| |
| |||||||
Log-Analyse und Auswertung: Windows 8: Internet Explorer öffnet "www_getwindowinfo/"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.09.2013, 15:26
| #1 |
 |  Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Hallo, Ich habe folgendes problem. Seit einer ganzen Weile ist es nun so, dass sich der internet explorer immer einfach öffnet und die seite www_getwindowinfo/ anzeigt. wenn ich diesen schließe, öffnet sich die seite einfach wieder. Da mein standartbrowser chrome ist vermute ich nun, dass ich einen virus habe. Habe jetzt Malwarebytes und SUPERAntiSpyware drüber laufen lassen, da mein kaspersky nichts findet. beide haben tracking cookies gefunden, superantispyware zeigt sogar einen trojaner an, bevor der scan abgeschlossen ist stüzt gedoch der pc ab (bluescreen) somit kann ich diesen nicht entfernen. Nun folgen meine logfiles: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.06.01 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 *** :: *** [Administrator] Schutz: Aktiviert 06.09.2013 04:33:24 mbam-log-2013-09-06 (04-33-24).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 226862 Laufzeit: 13 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (PUP.Optional.Wajam.A) -> 2200 -> Löschen bei Neustart. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 19 HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\wajam.WajamBHO.1 (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\wajam.WajamBHO (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{77BEC163-D389-42c1-91A4-C758846296A5} (PUP.Optional.VideoDownloader.A) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{77BEC163-D389-42c1-91A4-C758846296A5} (PUP.Optional.VideoDownloader.A) -> Daten: C:\Program Files\Video downloader\Firefox -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0L1N1H2O1S -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 16 C:\Users\***\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\Iminent\Mediator (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Löschen bei Neustart. C:\Program Files (x86)\Wajam\Firefox (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\IE (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Löschen bei Neustart. C:\Users\***\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\mt_ffx\mixidj (PUP.Optional.MixiDJ.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\mt_ffx\mixidj\mixidj (PUP.Optional.MixiDJ.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\mt_ffx\mixidj\mixidj\1.8.4.1 (PUP.Optional.MixiDJ.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 51 C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (PUP.Optional.Wajam.A) -> Löschen bei Neustart. C:\Program Files (x86)\Wajam\IE\priam_bho.dll (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe (PUP.Optional.LyricsAd) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\MyBabylonTB_google_20120807.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\OptimizerPro_20130711.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\Tsu6F01B794.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\Updater.exe (PUP.Optional.Amonetize) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\UpdUninstall.exe (PUP.Optional.Amonetize) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\wajam_install.exe (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$R1TC3HI.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$R3TBJA7.exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RDUIEIM.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RKF02NT.exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RQZK4IC.exe (PUP.Optional.Topmedia) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RTEKH6P.exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RTRLI6B.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RVOQORP.exe (PUP.Optional.Bundlore) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RWJX7CO.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\$Recycle.Bin\S-1-5-21-15971856-2605629271-4000343970-1001\$RXKEDX7.exe (PUP.Optional.Bandoo) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\605E5117-BAB0-7891-911B-12BA70FE533F\Latest\MyBabylonTB.exe (PUP.Optional.MixiDJ.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\605E5117-BAB0-7891-911B-12BA70FE533F\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\87403F5F-BAB0-7891-9439-C64AF6198510\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\87403F5F-BAB0-7891-9439-C64AF6198510\Latest\ccp.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\87403F5F-BAB0-7891-9439-C64AF6198510\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\87403F5F-BAB0-7891-9439-C64AF6198510\Latest\NTRedirect.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\87403F5F-BAB0-7891-9439-C64AF6198510\Latest\Setup.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\D3379125-BAB0-7891-AC84-CCAC829CB24A\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\D3379125-BAB0-7891-AC84-CCAC829CB24A\Latest\ccp.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\D3379125-BAB0-7891-AC84-CCAC829CB24A\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\DB0BFA6C-BAB0-7891-9B35-DE9BB24E8578\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\f3903a8feb69f9dbc31157fca6266fec\OptimizerPro_20130711.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\f3903a8feb69f9dbc31157fca6266fec_\OptimizerPro_20130711.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\is357113909\PlusHd_DE.exe (Adware.Packed.Ranver) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\Stub\-295231923\cr.exe (Adware.Packed.Ranver) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\upd17BD\BabMaint.x (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\{51751F71-4096-4C8F-AE64-08B48A963D87}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\{51751F71-4096-4C8F-AE64-08B48A963D87}\Addons\assistant_v3.exe (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Local\Temp\{51751F71-4096-4C8F-AE64-08B48A963D87}\Addons\OptimizerProInstaller.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\AppData\Roaming\Iminent\Mediator\Datas\user.dat (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\uninstall.exe (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\IE\favicon.ico (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\IE\wajamLogo.bmp (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Wajam\Updater\update.exe (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter 2013/09/07 03:35:37 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50098, Process: chrome.exe)
2013/09/07 03:35:38 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50099, Process: chrome.exe)
2013/09/07 03:35:38 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50100, Process: chrome.exe)
2013/09/07 03:35:38 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50101, Process: chrome.exe)
2013/09/07 03:35:38 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50102, Process: chrome.exe)
2013/09/07 03:36:27 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50115, Process: chrome.exe)
2013/09/07 03:36:27 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50116, Process: chrome.exe)
2013/09/07 03:36:27 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50128, Process: chrome.exe)
2013/09/07 03:36:27 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50129, Process: chrome.exe)
2013/09/07 03:36:59 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50142, Process: chrome.exe)
2013/09/07 03:40:45 +0200 *** *** IP-BLOCK 78.140.143.46 (Type: outgoing, Port: 50294, Process: chrome.exe)
2013/09/07 03:40:45 +0200 *** *** IP-BLOCK 78.140.143.46 (Type: outgoing, Port: 50296, Process: chrome.exe)
2013/09/07 03:40:45 +0200 *** *** IP-BLOCK 78.140.143.46 (Type: outgoing, Port: 50298, Process: chrome.exe)
2013/09/07 03:55:04 +0200 *** (null) MESSAGE Starting protection
2013/09/07 03:55:04 +0200 *** (null) MESSAGE Protection started successfully
2013/09/07 03:55:04 +0200 *** (null) MESSAGE Starting IP protection
2013/09/07 03:55:06 +0200 *** (null) MESSAGE IP Protection started successfully
2013/09/07 11:41:03 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50756, Process: chrome.exe)
2013/09/07 11:41:03 +0200 *** *** IP-BLOCK 91.202.63.160 (Type: outgoing, Port: 50757, Process: chrome.exe)
2013/09/07 13:28:39 +0200 *** *** MESSAGE Executing scheduled update: Daily
2013/09/07 13:30:04 +0200 *** *** MESSAGE Scheduled update executed successfully: database updated from version v2013.09.06.04 to version v2013.09.07.02
2013/09/07 13:30:04 +0200 *** *** MESSAGE Starting database refresh
2013/09/07 13:30:04 +0200 *** *** MESSAGE Stopping IP protection
2013/09/07 13:30:08 +0200 *** *** MESSAGE IP Protection stopped successfully
2013/09/07 13:30:41 +0200 *** *** MESSAGE Database refreshed successfully
2013/09/07 13:30:41 +0200 *** *** MESSAGE Starting IP protection
2013/09/07 13:30:46 +0200 *** *** MESSAGE IP Protection started successfully
2013/09/07 15:57:51 +0200 *** *** MESSAGE Starting protection
2013/09/07 15:57:51 +0200 *** *** MESSAGE Protection started successfully
2013/09/07 15:57:51 +0200 *** *** MESSAGE Starting IP protection
2013/09/07 15:57:54 +0200 *** *** MESSAGE IP Protection started successfully
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.06.01 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 *** :: *** [Administrator] Schutz: Aktiviert 06.09.2013 04:56:10 mbam-log-2013-09-06 (04-56-10).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 225587 Laufzeit: 7 Minute(n), 45 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.06.04 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 *** :: *** [Administrator] Schutz: Aktiviert 07.09.2013 13:23:39 mbam-log-2013-09-07 (13-23-39).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 496831 Laufzeit: 2 Stunde(n), 24 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\***\Downloads\Neuer Ordner\PhotoScape_V3.6.3.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter 2013/09/06 04:32:13 +0200 *** *** MESSAGE Starting protection
2013/09/06 04:32:13 +0200 *** *** MESSAGE Protection started successfully
2013/09/06 04:32:13 +0200 *** *** MESSAGE Starting IP protection
2013/09/06 04:32:30 +0200 *** *** MESSAGE IP Protection started successfully
2013/09/06 04:32:52 +0200 *** *** MESSAGE Starting database refresh
2013/09/06 04:32:52 +0200 *** *** MESSAGE Stopping IP protection
2013/09/06 04:32:54 +0200 *** *** MESSAGE IP Protection stopped successfully
2013/09/06 04:32:59 +0200 *** *** MESSAGE Database refreshed successfully
2013/09/06 04:32:59 +0200 *** *** MESSAGE Starting IP protection
2013/09/06 04:33:03 +0200 *** *** MESSAGE IP Protection started successfully
2013/09/06 04:52:19 +0200 *** (null) MESSAGE Starting protection
2013/09/06 04:52:20 +0200 *** (null) MESSAGE Protection started successfully
2013/09/06 04:52:20 +0200 *** (null) MESSAGE Starting IP protection
2013/09/06 04:52:22 +0200 *** *** MESSAGE IP Protection started successfully
2013/09/06 06:41:48 +0200 *** (null) MESSAGE Starting protection
2013/09/06 06:41:48 +0200 *** (null) MESSAGE Protection started successfully
2013/09/06 06:41:48 +0200 *** (null) MESSAGE Starting IP protection
2013/09/06 06:41:54 +0200 *** *** MESSAGE IP Protection started successfully
2013/09/06 06:57:20 +0200 *** (null) MESSAGE Starting protection
2013/09/06 06:57:20 +0200 *** (null) MESSAGE Protection started successfully
2013/09/06 06:57:20 +0200 *** (null) MESSAGE Starting IP protection
2013/09/06 06:57:22 +0200 *** (null) MESSAGE IP Protection started successfully
2013/09/06 11:50:37 +0200 *** *** MESSAGE Executing scheduled update: Daily
2013/09/06 11:50:50 +0200 *** *** MESSAGE Scheduled update executed successfully: database updated from version v2013.09.06.01 to version v2013.09.06.04
2013/09/06 11:50:50 +0200 *** *** MESSAGE Starting database refresh
2013/09/06 11:50:50 +0200 *** *** MESSAGE Stopping IP protection
2013/09/06 11:50:50 +0200 *** *** MESSAGE IP Protection stopped successfully
2013/09/06 11:50:53 +0200 *** *** MESSAGE Database refreshed successfully
2013/09/06 11:50:53 +0200 *** *** MESSAGE Starting IP protection
2013/09/06 11:50:55 +0200 *** *** MESSAGE IP Protection started successfully
2013/09/06 17:04:09 +0200 *** (null) MESSAGE Starting protection
2013/09/06 17:04:09 +0200 *** (null) MESSAGE Protection started successfully
2013/09/06 17:04:09 +0200 *** (null) MESSAGE Starting IP protection
2013/09/06 17:04:11 +0200 *** (null) MESSAGE IP Protection started successfully
2013/09/06 17:16:48 +0200 *** (null) MESSAGE Starting protection
2013/09/06 17:16:48 +0200 *** (null) MESSAGE Protection started successfully
2013/09/06 17:16:48 +0200 *** (null) MESSAGE Starting IP protection
2013/09/06 17:16:50 +0200 *** (null) MESSAGE IP Protection started successfully
2013/09/06 17:30:27 +0200 *** (null) MESSAGE Starting protection
2013/09/06 17:30:27 +0200 *** (null) MESSAGE Protection started successfully
2013/09/06 17:30:27 +0200 *** (null) MESSAGE Starting IP protection
2013/09/06 17:30:30 +0200 *** (null) MESSAGE IP Protection started successfully
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/07/2013 at 05:18 AM
Application Version : 5.6.1032
Core Rules Database Version : 10752
Trace Rules Database Version: 8564
Scan type : Quick Scan
Total Scan Time : 00:10:52
Operating System Information
65 Edition 64-bit (Build 6.02.9200)
UAC On - Limited User
Memory items scanned : 814
Memory threats detected : 0
Registry items scanned : 58534
Registry threats detected : 0
File items scanned : 12263
File threats detected : 83
Adware.Tracking Cookie
.goadservices.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
im.banner.t-online.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www4.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www6.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.localslutsfinder.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/06/2013 at 05:28 PM
Application Version : 5.6.1032
Core Rules Database Version : 10750
Trace Rules Database Version: 8562
Scan type : Custom Scan
Total Scan Time : 00:02:45
Operating System Information
65 Edition 64-bit (Build 6.02.9200)
UAC On - Limited User
Memory items scanned : 624
Memory threats detected : 0
Registry items scanned : 70900
Registry threats detected : 0
File items scanned : 7354
File threats detected : 1
Adware.Somoto/Variant
C:\USERS\***\MUSIC\GAME_SETUP_ZIP.EXE
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/06/2013 at 05:01 PM
Application Version : 5.6.1032
Core Rules Database Version : 10750
Trace Rules Database Version: 8562
Scan type : Custom Scan
Total Scan Time : 00:02:57
Operating System Information
65 Edition 64-bit (Build 6.02.9200)
UAC On - Limited User
Memory items scanned : 766
Memory threats detected : 0
Registry items scanned : 70900
Registry threats detected : 0
File items scanned : 7357
File threats detected : 2
Adware.Downware
C:\USERS\***\DOWNLOADS\NEUER ORDNER\HDPLUGIN_CHROME.EXE
Adware.Somoto/Variant
C:\USERS\***\DOWNLOADS\NEUER ORDNER\PDFCREATORSETUP.EXE
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/06/2013 at 04:57 PM
Application Version : 5.6.1032
Core Rules Database Version : 10750
Trace Rules Database Version: 8562
Scan type : Custom Scan
Total Scan Time : 00:02:29
Operating System Information
65 Edition 64-bit (Build 6.02.9200)
UAC On - Limited User
Memory items scanned : 765
Memory threats detected : 0
Registry items scanned : 70899
Registry threats detected : 0
File items scanned : 7357
File threats detected : 2
Adware.Downware
C:\USERS\***\DOWNLOADS\NEUER ORDNER\HDPLUGIN_CHROME.EXE
Adware.Somoto/Variant
C:\USERS\***\DOWNLOADS\NEUER ORDNER\PDFCREATORSETUP.EXE
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/06/2013 at 05:14 AM
Application Version : 5.6.1032
Core Rules Database Version : 10749
Trace Rules Database Version: 8561
Scan type : Quick Scan
Total Scan Time : 00:08:21
Operating System Information
65 Edition 64-bit (Build 6.02.9200)
UAC On - Limited User
Memory items scanned : 713
Memory threats detected : 0
Registry items scanned : 58582
Registry threats detected : 0
File items scanned : 12259
File threats detected : 104
Adware.Tracking Cookie
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Z8AJB08Q.txt [ /ad.yieldmanager.com ]
.atdmt.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mycountdown.org [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dialaphone.122.2o7.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.trafficbee.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.vinsight.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.trafficbee.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.data-eroadvertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.enoratraffic.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.enoratraffic.scubl.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.enoratraffic.scubl.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.enoratraffic.scubl.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.goadservices.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.estat.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Sorry dass es so viel ist, ich hoffe aber das hilft das mir jemand helfen kann.. vielen dank schon einmal!  |
|
07.09.2013, 15:30
| #2 |
| /// TB-Ausbilder   | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Hi,
__________________mach bitte einen FRST-Scan: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
08.09.2013, 03:18
| #3 |
| | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" vielen dank für die schnelle antwort!
__________________ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by *** (administrator) on *** on 08-09-2013 04:11:09
Running from C:\Users\***\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Windows Net) C:\Users\***\AppData\Roaming\Windows Net Data\net.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtblfs.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Windows\syswow64\wwahost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-13] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-13] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [Google Update] - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-05] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-24] (Spotify Ltd)
HKCU\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1635752 2013-05-04] (Valve Corporation)
HKCU\...\Run: [Spotify] - C:\Users\***\AppData\Roaming\Spotify\spotify.exe [4640768 2013-08-24] (Spotify Ltd)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-09-06] (SUPERAntiSpyware)
MountPoints2: {31422cfc-f849-11e2-bea3-083e8ebc244c} - "F:\Autorun.exe"
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [YTDownloader] - "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot [x]
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\***\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ru.redirect.wrapper.services.alawar.com/startpage.php?lang=de&wspv=2.0&locale=de&pid=10360&country=DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {88CA5286-70BA-46A9-A05A-4AC44FBDE60B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {6D101508-0E89-4487-98B7-053D58A3728B} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {88CA5286-70BA-46A9-A05A-4AC44FBDE60B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=24D0083E8EBC244C&affID=119557&tsp=4961
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=24D0083E8EBC244C&affID=119557&tsp=4961"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Google Update) - C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.6) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Gojee) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb\3.1_0
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.2.733_1
CHR Extension: (mysms - Text anywhere) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb\3.3.1_0
CHR Extension: (Virtual Keyboard) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.2.733_1
CHR Extension: (Mac OS theme) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkpadlfbbnobnjaeodjfnkogiigdmgff\2.1_0
CHR Extension: (Webcam Toy) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0
CHR Extension: (Harmony) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn\6_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Todo.ly) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0
CHR Extension: (Gmail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.2.733_0
CHR Extension: (We Are Hunted) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgdicpfcekegalffnnbhkjkkoapppga\1.0.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\***\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\***\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [x]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch)
R0 KL1; C:\Windows\system32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\system32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-01-11] (Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 04:00 - 2013-09-08 04:00 - 01948988 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-09-07 03:54 - 2013-09-07 03:54 - 00300616 _____ C:\Windows\Minidump\090713-17703-01.dmp
2013-09-06 17:16 - 2013-09-06 17:16 - 00296488 _____ C:\Windows\Minidump\090613-51796-01.dmp
2013-09-06 06:57 - 2013-09-06 06:57 - 00296488 _____ C:\Windows\Minidump\090613-21218-01.dmp
2013-09-06 06:41 - 2013-09-06 06:41 - 00300616 _____ C:\Windows\Minidump\090613-17531-01.dmp
2013-09-06 06:05 - 2013-09-06 06:05 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Users\***\AppData\Local\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\ProgramData\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-09-06 06:05 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2013-09-06 06:03 - 2013-09-06 06:04 - 10031224 _____ (VS Revo Group ) C:\Users\***\Downloads\RevoUninProSetup.exe
2013-09-06 05:35 - 2013-09-06 05:35 - 00000000 ____D C:\Users\***\Documents\rest
2013-09-06 05:33 - 2013-09-06 05:34 - 00000000 ____D C:\Users\***\Documents\aupair
2013-09-06 05:32 - 2013-09-06 05:33 - 00000000 ____D C:\Users\***\Documents\facharbeit
2013-09-06 05:31 - 2013-09-06 05:35 - 00013824 ___SH C:\Users\***\Documents\Thumbs.db
2013-09-06 04:31 - 2013-09-06 04:31 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 04:31 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-06 04:23 - 2013-09-06 05:21 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-09-06 03:55 - 2013-09-06 03:56 - 00300616 _____ C:\Windows\Minidump\090613-16281-01.dmp
2013-09-05 16:36 - 2013-09-05 16:37 - 00300616 _____ C:\Windows\Minidump\090513-16859-01.dmp
2013-09-05 15:41 - 2013-09-05 15:41 - 00300616 _____ C:\Windows\Minidump\090513-18734-01.dmp
2013-09-05 14:10 - 2013-09-07 14:10 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841.job
2013-09-05 14:10 - 2013-09-06 03:04 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-05 14:10 - 2013-09-06 02:00 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c.job
2013-09-05 14:10 - 2013-09-05 14:10 - 00003570 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c
2013-09-05 14:10 - 2013-09-05 14:10 - 00003488 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841
2013-09-05 14:10 - 2013-09-05 14:10 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-05 14:04 - 2013-09-05 14:04 - 00000000 __SHD C:\found.002
2013-09-02 13:46 - 2013-09-02 13:46 - 00300616 _____ C:\Windows\Minidump\090213-24656-01.dmp
2013-08-25 11:39 - 2013-08-25 11:39 - 00300560 _____ C:\Windows\Minidump\082513-36046-01.dmp
2013-08-24 10:14 - 2013-08-24 10:15 - 00000000 ____D C:\Users\***\Desktop\sims3
2013-08-24 01:04 - 2013-08-24 01:04 - 00296488 _____ C:\Windows\Minidump\082413-22515-01.dmp
2013-08-24 00:37 - 2013-08-24 00:37 - 00300616 _____ C:\Windows\Minidump\082413-27843-01.dmp
2013-08-24 00:14 - 2013-08-24 00:14 - 00000000 ____D C:\Users\***\Downloads\konto
2013-08-16 14:02 - 2013-08-16 14:06 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 16:17 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-15 16:17 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-15 09:45 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:45 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:45 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:45 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:45 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:45 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:45 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:45 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:45 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:45 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-15 09:45 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 09:45 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 09:45 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:44 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 09:44 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 09:44 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 09:44 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-15 09:44 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-15 09:44 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 09:44 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 09:44 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-15 09:44 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
==================== One Month Modified Files and Folders =======
2013-09-08 04:10 - 2013-09-08 04:10 - 00000000 ____D C:\FRST
2013-09-08 04:07 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-08 04:04 - 2013-01-05 00:39 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001UA.job
2013-09-08 04:04 - 2013-01-05 00:34 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-15971856-2605629271-4000343970-1001
2013-09-08 04:00 - 2013-09-08 04:00 - 01948988 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-09-08 03:55 - 2013-01-11 21:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-08 03:54 - 2013-01-21 22:23 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-07 16:33 - 2013-01-07 16:21 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-09-07 15:57 - 2012-08-03 04:22 - 00068444 _____ C:\Windows\PFRO.log
2013-09-07 15:57 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-07 15:57 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-09-07 15:56 - 2012-10-11 00:00 - 01467926 _____ C:\Windows\WindowsUpdate.log
2013-09-07 15:48 - 2013-01-21 22:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-07 14:10 - 2013-09-05 14:10 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841.job
2013-09-07 04:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-07 03:54 - 2013-09-07 03:54 - 00300616 _____ C:\Windows\Minidump\090713-17703-01.dmp
2013-09-07 03:54 - 2013-07-18 19:13 - 600159089 _____ C:\Windows\MEMORY.DMP
2013-09-07 03:54 - 2013-07-18 19:13 - 00000000 ____D C:\Windows\Minidump
2013-09-06 17:32 - 2013-01-05 00:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify
2013-09-06 17:31 - 2013-04-19 12:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-06 17:16 - 2013-09-06 17:16 - 00296488 _____ C:\Windows\Minidump\090613-51796-01.dmp
2013-09-06 17:01 - 2013-03-02 23:00 - 00000000 ____D C:\Users\***\Downloads\Neuer Ordner
2013-09-06 13:16 - 2013-01-05 00:40 - 00002365 _____ C:\Users\***\Desktop\Google Chrome.lnk
2013-09-06 10:04 - 2013-01-05 00:39 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001Core.job
2013-09-06 06:57 - 2013-09-06 06:57 - 00296488 _____ C:\Windows\Minidump\090613-21218-01.dmp
2013-09-06 06:41 - 2013-09-06 06:41 - 00300616 _____ C:\Windows\Minidump\090613-17531-01.dmp
2013-09-06 06:14 - 2013-01-04 21:41 - 00000000 ____D C:\Users\***\AppData\Local\Packages
2013-09-06 06:05 - 2013-09-06 06:05 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Users\***\AppData\Local\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\ProgramData\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-09-06 06:04 - 2013-09-06 06:03 - 10031224 _____ (VS Revo Group ) C:\Users\***\Downloads\RevoUninProSetup.exe
2013-09-06 05:35 - 2013-09-06 05:35 - 00000000 ____D C:\Users\***\Documents\rest
2013-09-06 05:35 - 2013-09-06 05:31 - 00013824 ___SH C:\Users\***\Documents\Thumbs.db
2013-09-06 05:34 - 2013-09-06 05:33 - 00000000 ____D C:\Users\***\Documents\aupair
2013-09-06 05:33 - 2013-09-06 05:32 - 00000000 ____D C:\Users\***\Documents\facharbeit
2013-09-06 05:25 - 2012-10-11 00:55 - 00000000 ____D C:\Program Files (x86)\WildGames
2013-09-06 05:25 - 2012-10-11 00:53 - 00000000 ____D C:\ProgramData\WildTangent
2013-09-06 05:22 - 2013-01-22 19:46 - 00000000 ____D C:\Users\***\AppData\Roaming\WildTangent
2013-09-06 05:21 - 2013-09-06 04:23 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-09-06 05:21 - 2013-01-04 21:43 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-06 04:50 - 2013-02-17 23:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Iminent
2013-09-06 04:31 - 2013-09-06 04:31 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 03:56 - 2013-09-06 03:55 - 00300616 _____ C:\Windows\Minidump\090613-16281-01.dmp
2013-09-06 03:04 - 2013-09-05 14:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-06 02:00 - 2013-09-05 14:10 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c.job
2013-09-05 16:37 - 2013-09-05 16:36 - 00300616 _____ C:\Windows\Minidump\090513-16859-01.dmp
2013-09-05 15:43 - 2013-01-04 21:41 - 00000000 ____D C:\Users\***
2013-09-05 15:41 - 2013-09-05 15:41 - 00300616 _____ C:\Windows\Minidump\090513-18734-01.dmp
2013-09-05 14:11 - 2012-10-11 00:35 - 01224794 _____ C:\Windows\system32\perfh007.dat
2013-09-05 14:11 - 2012-10-11 00:35 - 00295686 _____ C:\Windows\system32\perfc007.dat
2013-09-05 14:11 - 2012-07-26 09:28 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-05 14:10 - 2013-09-05 14:10 - 00003570 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c
2013-09-05 14:10 - 2013-09-05 14:10 - 00003488 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841
2013-09-05 14:10 - 2013-09-05 14:10 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-05 14:04 - 2013-09-05 14:04 - 00000000 __SHD C:\found.002
2013-09-02 13:46 - 2013-09-02 13:46 - 00300616 _____ C:\Windows\Minidump\090213-24656-01.dmp
2013-08-25 11:40 - 2013-03-06 11:44 - 00000000 _____ C:\END
2013-08-25 11:39 - 2013-08-25 11:39 - 00300560 _____ C:\Windows\Minidump\082513-36046-01.dmp
2013-08-24 17:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-24 10:15 - 2013-08-24 10:14 - 00000000 ____D C:\Users\***\Desktop\sims3
2013-08-24 01:04 - 2013-08-24 01:04 - 00296488 _____ C:\Windows\Minidump\082413-22515-01.dmp
2013-08-24 00:40 - 2013-01-05 00:49 - 00000000 ____D C:\Users\***\AppData\Local\Spotify
2013-08-24 00:37 - 2013-08-24 00:37 - 00300616 _____ C:\Windows\Minidump\082413-27843-01.dmp
2013-08-24 00:14 - 2013-08-24 00:14 - 00000000 ____D C:\Users\***\Downloads\konto
2013-08-24 00:14 - 2013-01-05 01:18 - 00442880 ___SH C:\Users\***\Downloads\Thumbs.db
2013-08-23 18:45 - 2012-07-26 09:21 - 00039243 _____ C:\Windows\setupact.log
2013-08-17 19:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-17 19:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-16 14:06 - 2013-08-16 14:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 14:02 - 2013-01-05 13:12 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\***\AppData\Local\Temp\7z920.exe
C:\Users\***\AppData\Local\Temp\amazonicon.exe
C:\Users\***\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\***\AppData\Local\Temp\autorun.dll
C:\Users\***\AppData\Local\Temp\AutoRun.exe
C:\Users\***\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\***\AppData\Local\Temp\AVGToolbarInstaller.exe
C:\Users\***\AppData\Local\Temp\BackupSetup.exe
C:\Users\***\AppData\Local\Temp\bstrapInstall.exe
C:\Users\***\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\***\AppData\Local\Temp\dufgmr4c.exe
C:\Users\***\AppData\Local\Temp\EAD16FD.exe
C:\Users\***\AppData\Local\Temp\EAD1934.exe
C:\Users\***\AppData\Local\Temp\EAD220D.exe
C:\Users\***\AppData\Local\Temp\EAD26C3.exe
C:\Users\***\AppData\Local\Temp\EAD2837.exe
C:\Users\***\AppData\Local\Temp\EAD2E60.exe
C:\Users\***\AppData\Local\Temp\EAD2EC2.exe
C:\Users\***\AppData\Local\Temp\EAD32F2.exe
C:\Users\***\AppData\Local\Temp\EAD37B3.exe
C:\Users\***\AppData\Local\Temp\EAD3ABD.exe
C:\Users\***\AppData\Local\Temp\EAD40C2.exe
C:\Users\***\AppData\Local\Temp\EAD47B7.exe
C:\Users\***\AppData\Local\Temp\EAD4B6A.exe
C:\Users\***\AppData\Local\Temp\EAD54CC.exe
C:\Users\***\AppData\Local\Temp\EAD566D.exe
C:\Users\***\AppData\Local\Temp\EAD56FD.exe
C:\Users\***\AppData\Local\Temp\EAD5809.exe
C:\Users\***\AppData\Local\Temp\EAD6F22.exe
C:\Users\***\AppData\Local\Temp\EAD7630.exe
C:\Users\***\AppData\Local\Temp\EAD778C.exe
C:\Users\***\AppData\Local\Temp\EAD7A64.exe
C:\Users\***\AppData\Local\Temp\EAD844A.exe
C:\Users\***\AppData\Local\Temp\EAD8DB2.exe
C:\Users\***\AppData\Local\Temp\EAD8F06.exe
C:\Users\***\AppData\Local\Temp\EAD8FC2.exe
C:\Users\***\AppData\Local\Temp\EAD9A5.exe
C:\Users\***\AppData\Local\Temp\EADAA12.exe
C:\Users\***\AppData\Local\Temp\EADAA64.exe
C:\Users\***\AppData\Local\Temp\EADB441.exe
C:\Users\***\AppData\Local\Temp\EADBBAE.exe
C:\Users\***\AppData\Local\Temp\EADC1D9.exe
C:\Users\***\AppData\Local\Temp\EADD1D4.exe
C:\Users\***\AppData\Local\Temp\EADD60F.exe
C:\Users\***\AppData\Local\Temp\EADD695.exe
C:\Users\***\AppData\Local\Temp\EADD7BF.exe
C:\Users\***\AppData\Local\Temp\EADD7C7.exe
C:\Users\***\AppData\Local\Temp\EADD8F8.exe
C:\Users\***\AppData\Local\Temp\EADDA51.exe
C:\Users\***\AppData\Local\Temp\EADDFFC.exe
C:\Users\***\AppData\Local\Temp\EADEA10.exe
C:\Users\***\AppData\Local\Temp\EADED07.exe
C:\Users\***\AppData\Local\Temp\EADF1D9.exe
C:\Users\***\AppData\Local\Temp\EADF5D5.exe
C:\Users\***\AppData\Local\Temp\EADFC5.exe
C:\Users\***\AppData\Local\Temp\eauninstall.exe
C:\Users\***\AppData\Local\Temp\First15.exe
C:\Users\***\AppData\Local\Temp\gert0.exe
C:\Users\***\AppData\Local\Temp\GoogleSetup.exe
C:\Users\***\AppData\Local\Temp\incredibar_installer.exe
C:\Users\***\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\***\AppData\Local\Temp\Notification.exe
C:\Users\***\AppData\Local\Temp\oi_{C051E658-4B88-4989-AFF3-1CCDB272D3B3}.exe
C:\Users\***\AppData\Local\Temp\ose00000.exe
C:\Users\***\AppData\Local\Temp\sdanircmdc.exe
C:\Users\***\AppData\Local\Temp\Softonic_chr_1-8-8-11.exe
C:\Users\***\AppData\Local\Temp\sy94bur6.exe
C:\Users\***\AppData\Local\Temp\tbuTor.dll
C:\Users\***\AppData\Local\Temp\The Sims 2_uninst.exe
C:\Users\***\AppData\Local\Temp\uninst1.exe
C:\Users\***\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\***\AppData\Local\Temp\UninstallEADM.dll
C:\Users\***\AppData\Local\Temp\uttB682.tmp.exe
C:\Users\***\AppData\Local\Temp\vcredist_x64.exe
C:\Users\***\AppData\Local\Temp\VP6Install.exe
C:\Users\***\AppData\Local\Temp\VP6VFW.dll
C:\Users\***\AppData\Local\Temp\YTDUninst.exe
C:\Users\***\AppData\Local\Temp\ytd_bu10_setup(1).exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-30 15:18
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2013 Ran by *** at 2013-09-08 04:12:52 Running from C:\Users\***\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Reader X MUI (x32 Version: 10.0.0) aptics Pointing Device Driver (Version: 16.2.10.5) Canon MG6100 series MP Drivers CyberLink Power2Go 8 (x32 Version: 8.0.0.1923) CyberLink PowerDVD (x32 Version: 9.0.5601.52) Die Sims™ 3 (x32 Version: 1.55.4) Die Sims™ 3 70er, 80er & 90er Accessoires (x32 Version: 17.0.77) Die Sims™ 3 Design-Garten-Accessoires (x32 Version: 7.0.55) Die Sims™ 3 Diesel Accessoires (x32 Version: 14.0.48) Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96) Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44) Die Sims™ 3 Inselparadies (x32 Version: 19.0.101) Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136) Die Sims™ 3 Katy Perry Süße Welt (x32 Version: 13.0.62) Die Sims™ 3 Late Night (x32 Version: 6.0.81) Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152) Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38) Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86) Die Sims™ 3 Showtime (x32 Version: 12.0.273) Die Sims™ 3 Stadt-Accessoires (x32 Version: 9.0.73) Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87) Die Sims™ 3 Traumsuite-Accessoires (x32 Version: 11.0.84) Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126) FDUx86 (x32 Version: 1.0.0) Google Chrome (HKCU Version: 29.0.1547.66) Google Drive (x32 Version: 1.11.4865.2530) Google Update Helper (x32 Version: 1.3.21.153) Intel AppUp(SM) center (x32 Version: 03.05.11) Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) Processor Graphics (x32 Version: 9.17.10.2828) Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.388.1) Java Auto Updater (x32 Version: 2.1.6.0) Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50) Java(TM) 7 Update 5 (x32 Version: 7.0.50) Kaspersky PURE 2.0 (x32 Version: 12.0.2.733) KUx86 (x32 Version: 1.0.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office (x32 Version: 14.0.6120.5004) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Silverlight (x32 Version: 5.1.10411.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) Origin (x32 Version: 9.0.14.2148) PhotoScape (x32) PlayMemories Home (x32 Version: 6.3.02.07270) Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695) Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121) Restore (x32 Version: 1.0.0) Revo Uninstaller Pro 3.0.7 (Version: 3.0.7) SCS Shortcut (x32 Version: 1.0) Shared C Run-time for x64 (Version: 10.0.0) Spotify (HKCU Version: 0.9.1.57.ge7405149) SSLx64 (Version: 1.0.0) SSLx86 (x32 Version: 1.0.0) Steam (x32 Version: 1.0.0.0) SUPERAntiSpyware (Version: 5.6.1030) swMSM (x32 Version: 12.0.0.1) Tomb Raider (x32) VAIO - Xperia Link (x32 Version: 1.0.0.08170) VAIO Care (Version: 8.1.0.10120) VAIO Control Center (x32 Version: 6.0.0.08200) VAIO Data Restore Tool (x32 Version: 1.10.0.07270) VAIO Easy Connect (x32 Version: 1.3.0.09290) VAIO Gate (x32 Version: 3.0.0.08140) VAIO Gate Default (x32 Version: 3.0.0.08060) VAIO Gesture Control (x32 Version: 2.0.0.08240) VAIO Image Optimizer (x32 Version: 3.0.00.08170) VAIO Improvement (x32 Version: 2.0.0.08090) VAIO Media Server Settings (Version: 1.0.0.08240) VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170) VAIO Update (x32 Version: 6.2.1.03260) VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200) VAIO-Handbuch (x32 Version: 3.0.0.08100) VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212) VCCx64 (Version: 1.0.0) VCCx86 (x32 Version: 1.0.0) VGClientX64 (Version: 1.0.0) VHD (x32 Version: 1.0.0) VIx64 (Version: 1.0.0) VIx86 (x32 Version: 1.0.0) VMLx86 (x32 Version: 1.0.0) VPMx64 (Version: 1.0.0) VSSTx64 (Version: 1.0.0) VSSTx86 (x32 Version: 1.0.0) VU5x64 (Version: 1.0.0) VU5x86 (x32 Version: 1.0.0) VUx64 (Version: 1.0.0) VUx86 (x32 Version: 1.0.0) VWSTx86 (x32 Version: 1.0.0) XperiaLinkx86 (x32 Version: 1.0.0) ==================== Restore Points ========================= 15-08-2013 07:47:55 Windows Update 24-08-2013 15:00:41 Geplanter Prüfpunkt 06-09-2013 03:52:08 Removed BlueStacks Notification Center ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0BC79574-67E8-4670-B962-A50E91BBF712} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation) Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {119CFEA2-A518-4D30-9A66-CB643EB14B94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21] (Google Inc.) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {15D66902-53CA-4CB8-B4C6-61E3824B961C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001Core => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.) Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {18B5275D-62CF-407E-AC82-26A0953A50C2} - System32\Tasks\DSite => C:\Users\***\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE Task: {19E41F4F-2BFA-4DE2-9C3C-6DE8ECC1CCC4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation) Task: {1ACB53FA-2B20-4DD8-9117-3360675D678C} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => C:\Program Files\Common Files\System\SysMenu.dll [2013-07-17] (Goobzo LTD) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {20CD5D2D-FA45-4D0C-A97D-4EFE0B52BC9D} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {2305283C-7618-45ED-A41D-C7B27135A940} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation) Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation) Task: {277B5B92-3579-408B-8EEC-DFF674322D57} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation) Task: {2B0FDC51-94D1-4A85-A1B3-CB2F1F3AA453} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => C:\Program Files\Common Files\System\SysMenu.dll [2013-07-17] (Goobzo LTD) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2DD0D7EA-C9E6-43DF-BB87-FA4E1286676F} - System32\Tasks\DealPly => C:\Users\***\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {4751C751-F621-49FA-80CD-D57B3C8B2D7A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {4B9ECE25-72CC-401E-BDDB-17F42DB48E45} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {507E62F8-6530-4B63-88AF-441384F777ED} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {640A49F4-C9E7-4643-9069-593ACCE20065} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient Task: {640CA3CC-D163-4125-9ED7-A029DD6D5C47} - System32\Tasks\SMupdate1 => C:\Program Files\Common Files\System\SysMenu.dll [2013-07-17] (Goobzo LTD) Task: {68FCE768-404D-403B-ABF4-8F107A5CFE5D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {70611AE5-F4FE-4408-838B-C24627FA493F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21] (Google Inc.) Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7908D60F-64D4-4730-BA66-4ED916B91195} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation) Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {80BC59C3-E4BA-4167-A7FA-9C2C0853833F} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-15971856-2605629271-4000343970-1001 Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {888EBB59-D519-40AA-A9A6-C6D8231E7821} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink) Task: {8B856B8B-3F82-4C44-9F39-F081D5E870A8} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {929704F9-B971-47CF-8DDB-89292CED9B8D} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {9A100CF3-A25C-48FC-B0AD-D650C3957443} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation) Task: {9BF77056-7446-4073-95D0-735CFB3D7FD4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001UA => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.) Task: {9FBA966D-38B4-49B4-B7B5-0C7F11C59D89} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-23] (SUPERAdBlocker.com) Task: {A0DA052D-32F9-42DB-8C58-2ACFB7B2E727} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation) Task: {A1EDAFFB-4328-4FF7-BC6D-3719349F1A40} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation) Task: {A7C9C97D-5962-4F84-9103-7D12850C5224} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B561D8C5-0807-4059-81AC-73C6632566EC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {CF3FE2E4-58C5-4E80-B19A-AE9F28A2EC52} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation) Task: {D4BF21DA-451F-4B36-A598-B103E0C4A63D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-23] (SUPERAdBlocker.com) Task: {D9FAB2D3-CA36-4676-A52F-C34C17BC9D10} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E62CE03F-EE36-4431-AC23-1E045A0C4083} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation) Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {E9864B80-FC10-401E-8486-B249963CE1A6} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {EA21AB72-588D-41CF-8595-88F06AEB2FCE} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation) Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: C:\Windows\Tasks\DSite.job => C:\Users\***\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001Core.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001UA.job => C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Loaded Modules (whitelisted) ============= 2012-07-26 03:22 - 2012-07-26 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\IME\SHARED\IMEROAMING.DLL 2012-08-30 23:26 - 2012-08-30 23:26 - 00566712 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\shellex.dll 2012-08-30 23:26 - 2012-08-30 23:26 - 00202168 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\prremote.dll 2012-08-30 23:26 - 2012-08-30 23:26 - 00387512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\prloader.dll 2013-09-06 06:05 - 2012-12-29 13:06 - 00123120 _____ (VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll 2012-10-11 00:46 - 2012-08-14 18:54 - 00064168 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll 2012-10-11 00:07 - 2012-08-09 10:06 - 00157352 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\viaggregator.dll 2012-10-10 23:50 - 2012-08-20 10:22 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2012-10-10 23:50 - 2012-08-20 10:22 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2012-08-23 02:18 - 2012-08-21 12:17 - 01046328 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2012-08-23 02:18 - 2012-08-21 12:18 - 00228664 _____ (Synaptics Incorporated) C:\Windows\SYSTEM32\SynTPAPI.dll 2012-08-21 20:42 - 2012-08-20 10:34 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-08-21 20:42 - 2012-08-20 10:30 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-10-11 00:31 - 2013-03-26 15:15 - 00030784 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll 2013-05-13 12:35 - 2013-03-26 15:16 - 00017984 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll 2013-07-14 23:34 - 2013-07-14 23:34 - 00295400 _____ (Sony Corporation) C:\Windows\Microsoft.Net\assembly\GAC_64\VAIOCareToolkit\v4.0_8.1.0.10100__6b746f706d1a5a7d\VAIOCareToolkit.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00130024 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\de-DE\VCSystemTray.resources.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00035816 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\IntelMonitor\IntelMonitorBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00031720 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\CommonPlugin\CommonPluginBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00240616 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\VAIOCare.Utilities.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00024552 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\MetricsPhilatelist\MetricsPhilatelistBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00024040 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00009704 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00430568 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationPL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00016872 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\LaunchBrowser\LaunchBrowserBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00015336 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SystemSupport\SystemSupportBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00097256 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\NetworkDiagnostics\NetworkDiagnosticsBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00017896 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\NetworkDiagnostics\NetworkDiagnosticsAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00168424 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AboutVAIOHub\AboutVAIOHubPL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00381416 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SoftwareHub\SoftwareHubPL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00028136 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SelfHeal\SelfHealBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00011752 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SelfHeal\SelfHealAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00035304 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\SelfHeal.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00088552 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AdvancedTools\AdvancedToolsBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00015336 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AdvancedTools\AdvancedToolsAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00027112 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\IoloToolOpt.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00032232 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\ContactAndSupport\ContactAndSupportBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00013800 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\ContactAndSupport\ContactAndSupportAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00032744 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\History\HistoryBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00010728 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\History\HistoryAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00024040 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\BatteryCheck\BatteryCheckBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00179176 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\OneClickCare\OneClickCareBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00032232 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\OneClickCare\OneClickCareAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00049640 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Message\MessageBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00025064 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\DownloadManager\DownloadManagerBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00042472 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Solve\SolveBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00016360 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Solve\SolveAPI.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00016360 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\GenericVAIOCareReminders\GenericVAIOCareRemindersBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00013288 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\UploadManager\UploadManagerBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00016360 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\VAIOCareUpdateCommon\VAIOCareUpdateCommonBL.dll 2012-10-12 14:02 - 2012-10-12 14:02 - 00033256 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\VAIOCareUpdate\VAIOCareUpdateBL.dll 2012-10-11 00:01 - 2012-06-12 17:40 - 00130184 _____ (Sony Corporation) C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00102840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ushata.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00012728 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avpinit.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00594360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avpmain.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00160184 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\prremote.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\fssync.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00123320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\DumpWriter.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00262584 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\prloader.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00115128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\nfio.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00021432 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\fsdrvplg.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00038328 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\winreg.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00377272 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\service.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 01053112 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\eka_meta.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00324024 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\esmgr.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00048056 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\pxstub.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 01143224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\params.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00041912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\thpimpl.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00090552 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\propmap.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00022456 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\filemap.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00209336 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\tm.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00061880 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\dtreg.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 02961848 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\bl.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00459192 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\dblite.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00082360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\wmihlpr.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00074168 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\vercheck.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00020408 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\regmap.ppl 2012-08-30 23:22 - 2012-08-30 23:22 - 00344504 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\CryptoContainer.dll 2012-08-30 23:26 - 2012-08-30 23:26 - 00598456 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\backup.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00242104 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\metainfo.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00184760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\acassembler.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00287160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\am_facade.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00549304 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\storage.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00061880 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ndetect.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00119224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\crpthlpr.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00028600 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\report.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00042424 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\schedule.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00020408 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\timer.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\reportdb.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 01257912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\lic.ppl 2012-08-31 01:36 - 2012-08-31 01:36 - 00016864 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\cbi.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00017848 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\hashmd5.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00496056 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klifpp.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00160184 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ThreatsManager.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00389560 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\stat.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00074168 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qb.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00028600 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\prutil.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00074168 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\memmon.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00422328 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avs.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\netwatch.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00082360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imc.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00074168 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\mc.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00015800 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\dmap.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00737720 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\procmon.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00172472 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\oas.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00471480 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\antispam.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00037304 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ahids.ppl 2012-08-30 23:22 - 2012-08-30 23:22 - 00385464 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\CKAHUM.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00057784 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\CKAHComm.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00135608 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ckahrule.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00569784 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\httpscan.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00127416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\excludemanager.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00042936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\smtpprtc.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00143800 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ichecker.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00029624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\volenum.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00070072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\pop3prtc.ppl 2013-07-29 16:11 - 2013-07-29 16:11 - 00469184 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\avengine.dll.988476f8400a3c2f30987a0ab095a448 2012-08-30 23:25 - 2012-08-30 23:25 - 01327544 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\trafmon2.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00057784 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\packed_io.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imapprtc.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00127416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ksn_facade.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00078264 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\nntpprtc.ppl 2013-07-03 14:32 - 2013-07-03 14:32 - 00571712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavbase.kdl.536518bd3aa8eec5802b2e822096404f 2012-08-30 23:25 - 2012-08-30 23:25 - 00737720 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\urlflt.ppl 2013-07-17 10:12 - 2013-07-17 10:12 - 01632256 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavemu.kdl.33d4094a21b474c84fafe37780a1ac43 2012-08-30 23:23 - 2012-08-30 23:23 - 00635320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\format_recognizer.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00557496 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\webnetstat.ppl 2013-06-13 14:13 - 2013-06-13 14:13 - 00273408 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kjim.kdl.01795aedfa570a09106a387e4ef34e1b 2012-08-30 23:24 - 2012-08-30 23:24 - 00254392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ProcessMonitor.dll 2013-02-12 12:11 - 2013-02-12 12:11 - 00151552 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781 2013-01-11 21:29 - 2013-01-11 21:29 - 00178008 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51 2013-07-01 10:45 - 2013-07-01 10:45 - 00436736 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\qscan.kdl.dd55bf01982b299cb867acad1944e6b6 2012-08-30 23:23 - 2012-08-30 23:23 - 00180664 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ksnhelper.dll 2013-03-26 18:03 - 2013-03-26 18:03 - 00435712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254 2012-08-30 23:23 - 2012-08-30 23:23 - 00422328 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ksn_client.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00197048 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\transport_provider.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00131512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\CryptoStaticProvider.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00078264 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\proxydet.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 01102264 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\Updater.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00135608 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\diffs.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 01216952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\aphishex.ppl 2012-08-30 23:22 - 2012-08-30 23:22 - 05463800 _____ (Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avzkrnl.dll 2013-01-11 21:58 - 2013-01-11 21:58 - 00038400 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3 2013-07-01 10:45 - 2013-07-01 10:45 - 00177664 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavsys.kdl.4bd2ce1e2c86bab49c5e56e0c6501110 2012-08-14 13:57 - 2013-05-30 10:38 - 00283840 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\uds.dll.80a1fcd7c0dfdce2c316d7830ffafe93 2012-08-30 23:25 - 2012-08-30 23:25 - 00027064 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\uniarc.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00156088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\EXTLprtc.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00278968 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ICQprtc.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00578488 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\httpanlz.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00031672 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\minizip.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00044472 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\sfdb.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00258488 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\MSNprtc.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00078264 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\cab.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00209336 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FTPprtc.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00028600 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\arj.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00127416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\appcat.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00111032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\rar.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00197048 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\JbrPrtc.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00143800 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\IRCPrtc.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00156088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\Yhoprtc.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00037816 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\lha.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 00197048 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\MMPprtc.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00082360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\mdb.ppl 2012-08-30 23:25 - 2012-08-30 23:25 - 00106936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\msoe.ppl 2012-08-30 23:23 - 2012-08-30 23:23 - 00438712 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\http_protocoller_pipeline.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00086456 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\mailmsg.ppl 2012-08-30 23:22 - 2012-08-30 23:22 - 00405944 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\anti_phishing_http_filter.dll 2012-08-30 23:22 - 2012-08-30 23:22 - 00242104 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\cf_response_provider.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00594360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\localization_manager.dll 2012-08-30 23:25 - 2012-08-30 23:25 - 00031160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\wdiskio.ppl 2012-08-30 15:02 - 2013-08-14 10:47 - 00140288 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\sys_critical_obj.dll.27fb6ff49d2b04854f223a333b8bf972 2012-08-30 23:25 - 2012-08-30 23:25 - 00217528 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ods.ppl 2013-06-05 15:16 - 2013-09-02 07:15 - 00435712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\bsshlp2.kdl.904c718bbe32f92d8d0c4c679ec8a7ac 2012-08-30 23:25 - 2012-08-30 23:25 - 00778680 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\prupdate.ppl 2012-10-11 00:01 - 2012-06-12 17:40 - 00104584 _____ (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00088744 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESStorageProtect.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00022184 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00055976 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESUSBKeyboard.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00061096 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESSuEvent.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00123048 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESTransform.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00241320 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESPerform.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00108200 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESRemoteKey.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00136360 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESAdvancedStandby.dll 2012-10-11 00:07 - 2012-08-09 10:35 - 00127656 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Improvement\viaggregator.dll 2012-10-11 00:01 - 2012-06-12 17:40 - 00116872 _____ (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SSLProxyCOM.dll 2012-10-10 23:57 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00070824 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESWndMsg.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00053416 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESWndMsgHook.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00370856 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESCommonUI.dll 2012-10-11 00:22 - 2012-08-18 05:36 - 00091816 _____ (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESAppMon.dll 2013-09-06 13:15 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll 2013-09-06 13:15 - 2013-09-02 20:46 - 03231688 _____ (Microsoft Corporation) C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 00709584 _____ () C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 00099792 _____ () C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2012-07-27 15:09 - 2012-07-27 15:09 - 00020064 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\XpStorageDevice_WinXp2k.dll 2012-07-27 15:03 - 2012-07-27 15:03 - 00311392 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\Resources\de-DE\PMBVolumeWatcherLOC.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll 2012-10-11 00:34 - 2012-06-25 15:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 06009272 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avpgui.ppl 2012-08-30 23:24 - 2012-08-30 23:24 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtCore4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtGui4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtDeclarative4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtScript4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtSql4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtNetwork4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 02482616 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\basegui.ppl 2011-09-05 20:36 - 2011-09-05 20:36 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qgif4.dll 2011-09-05 20:36 - 2011-09-05 20:36 - 00180224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qjpeg4.dll 2012-08-30 22:19 - 2012-08-30 22:19 - 00043960 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\W8Toaster.dll 2013-07-22 18:28 - 2013-07-22 18:28 - 00192952 _____ (Kaspersky Lab ZAO) C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.2.733_1\plugin\npUrlAdvisor.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00205240 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtblc.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00233912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\kltbar.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00074168 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbcl.dll 2013-01-12 01:03 - 2013-01-12 01:03 - 00078264 _____ (Kaspersky Lab ZAO) C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.2.733_0\plugin\npABPlugin.dll 2012-10-11 00:45 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2013-09-06 13:15 - 2013-09-02 22:35 - 13599184 _____ () C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 AlternateDataStreams: C:\Users\***\Desktop\Thumbs.db:encryptable AlternateDataStreams: C:\Users\***\Downloads\Thumbs.db:encryptable AlternateDataStreams: C:\Users\***\Documents\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/07/2013 04:33:51 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 29.0.1547.66, Zeitstempel: 0x5224d150 Name des fehlerhaften Moduls: combase.dll, Version: 6.2.9200.16420, Zeitstempel: 0x505a976e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001334c ID des fehlerhaften Prozesses: 0x5c8 Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Vollständiger Name des fehlerhaften Pakets: chrome.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5 Error: (09/07/2013 05:09:11 AM) (Source: SampleCollector) (User: ) Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (09/07/2013 04:12:44 AM) (Source: Application Hang) (User: ) Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e64 Startzeit: 01ceab6fa3fe0f4d Endzeit: 4294967295 Anwendungspfad: C:\Windows\system32\wwahost.exe Berichts-ID: f94c198a-1762-11e3-bebe-083e8ebc244c Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic Error: (09/07/2013 04:12:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MIRI) Description: Das Paket „Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte. Error: (09/07/2013 04:12:05 AM) (Source: ESENT) (User: ) Description: wwahost (3684){93366B0E-BD89-4FFF-B53E-0A121B667F3B}: Die Kopfzeile der Protokolldatei C:\Users\***\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\anonymous\edb.log konnte nicht gelesen werden. Fehler -4001. Error: (09/07/2013 04:12:05 AM) (Source: ESENT) (User: ) Description: wwahost (3684){93366B0E-BD89-4FFF-B53E-0A121B667F3B}: Die Kopfzeile der Protokolldatei C:\Users\***\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\LocalState\Database\anonymous\edb.log konnte nicht gelesen werden. Fehler -4001. Error: (09/07/2013 04:11:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MIRI) Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (09/07/2013 04:11:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MIRI) Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (09/07/2013 04:11:56 AM) (Source: Application Hang) (User: ) Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 510 Startzeit: 01ceab6f955b9ea8 Endzeit: 4294967295 Anwendungspfad: C:\Windows\system32\wwahost.exe Berichts-ID: dcf53426-1762-11e3-bebe-083e8ebc244c Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic Error: (09/07/2013 04:11:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MIRI) Description: Die App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. System errors: ============= Error: (09/07/2013 03:57:46 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%3 Error: (09/07/2013 03:57:45 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/07/2013 03:57:42 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Log Rotator Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/07/2013 03:57:42 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (09/07/2013 03:59:30 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet. Error: (09/07/2013 03:55:03 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%3 Error: (09/07/2013 03:55:00 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/07/2013 03:54:58 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Log Rotator Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/07/2013 03:54:58 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (09/07/2013 03:54:49 AM) (Source: BugCheck) (User: ) Description: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xfffffa80064e3a10, 0xfffff8a00ec43010)C:\Windows\MEMORY.DMP090713-17703-01 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 39% Total physical RAM: 3975.27 MB Available physical RAM: 2395.37 MB Total Pagefile: 8071.27 MB Available Pagefile: 5745.37 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:429.52 GB) (Free:243.76 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 99077A47) Partition: GPT Partition Type ==================== End Of Log ============================ |
|
08.09.2013, 11:22
| #4 |
| /// TB-Ausbilder | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Ok, dann so weiter: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Starte noch einmal FRST.
__________________ cheers, Leo |
|
08.09.2013, 12:50
| #5 |
| | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" okay danke: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 08/09/2013 um 13:39:42
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : *** - ***
# Gestartet von : C:\Users\***\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\AlawarWrapper
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\***\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\***\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\***\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\***\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\delta
Ordner Gelöscht : C:\Users\***\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\***\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DSite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{77BEC163-D389-42c1-91A4-C758846296A5}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKCU\Software\5928ad9e56aeb45
Schlüssel Gelöscht : HKLM\SOFTWARE\5928ad9e56aeb45
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PrivitizeVPNInstallDates
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Video downloader
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Video downloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Google Chrome v
[ Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [10698 octets] - [08/09/2013 13:37:19]
AdwCleaner[S0].txt - [10058 octets] - [08/09/2013 13:39:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10119 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by *** (administrator) on *** on 08-09-2013 13:47:45
Running from C:\Users\***\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Spotify Ltd) C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-13] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-13] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [Google Update] - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-05] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-24] (Spotify Ltd)
HKCU\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1635752 2013-05-04] (Valve Corporation)
HKCU\...\Run: [Spotify] - C:\Users\***\AppData\Roaming\Spotify\spotify.exe [4640768 2013-08-24] (Spotify Ltd)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-09-06] (SUPERAntiSpyware)
MountPoints2: {31422cfc-f849-11e2-bea3-083e8ebc244c} - "F:\Autorun.exe"
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [YTDownloader] - "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot [x]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ru.redirect.wrapper.services.alawar.com/startpage.php?lang=de&wspv=2.0&locale=de&pid=10360&country=DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6D101508-0E89-4487-98B7-053D58A3728B} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {88CA5286-70BA-46A9-A05A-4AC44FBDE60B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\***\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Google Update) - C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.6) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Gojee) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb\3.1_0
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.2.733_0
CHR Extension: (mysms - Text anywhere) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb\3.3.1_0
CHR Extension: (Virtual Keyboard) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.2.733_0
CHR Extension: (Mac OS theme) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkpadlfbbnobnjaeodjfnkogiigdmgff\2.1_0
CHR Extension: (Webcam Toy) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0
CHR Extension: (Harmony) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn\6_0
CHR Extension: (Amazon-Icon) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg\1.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Todo.ly) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0
CHR Extension: (Gmail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.2.733_0
CHR Extension: (We Are Hunted) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgdicpfcekegalffnnbhkjkkoapppga\1.0.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\***\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [x]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch)
R0 KL1; C:\Windows\system32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\system32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-01-11] (Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 13:35 - 2013-09-08 13:35 - 01037278 _____ C:\Users\***\Downloads\adwcleaner.exe
2013-09-08 04:12 - 2013-09-08 04:13 - 00060559 _____ C:\Users\***\Downloads\Addition.txt
2013-09-08 04:10 - 2013-09-08 04:10 - 00000000 ____D C:\FRST
2013-09-08 04:00 - 2013-09-08 04:00 - 01948988 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-09-07 03:54 - 2013-09-07 03:54 - 00300616 _____ C:\Windows\Minidump\090713-17703-01.dmp
2013-09-06 17:16 - 2013-09-06 17:16 - 00296488 _____ C:\Windows\Minidump\090613-51796-01.dmp
2013-09-06 06:57 - 2013-09-06 06:57 - 00296488 _____ C:\Windows\Minidump\090613-21218-01.dmp
2013-09-06 06:41 - 2013-09-06 06:41 - 00300616 _____ C:\Windows\Minidump\090613-17531-01.dmp
2013-09-06 06:05 - 2013-09-06 06:05 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Users\***\AppData\Local\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\ProgramData\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-09-06 06:05 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2013-09-06 06:03 - 2013-09-06 06:04 - 10031224 _____ (VS Revo Group ) C:\Users\***\Downloads\RevoUninProSetup.exe
2013-09-06 05:35 - 2013-09-06 05:35 - 00000000 ____D C:\Users\***\Documents\rest
2013-09-06 05:33 - 2013-09-06 05:34 - 00000000 ____D C:\Users\***\Documents\aupair
2013-09-06 05:32 - 2013-09-06 05:33 - 00000000 ____D C:\Users\***\Documents\facharbeit
2013-09-06 05:31 - 2013-09-06 05:35 - 00013824 ___SH C:\Users\***\Documents\Thumbs.db
2013-09-06 04:31 - 2013-09-06 04:31 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 04:31 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-06 03:55 - 2013-09-06 03:56 - 00300616 _____ C:\Windows\Minidump\090613-16281-01.dmp
2013-09-05 16:36 - 2013-09-05 16:37 - 00300616 _____ C:\Windows\Minidump\090513-16859-01.dmp
2013-09-05 15:41 - 2013-09-05 15:41 - 00300616 _____ C:\Windows\Minidump\090513-18734-01.dmp
2013-09-05 14:10 - 2013-09-08 06:10 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841.job
2013-09-05 14:10 - 2013-09-06 03:04 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-05 14:10 - 2013-09-06 02:00 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c.job
2013-09-05 14:10 - 2013-09-05 14:10 - 00003570 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c
2013-09-05 14:10 - 2013-09-05 14:10 - 00003488 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841
2013-09-05 14:10 - 2013-09-05 14:10 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-05 14:04 - 2013-09-05 14:04 - 00000000 __SHD C:\found.002
2013-09-02 13:46 - 2013-09-02 13:46 - 00300616 _____ C:\Windows\Minidump\090213-24656-01.dmp
2013-08-25 11:39 - 2013-08-25 11:39 - 00300560 _____ C:\Windows\Minidump\082513-36046-01.dmp
2013-08-24 10:14 - 2013-08-24 10:15 - 00000000 ____D C:\Users\***\Desktop\sims3
2013-08-24 01:04 - 2013-08-24 01:04 - 00296488 _____ C:\Windows\Minidump\082413-22515-01.dmp
2013-08-24 00:37 - 2013-08-24 00:37 - 00300616 _____ C:\Windows\Minidump\082413-27843-01.dmp
2013-08-24 00:14 - 2013-08-24 00:14 - 00000000 ____D C:\Users\***\Downloads\konto
2013-08-16 14:02 - 2013-08-16 14:06 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 16:17 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-15 16:17 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-15 09:45 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-15 09:45 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:45 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:45 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:45 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:45 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:45 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:45 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:45 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:45 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:45 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:45 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:45 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-15 09:45 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 09:45 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 09:45 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:44 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 09:44 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 09:44 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 09:44 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-15 09:44 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-15 09:44 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 09:44 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 09:44 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-15 09:44 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
==================== One Month Modified Files and Folders =======
2013-09-08 13:47 - 2013-01-05 00:34 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-15971856-2605629271-4000343970-1001
2013-09-08 13:42 - 2013-01-21 22:23 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-08 13:42 - 2013-01-11 21:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-08 13:41 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-08 13:41 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-09-08 13:40 - 2013-09-08 13:35 - 00000000 ____D C:\AdwCleaner
2013-09-08 13:40 - 2012-10-11 00:00 - 01491830 _____ C:\Windows\WindowsUpdate.log
2013-09-08 13:39 - 2013-01-04 21:43 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-08 13:35 - 2013-09-08 13:35 - 01037278 _____ C:\Users\***\Downloads\adwcleaner.exe
2013-09-08 13:04 - 2013-01-05 00:39 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001UA.job
2013-09-08 13:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-08 06:10 - 2013-09-05 14:10 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841.job
2013-09-08 04:13 - 2013-09-08 04:12 - 00060559 _____ C:\Users\***\Downloads\Addition.txt
2013-09-08 04:10 - 2013-09-08 04:10 - 00000000 ____D C:\FRST
2013-09-08 04:00 - 2013-09-08 04:00 - 01948988 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-09-07 16:33 - 2013-01-07 16:21 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-09-07 15:57 - 2012-08-03 04:22 - 00068444 _____ C:\Windows\PFRO.log
2013-09-07 04:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-07 03:54 - 2013-09-07 03:54 - 00300616 _____ C:\Windows\Minidump\090713-17703-01.dmp
2013-09-07 03:54 - 2013-07-18 19:13 - 600159089 _____ C:\Windows\MEMORY.DMP
2013-09-07 03:54 - 2013-07-18 19:13 - 00000000 ____D C:\Windows\Minidump
2013-09-06 17:32 - 2013-01-05 00:48 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify
2013-09-06 17:31 - 2013-04-19 12:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-06 17:16 - 2013-09-06 17:16 - 00296488 _____ C:\Windows\Minidump\090613-51796-01.dmp
2013-09-06 17:01 - 2013-03-02 23:00 - 00000000 ____D C:\Users\***\Downloads\Neuer Ordner
2013-09-06 13:16 - 2013-01-05 00:40 - 00002365 _____ C:\Users\***\Desktop\Google Chrome.lnk
2013-09-06 10:04 - 2013-01-05 00:39 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-15971856-2605629271-4000343970-1001Core.job
2013-09-06 06:57 - 2013-09-06 06:57 - 00296488 _____ C:\Windows\Minidump\090613-21218-01.dmp
2013-09-06 06:41 - 2013-09-06 06:41 - 00300616 _____ C:\Windows\Minidump\090613-17531-01.dmp
2013-09-06 06:14 - 2013-01-04 21:41 - 00000000 ____D C:\Users\***\AppData\Local\Packages
2013-09-06 06:05 - 2013-09-06 06:05 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Users\***\AppData\Local\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\ProgramData\VS Revo Group
2013-09-06 06:05 - 2013-09-06 06:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-09-06 06:04 - 2013-09-06 06:03 - 10031224 _____ (VS Revo Group ) C:\Users\***\Downloads\RevoUninProSetup.exe
2013-09-06 05:35 - 2013-09-06 05:35 - 00000000 ____D C:\Users\***\Documents\rest
2013-09-06 05:35 - 2013-09-06 05:31 - 00013824 ___SH C:\Users\***\Documents\Thumbs.db
2013-09-06 05:34 - 2013-09-06 05:33 - 00000000 ____D C:\Users\***\Documents\aupair
2013-09-06 05:33 - 2013-09-06 05:32 - 00000000 ____D C:\Users\***\Documents\facharbeit
2013-09-06 05:25 - 2012-10-11 00:55 - 00000000 ____D C:\Program Files (x86)\WildGames
2013-09-06 05:25 - 2012-10-11 00:53 - 00000000 ____D C:\ProgramData\WildTangent
2013-09-06 05:22 - 2013-01-22 19:46 - 00000000 ____D C:\Users\***\AppData\Roaming\WildTangent
2013-09-06 04:31 - 2013-09-06 04:31 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 04:31 - 2013-09-06 04:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 03:56 - 2013-09-06 03:55 - 00300616 _____ C:\Windows\Minidump\090613-16281-01.dmp
2013-09-06 03:04 - 2013-09-05 14:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-06 02:00 - 2013-09-05 14:10 - 00000522 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c.job
2013-09-05 16:37 - 2013-09-05 16:36 - 00300616 _____ C:\Windows\Minidump\090513-16859-01.dmp
2013-09-05 15:43 - 2013-01-04 21:41 - 00000000 ____D C:\Users\***
2013-09-05 15:41 - 2013-09-05 15:41 - 00300616 _____ C:\Windows\Minidump\090513-18734-01.dmp
2013-09-05 14:11 - 2012-10-11 00:35 - 01224794 _____ C:\Windows\system32\perfh007.dat
2013-09-05 14:11 - 2012-10-11 00:35 - 00295686 _____ C:\Windows\system32\perfc007.dat
2013-09-05 14:11 - 2012-07-26 09:28 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-05 14:10 - 2013-09-05 14:10 - 00003570 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 95434e05-4741-4446-a837-37cae249769c
2013-09-05 14:10 - 2013-09-05 14:10 - 00003488 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1e9b4309-6503-4757-bd1c-f91582ccc841
2013-09-05 14:10 - 2013-09-05 14:10 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com
2013-09-05 14:10 - 2013-09-05 14:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-05 14:04 - 2013-09-05 14:04 - 00000000 __SHD C:\found.002
2013-09-02 13:46 - 2013-09-02 13:46 - 00300616 _____ C:\Windows\Minidump\090213-24656-01.dmp
2013-08-25 11:39 - 2013-08-25 11:39 - 00300560 _____ C:\Windows\Minidump\082513-36046-01.dmp
2013-08-24 17:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-24 10:15 - 2013-08-24 10:14 - 00000000 ____D C:\Users\***\Desktop\sims3
2013-08-24 01:04 - 2013-08-24 01:04 - 00296488 _____ C:\Windows\Minidump\082413-22515-01.dmp
2013-08-24 00:40 - 2013-01-05 00:49 - 00000000 ____D C:\Users\***\AppData\Local\Spotify
2013-08-24 00:37 - 2013-08-24 00:37 - 00300616 _____ C:\Windows\Minidump\082413-27843-01.dmp
2013-08-24 00:14 - 2013-08-24 00:14 - 00000000 ____D C:\Users\***\Downloads\konto
2013-08-24 00:14 - 2013-01-05 01:18 - 00442880 ___SH C:\Users\***\Downloads\Thumbs.db
2013-08-23 18:45 - 2012-07-26 09:21 - 00039243 _____ C:\Windows\setupact.log
2013-08-17 19:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-17 19:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-16 14:06 - 2013-08-16 14:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 14:02 - 2013-01-05 13:12 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\***\AppData\Local\Temp\7z920.exe
C:\Users\***\AppData\Local\Temp\amazonicon.exe
C:\Users\***\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\***\AppData\Local\Temp\autorun.dll
C:\Users\***\AppData\Local\Temp\AutoRun.exe
C:\Users\***\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\***\AppData\Local\Temp\AVGToolbarInstaller.exe
C:\Users\***\AppData\Local\Temp\BackupSetup.exe
C:\Users\***\AppData\Local\Temp\bstrapInstall.exe
C:\Users\***\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\***\AppData\Local\Temp\dufgmr4c.exe
C:\Users\***\AppData\Local\Temp\EAD16FD.exe
C:\Users\***\AppData\Local\Temp\EAD1934.exe
C:\Users\***\AppData\Local\Temp\EAD220D.exe
C:\Users\***\AppData\Local\Temp\EAD26C3.exe
C:\Users\***\AppData\Local\Temp\EAD2837.exe
C:\Users\***\AppData\Local\Temp\EAD2E60.exe
C:\Users\***\AppData\Local\Temp\EAD2EC2.exe
C:\Users\***\AppData\Local\Temp\EAD32F2.exe
C:\Users\***\AppData\Local\Temp\EAD37B3.exe
C:\Users\***\AppData\Local\Temp\EAD3ABD.exe
C:\Users\***\AppData\Local\Temp\EAD40C2.exe
C:\Users\***\AppData\Local\Temp\EAD47B7.exe
C:\Users\***\AppData\Local\Temp\EAD4B6A.exe
C:\Users\***\AppData\Local\Temp\EAD54CC.exe
C:\Users\***\AppData\Local\Temp\EAD566D.exe
C:\Users\***\AppData\Local\Temp\EAD56FD.exe
C:\Users\***\AppData\Local\Temp\EAD5809.exe
C:\Users\***\AppData\Local\Temp\EAD6F22.exe
C:\Users\***\AppData\Local\Temp\EAD7630.exe
C:\Users\***\AppData\Local\Temp\EAD778C.exe
C:\Users\***\AppData\Local\Temp\EAD7A64.exe
C:\Users\***\AppData\Local\Temp\EAD844A.exe
C:\Users\***\AppData\Local\Temp\EAD8DB2.exe
C:\Users\***\AppData\Local\Temp\EAD8F06.exe
C:\Users\***\AppData\Local\Temp\EAD8FC2.exe
C:\Users\***\AppData\Local\Temp\EAD9A5.exe
C:\Users\***\AppData\Local\Temp\EADAA12.exe
C:\Users\***\AppData\Local\Temp\EADAA64.exe
C:\Users\***\AppData\Local\Temp\EADB441.exe
C:\Users\***\AppData\Local\Temp\EADBBAE.exe
C:\Users\***\AppData\Local\Temp\EADC1D9.exe
C:\Users\***\AppData\Local\Temp\EADD1D4.exe
C:\Users\***\AppData\Local\Temp\EADD60F.exe
C:\Users\***\AppData\Local\Temp\EADD695.exe
C:\Users\***\AppData\Local\Temp\EADD7BF.exe
C:\Users\***\AppData\Local\Temp\EADD7C7.exe
C:\Users\***\AppData\Local\Temp\EADD8F8.exe
C:\Users\***\AppData\Local\Temp\EADDA51.exe
C:\Users\***\AppData\Local\Temp\EADDFFC.exe
C:\Users\***\AppData\Local\Temp\EADEA10.exe
C:\Users\***\AppData\Local\Temp\EADED07.exe
C:\Users\***\AppData\Local\Temp\EADF1D9.exe
C:\Users\***\AppData\Local\Temp\EADF5D5.exe
C:\Users\***\AppData\Local\Temp\EADFC5.exe
C:\Users\***\AppData\Local\Temp\eauninstall.exe
C:\Users\***\AppData\Local\Temp\First15.exe
C:\Users\***\AppData\Local\Temp\gert0.exe
C:\Users\***\AppData\Local\Temp\GoogleSetup.exe
C:\Users\***\AppData\Local\Temp\incredibar_installer.exe
C:\Users\***\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\***\AppData\Local\Temp\Notification.exe
C:\Users\***\AppData\Local\Temp\oi_{C051E658-4B88-4989-AFF3-1CCDB272D3B3}.exe
C:\Users\***\AppData\Local\Temp\ose00000.exe
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sdanircmdc.exe
C:\Users\***\AppData\Local\Temp\Softonic_chr_1-8-8-11.exe
C:\Users\***\AppData\Local\Temp\sy94bur6.exe
C:\Users\***\AppData\Local\Temp\tbuTor.dll
C:\Users\***\AppData\Local\Temp\The Sims 2_uninst.exe
C:\Users\***\AppData\Local\Temp\uninst1.exe
C:\Users\***\AppData\Local\Temp\UninstallEADM.dll
C:\Users\***\AppData\Local\Temp\uttB682.tmp.exe
C:\Users\***\AppData\Local\Temp\vcredist_x64.exe
C:\Users\***\AppData\Local\Temp\VP6Install.exe
C:\Users\***\AppData\Local\Temp\VP6VFW.dll
C:\Users\***\AppData\Local\Temp\YTDUninst.exe
C:\Users\***\AppData\Local\Temp\ytd_bu10_setup(1).exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-30 15:18
==================== End Of Log ============================
der IE öffnet sich jetzt auch schon nicht mehr |
|
08.09.2013, 13:42
| #6 |
| /// TB-Ausbilder | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Gut. Und sonst läuft der Rechner auch normal? Noch eine Kontrolle: ESET Online Scanner
__________________ --> Windows 8: Internet Explorer öffnet "www_getwindowinfo/" |
|
09.09.2013, 02:48
| #7 |
| | Windows 8: Internet Explorer öffnet "www_getwindowinfo/"Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=fe1457d9bb2661428cd4ef17ea591025
# engine=15049
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-08 11:48:33
# local_time=2013-09-09 01:48:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 1924385 26292243 0 0
# scanned=192283
# found=0
# cleaned=0
# scan_time=38714
ESETSmartInstaller@High as downloader log:
all ok
|
|
09.09.2013, 06:58
| #8 |
| /// TB-Ausbilder | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Hallo, sieht gut aus. Diese Tracking Cookies, die Superantispyware' immer meldet, sind völlig irrelevant. Räumen wir auf. Schritt 1 Drücke die  + R Taste und schreibe "notepad" in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument: (Wichtig: Ersetze im Skript die *** wieder mit dem richtigen Benutzernamen) Code:
ATTFilter Unlock: C:\Users\***\AppData\Local\Temp
Schritt 2 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Schritt 3 Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können. Die aktuelle Version ist Java 7 Update 25.
Überleg dir also, ob du eine Java-Installation wirklich brauchst. Falls du Java weiterhin verwenden möchtest, dann:
Schritt 4 Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:
Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts  Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ cheers, Leo |
|
09.09.2013, 07:47
| #9 |
| | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Vieeeelen vielen lieben Dank für deine Hilfe ich war echt total überfordert aber du hast mir alles ganz einfach erklärt! tausend dank, wirklich! |
|
09.09.2013, 07:55
| #10 |
| /// TB-Ausbilder | Windows 8: Internet Explorer öffnet "www_getwindowinfo/" Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
Linear-Darstellung
