0905664 ___AC (Microsoft Corporation) D18D53974FD715D50FC76F9FFE1C830D
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-08-14 14:56] - [2013-07-08 06:16] - 0133120 ___AC (Microsoft Corporation) 684C130BBC6DB681BAD4920A4C944AA5
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
28.08.2013, 17:07
| #19 |
| /// the machine /// TB-Ausbilder | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Bitte nochmal Windows All in One repair laufen lassen, beim letzten fenster alle Kästchen anhaken. Wenn das nicht klappt brauchen wir die Win DVD.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.08.2013, 20:00
| #20 |
| | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Hallo schrauber, Das Win All-in-One Programm ist ohne Problem gelaufen. Aber das ihavenet.com hat sich nach einer Weile wieder gemeldet... Unser Win Vista war schon auf dem Computer vorinstalliert, also ich habe keine DVD dazu. LG, Valeria |
|
29.08.2013, 04:33
| #21 |
| /// the machine /// TB-Ausbilder | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. frisches FSS und FRST log bitte.
__________________ --> Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. |
|
29.08.2013, 14:48
| #22 |
| | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-08-2013 03
Ran by FUJI-PC (administrator) on 29-08-2013 15:43:51
Running from C:\Users\FUJI-PC\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ib\olycamdetect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(EasyBits Software AS) C:\Windows\System32\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6266880 2008-07-03] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [x]
HKLM\...\Run: [Olympus ib] - C:\Program Files\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [MDS_Menu] - C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {3a17668a-ec65-11e2-8846-f708c7c1dbde} - D:\LGAutoRun.exe
MountPoints2: {68363262-f366-11df-801c-0019994c5cf7} - E:\SETUP.EXE
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk
ShortcutTarget: OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
ShellExecuteHooks: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default
FF Homepage: http://www.trojaner-board.de/140403-...ml#post1139821
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%0A%20if%20(%20%09url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20)%0A%09return%20'PROXY%20proxy.personalitycores.com%3A8000'%3B%0Areturn%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-hu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\sztaki-en-hu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vatera.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-hu.xml
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
========================== Services (Whitelisted) =================
R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [328536 2011-08-09] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [165984 2008-06-05] (Intel Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S4 oxpar; C:\Windows\system32\drivers\oxpar.sys [80128 2007-01-24] (OEM)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-05] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [x]
S4 oxser; \SystemRoot\system32\drivers\oxser.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-28 16:01 - 2013-08-02 06:09 - 01548288 ____C (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-28 15:35 - 2013-08-28 15:35 - 00005256 ____C C:\Users\FUJI-PC\Desktop\wscsvc.reg
2013-08-27 21:52 - 2013-08-27 21:52 - 01072975 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-26 20:07 - 2013-08-28 19:37 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-26 20:05 - 2013-08-26 20:05 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\tweaking.com_windows_repair_aio
2013-08-26 18:02 - 2013-08-26 18:02 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\New Folder
2013-08-26 16:09 - 2013-08-26 16:09 - 00003194 ____C C:\Users\FUJI-PC\Desktop\FSS 26.08.2013.txt
2013-08-26 15:50 - 2013-08-28 15:44 - 00003411 ____C C:\Users\FUJI-PC\Desktop\FSS.txt
2013-08-26 15:22 - 2013-08-26 15:22 - 00358507 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FSS.exe
2013-08-26 00:09 - 2013-08-26 00:09 - 00001159 ____C C:\Users\FUJI-PC\Desktop\checkup.txt
2013-08-26 00:03 - 2013-08-26 00:03 - 00891115 ____C C:\Users\FUJI-PC\Desktop\SecurityCheck.exe
2013-08-25 20:55 - 2013-08-25 20:55 - 02347384 ____C (ESET) C:\Users\FUJI-PC\Desktop\esetsmartinstaller_enu.exe
2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:10 - 2013-08-25 15:13 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2013-08-28 19:44 - 00005730 ____C C:\Windows\PFRO.log
2013-08-25 13:21 - 2013-08-25 13:22 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-25 13:21 - 2013-04-04 14:50 - 00022856 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-25 12:44 - 2013-08-27 21:54 - 00024545 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 12:19 - 2013-08-21 12:21 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:25 - 2013-08-28 18:18 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-20 10:17 - 2013-08-20 12:38 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-16 01:04 - 2013-08-29 14:00 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-14 16:51 - 2013-07-25 04:40 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:51 - 2013-07-25 04:32 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:51 - 2013-07-25 04:30 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:51 - 2013-07-25 04:25 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:51 - 2013-07-25 04:24 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:51 - 2013-07-25 04:24 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:51 - 2013-07-25 04:22 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:51 - 2013-07-25 04:22 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:51 - 2013-07-25 04:22 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:57 - 2013-07-17 21:41 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:57 - 2013-07-10 11:47 - 00783360 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:57 - 2013-07-05 06:53 - 00905664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:57 - 2013-06-15 15:22 - 00015872 ____C (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 14:57 - 2013-06-15 13:23 - 00024064 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 14:56 - 2013-07-09 14:10 - 01205168 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:56 - 2013-07-08 06:55 - 03603904 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:56 - 2013-07-08 06:55 - 03551680 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:56 - 2013-07-08 06:20 - 00172544 ____C (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00992768 ____C (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00133120 ____C (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00098304 ____C (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-06 19:52 - 2013-08-14 17:07 - 00000000 ___DC C:\Windows\system32\MRT
==================== One Month Modified Files and Folders =======
2013-08-29 15:42 - 2013-03-14 22:30 - 00000936 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job
2013-08-29 15:41 - 2010-12-28 01:15 - 00001018 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-29 15:41 - 2010-12-28 01:14 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Skype
2013-08-29 15:04 - 2012-09-10 09:27 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 15:04 - 2009-06-26 03:26 - 01929382 ____C C:\Windows\WindowsUpdate.log
2013-08-29 15:00 - 2012-07-30 20:05 - 00000288 ____C C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job
2013-08-29 14:40 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\tracing
2013-08-29 14:05 - 2006-11-02 12:33 - 00797126 ____C C:\Windows\system32\PerfStringBackup.INI
2013-08-29 14:00 - 2013-08-16 01:04 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-29 14:00 - 2011-03-11 12:37 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-29 14:00 - 2010-12-28 01:15 - 00001014 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-29 14:00 - 2006-11-02 15:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-08-29 14:00 - 2006-11-02 14:47 - 00003216 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 14:00 - 2006-11-02 14:47 - 00003216 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-28 22:23 - 2006-11-02 15:01 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-28 22:22 - 2013-03-14 22:30 - 00000914 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job
2013-08-28 19:45 - 2006-11-02 14:47 - 00377264 ____C C:\Windows\system32\FNTCACHE.DAT
2013-08-28 19:44 - 2013-08-25 14:37 - 00005730 ____C C:\Windows\PFRO.log
2013-08-28 19:37 - 2013-08-26 20:07 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-28 19:35 - 2009-06-25 19:47 - 00101216 ____C C:\Users\FUJI-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-28 18:18 - 2013-08-20 10:25 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-28 15:44 - 2013-08-26 15:50 - 00003411 ____C C:\Users\FUJI-PC\Desktop\FSS.txt
2013-08-28 15:35 - 2013-08-28 15:35 - 00005256 ____C C:\Users\FUJI-PC\Desktop\wscsvc.reg
2013-08-27 21:54 - 2013-08-25 12:44 - 00024545 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-27 21:52 - 2013-08-27 21:52 - 01072975 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-27 17:09 - 2009-06-25 19:46 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK
2013-08-26 23:36 - 2011-01-02 18:56 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-26 20:05 - 2013-08-26 20:05 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\tweaking.com_windows_repair_aio
2013-08-26 18:02 - 2013-08-26 18:02 - 00000000 ___DC C:\Users\FUJI-PC\Desktop\New Folder
2013-08-26 16:09 - 2013-08-26 16:09 - 00003194 ____C C:\Users\FUJI-PC\Desktop\FSS 26.08.2013.txt
2013-08-26 15:22 - 2013-08-26 15:22 - 00358507 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FSS.exe
2013-08-26 00:09 - 2013-08-26 00:09 - 00001159 ____C C:\Users\FUJI-PC\Desktop\checkup.txt
2013-08-26 00:03 - 2013-08-26 00:03 - 00891115 ____C C:\Users\FUJI-PC\Desktop\SecurityCheck.exe
2013-08-25 20:55 - 2013-08-25 20:55 - 02347384 ____C (ESET) C:\Users\FUJI-PC\Desktop\esetsmartinstaller_enu.exe
2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:13 - 2013-08-25 15:10 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:13 - 2013-04-03 21:37 - 00000000 ___DC C:\ProgramData\Uniblue
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\L2Schemas
2013-08-25 14:25 - 2013-03-17 18:35 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\KastorTubeToMp3
2013-08-25 13:22 - 2013-08-25 13:21 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-24 10:52 - 2013-06-27 19:58 - 00000000 ___DC C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-08-23 12:38 - 2011-11-04 19:12 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\AUTO
2013-08-21 15:36 - 2010-12-28 01:15 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Google
2013-08-21 15:00 - 2010-12-27 21:07 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Mozilla
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 14:35 - 2013-01-09 17:24 - 00000000 ___DC C:\Program Files\A1
2013-08-21 12:21 - 2013-08-21 12:19 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-21 12:05 - 2012-08-16 10:26 - 00692104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 12:05 - 2011-06-25 10:45 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 12:38 - 2013-08-20 10:17 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-18 18:04 - 2012-07-05 15:20 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK\Pályázatok német területre
2013-08-18 14:54 - 2012-10-06 11:05 - 00000000 ___DC C:\Program Files\Common Files\DivX Shared
2013-08-18 14:54 - 2012-10-06 11:04 - 00000000 ___DC C:\Program Files\DivX
2013-08-18 14:54 - 2012-10-06 11:03 - 00000000 ___DC C:\ProgramData\DivX
2013-08-17 16:47 - 2013-03-09 16:42 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\ALBÉRLET_Ligetsor
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-15 20:25 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\Microsoft.NET
2013-08-14 18:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:07 - 2013-08-06 19:52 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-14 17:03 - 2006-11-02 12:24 - 75778376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 17:00 - 2008-04-30 11:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-04 23:38 - 2009-06-25 19:46 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Adobe
2013-08-02 06:09 - 2013-08-28 16:01 - 01548288 ____C (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-29 14:08
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-08-2013 03 Ran by FUJI-PC at 2013-08-29 15:45:29 Running from C:\Users\FUJI-PC\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) Activation Assistant for the 2007 Microsoft Office suites Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0) Adobe Flash Player 11 ActiveX (Version: 11.8.800.94) Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Reader X (10.1.7) (Version: 10.1.7) Adobe Shockwave Player 12.0 (Version: 12.0.2.122) Advanced SystemCare 4 (Version: 4.2.0) Advertising Center (Version: 0.0.0.1) Autodesk Design Review 2013 (Version: 13.0.0.82) Autodesk DWF Viewer (Version: 6.5) Avira Free Antivirus (Version: 13.0.0.3885) CCleaner (Version: 4.03) ClipGrab 3.2.1.0 D3DX10 (Version: 15.4.2368.0902) DivX-Setup (Version: 2.6.1.44) dm FOTO Paradies + CEWE FOTOBUCH (Version: 5.0.1) EasyBits GO Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0) Farming Simulator 2011 (Version: 1.0) Google Earth (Version: 7.1.1.1888) Google Update Helper (Version: 1.3.21.153) Google Video Player HNS SPCea HNSKY 2.3.0N Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2555) Java 7 Update 25 (Version: 7.0.250) Java Auto Updater (Version: 2.1.9.5) Java(TM) 6 Update 26 (Version: 6.0.260) JavaFX 2.1.0 (Version: 2.1.0) Junk Mail filter update (Version: 15.4.3502.0922) LG United Mobile Drivers (Version: 3.6.0.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Mesh Runtime (Version: 15.4.5722.2) Messenger Companion (Version: 15.4.3502.0922) Messenger kísérő (Version: 15.4.3502.0922) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Corporation (Version: 9.1.0.0) Microsoft LifeCam (Version: 3.22.270.0) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel 2007 Help-frissítés (KB963678) Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Groove MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook Connector (Version: 14.0.5118.5000) Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Powerpoint 2007 Help-frissítés (KB963669) Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Office Word 2007 Help-frissítés (KB963665) Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1) MOTORM4X (Version: 1.0.821.1) Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1) MSVC80_x86_v2 (Version: 1.0.3.0) MSVC90_x86 (Version: 1.0.1.2) MSVCRT (Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0) Nero 9 Essentials Nero ControlCenter (Version: 9.0.0.1) Nero Installer (Version: 4.4.9.0) Nero Online Upgrade (Version: 1.3.0.0) Nero StartSmart (Version: 9.4.12.100) Nero StartSmart OEM (Version: 9.4.10.100) neroxml (Version: 1.0.0) NexStar Observer List Nokia Connectivity Cable Driver (Version: 7.1.101.0) Nokia PC Suite (Version: 7.1.62.1) OLYMPUS Digital Camera Updater (Version: 1.0.1) Olympus ib (Version: 1.3.2207) OLYMPUS Viewer 2 (Version: 1.1.1) OpenAL PC Connectivity Solution (Version: 12.0.76.0) PDFCreator (Version: 1.7.0) Realtek High Definition Audio Driver RegCure Pro (Version: 3.1.6.0) RescuePRO 3.5 Segoe UI (Version: 15.4.2271.0615) Skype Click to Call (Version: 5.6.8442) Skype™ 6.3 (Version: 6.3.107) swMSM (Version: 12.0.0.1) SystemDiagnostics (Version: 2.01.0004) Uninstall 1.0.0.1 Unity Web Player (HKCU Version: ) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0) Visual C++ 9.0 ATL (x86) WinSXS MSM (Version: 9.0) Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0) VLC media player 1.0.5 (Version: 1.0.5) Windows 7 Upgrade Advisor (Version: 2.0.5000.0) Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7) Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9) Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0) Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3555.0308) Windows Live Family Safety (Version: 15.4.3555.0308) Windows Live Fotótár (Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Mail (Version: 15.4.3502.0922) Windows Live Mesh (Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2) Windows Live Messenger (Version: 15.4.3538.0513) Windows Live Messenger Companion Core (Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live Photo Gallery (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) Windows Live Writer (Version: 15.4.3502.0922) Windows Live Writer Resources (Version: 15.4.3502.0922) ==================== Restore Points ========================= 14-08-2013 14:49:00 Windows Update 26-08-2013 18:57:02 Tweaking.com - Windows Repair 27-08-2013 13:07:21 Tweaking.com - Windows Repair 28-08-2013 14:43:21 Windows Update 28-08-2013 17:05:33 Tweaking.com - Windows Repair ==================== Hosts content: ========================== 2006-11-02 12:23 - 2013-08-28 19:31 - 00000855 ___AC C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0A430ED2-218A-4391-AF4E-F7F3A80F9DBA} - System32\Tasks\SBWUpdateTask_Logon_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File Task: {0E51F4DD-85B5-4E0A-B8B8-3E2DEB64C1E3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - FUJI-PC => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation) Task: {13DF6A5E-DE96-4DF7-9F88-18C3EDD2D0EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {1C3C8F8C-FA3F-4375-90E3-F37E420E604A} - System32\Tasks\{875C5C39-9E6B-4421-BA43-AA3775BC6D08} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.) Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {27387C70-D7FB-4FC3-873A-05FDFCE0416F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {2BC608CA-C7DB-4129-8C18-0EBFF54BB5F8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.) Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {2E509CDE-6129-4AFD-B247-0CADCFDBD5C5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation) Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation) Task: {40271557-01FC-46CE-BE01-5E223CCEB45E} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation) Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {586AEBE5-CC1C-42C7-A615-A17EB2E321C1} - System32\Tasks\HP Photo Creations HPIX DigiPont Messager => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe No File Task: {5ABB2304-5D3F-4087-A934-CF2402557701} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {75AFF32E-D18B-4A33-B370-6680875E94FC} - System32\Tasks\Microsoft\Windows\RestartManager\{480C4FDE-8403-485c-8458-01A5E6FDA060} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {9C207FA1-7195-4D2C-9586-6B74DD9D80C4} - System32\Tasks\VRRIOXEI => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation) Task: {AA59AA4F-EB9E-4511-9449-39A316036422} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.) Task: {B108F19D-30C3-448D-9622-48A688E29BC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.) Task: {D6AC5649-6CF6-4477-9F3B-022FF74D8A12} - System32\Tasks\Microsoft\Windows\RestartManager\{44CAB43A-C2CA-4b9e-BFEF-C7931531D5C0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {DA2A2822-DB26-472F-88BE-CCB3F49F0344} - System32\Tasks\User_Feed_Synchronization-{1D9FA663-13B6-4F3B-B5F6-AB69105B23A0} => C:\Windows\system32\msfeedssync.exe [2011-04-07] (Microsoft Corporation) Task: {DDD24667-5C12-4758-867D-0B63AC2C4247} - System32\Tasks\{FC29B661-6898-4222-840D-D2064925C6AB} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-08-17] (Mozilla Corporation) Task: {DE3C1C63-4014-4BE9-83FC-FAC45AFC4203} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation) Task: {EA8CF6AB-3D3D-45E9-856C-00E65405E244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.) Task: {F0E872E3-EFC4-4C3C-855D-B96158AB32E9} - System32\Tasks\SBWUpdateTask_Time_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File Task: {FB5A5461-C602-48C7-8209-557730297EAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll Task: C:\Windows\Tasks\VRRIOXEI.job => C:\Windows\system32\mprddmd.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\FUJI-PC\Documents_DOKUK\Sie wurden ausgewählt. Testen Sie das neue Google Maps..eml:OECustomProperty AlternateDataStreams: C:\Users\FUJI-PC\Documents_DOKUK\Zoli jo hatorvos Terminvereinbarung.eml:OECustomProperty ==================== Faulty Device Manager Devices ============= Name: 6TO4 Adapter Description: Microsoft 6to4 Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: 6TO4 Adapter Description: Microsoft 6to4 Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: isatap.{B6736736-1C70-4860-9EEA-C617225A5B79} Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (08/28/2013 07:29:54 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\ISCSIDSC.MFL Error: (08/28/2013 07:29:54 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\ISCSIPRF.MFL Error: (08/28/2013 07:29:54 PM) (Source: WinMgmt) (User: ) Description: 0x80041002C:\WINDOWS\SYSTEM32\WBEM\NL-NL\SERVICEMODEL.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\USERPROFILEWMIPROVIDER.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\TSCFGWMI.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\RSOP.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\VDS.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\VSS.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\WMIPSESS.MFL Error: (08/28/2013 07:29:53 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\NL-NL\WMIPDSKQ.MFL System errors: ============= Error: (08/29/2013 02:54:00 PM) (Source: Service Control Manager) (User: ) Description: 30000Wlansvc Error: (08/29/2013 02:02:59 PM) (Source: Service Control Manager) (User: ) Description: MSCamSvc Error: (08/29/2013 02:01:52 PM) (Source: Service Control Manager) (User: ) Description: Net.Tcp Listener AdapterNet.Tcp Port Sharing Service%%1058 Error: (08/29/2013 02:01:52 PM) (Source: Service Control Manager) (User: ) Description: Net.Msmq Listener Adaptermsmq Error: (08/28/2013 10:22:44 PM) (Source: Service Control Manager) (User: ) Description: 30000Netman Error: (08/28/2013 07:49:10 PM) (Source: Service Control Manager) (User: ) Description: MSCamSvc Error: (08/28/2013 07:46:31 PM) (Source: Service Control Manager) (User: ) Description: Net.Pipe Listener Adapter%%1053 Error: (08/28/2013 07:46:31 PM) (Source: Service Control Manager) (User: ) Description: 30000Net.Pipe Listener Adapter Error: (08/28/2013 07:46:05 PM) (Source: Service Control Manager) (User: ) Description: Net.Tcp Listener AdapterNet.Tcp Port Sharing Service%%1058 Error: (08/28/2013 07:46:05 PM) (Source: Service Control Manager) (User: ) Description: Net.Msmq Listener Adaptermsmq Microsoft Office Sessions: ========================= Error: (03/12/2012 00:35:17 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-07-02 19:51:23.955 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.721 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.471 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.237 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:23.003 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:51:22.754 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:38.327 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:37.988 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:37.601 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-02 19:35:37.224 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 47% Total physical RAM: 1947.51 MB Available physical RAM: 1028.41 MB Total Pagefile: 4142.04 MB Available Pagefile: 2870.3 MB Total Virtual: 2047.88 MB Available Virtual: 1919.12 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:147.04 GB) (Free:61.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 7AB852FC) Partition 1: (Not Active) - (Size=2 GB) - (Type=27) Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Farbar Service Scanner Version: 18-08-2013
Ran by FUJI-PC (administrator) on 29-08-2013 at 15:48:04
Running from "C:\Users\FUJI-PC\Desktop"
Microsoft® Windows Vista™ Business Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-14 14:57] - [2013-07-05 06:53] - 0905664 ___AC (Microsoft Corporation) D18D53974FD715D50FC76F9FFE1C830D
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-08-14 14:56] - [2013-07-08 06:16] - 0133120 ___AC (Microsoft Corporation) 684C130BBC6DB681BAD4920A4C944AA5
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
29.08.2013, 17:47
| #23 |
| /// the machine /// TB-Ausbilder | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Kannste eine Vista Scheibe organisieren? Wir müssen was reparieren.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2013, 13:40
| #24 |
| | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Hallo schrauber, Ist es genügend, wenn ich ein neues Vista Business OEM-Version kaufe? Mfg, Valeria |
|
31.08.2013, 14:31
| #25 |
| /// the machine /// TB-Ausbilder | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Fraglich ob man damit reparieren kann oder nur neu installieren 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2013, 11:08
| #26 |
| | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Hallo, mir ist noch folgenses eingefallen: Reicht es wenn man Mozilla neu installiert, sollte ich es eventuell ausprobieren? Bzw. Wie ich merke, ist nur der MOZILLA Browser ist von ihavenet.com befallen, wenn ich also nur noch den Explorer-Browser benutze, tritt das Problem dann dort auch nach einer Zeit auf? Danke und schönes Wochenende, Valeria |
|
01.09.2013, 13:13
| #27 |
| /// the machine /// TB-Ausbilder | Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. Klar, versuch es. Ändert aber nix an den defekten Diensten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. |
| beseitigen, entferne, entfernen, ihavenet virus, ihavenet.com, ihavenet.com virus, infiziert, infiziert., internet, pup.optional.babylon.a, pup.optional.defaulttab, pup.optional.delta.a, pup.optional.opencandy, service, service pack 2, spyhunter, spyhunter entfernen, vista, vom pc entfernen, woche |
Linear-Darstellung
