| |
| |||||||
Log-Analyse und Auswertung: Win7 - Monstermarketplace UmleitungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.09.2013, 14:46
| #1 |
| |  Win7 - Monstermarketplace Umleitung Liebes Forum-Team, ich habe ein Problem, dass an anderen Stellen schon behandelt wurde. In meinem Firefox scheint auf Internetseiten eine gelbe Schrift auf, die auf Seiten wie monstermarketplace weiterleiten möchte. Ich habe schon adwcleaner laufen lassen und manche addons im Firefox entfernt, die gelbe Schrift mit der Verlinkung zu monstermarketplace sind schon weg, ich weiß aber nicht ob ich clean bin!?! Hier findet ihr alle logfiles die ich zusammengesammelt habe - Allgemein 3 und 4 habe ich noch nicht ausgeführt - werden diese noch benötigt?! Ich bitte um eure Hilfe! Danke schon im vorraus! Lg cajon Hier meine Firefox Informationen zur Fehlerbehebung Code:
ATTFilter
Allgemeine Informationen
Name
Firefox
Version
23.0.1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0
Build-Konfiguration
about:buildconfig
Erweiterungen
Name
Version
Aktiviert
ID
Adblock Plus
2.3.2
true
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Download Statusbar
0.9.10
true
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
DVDVideoSoft YouTube MP3 and Video Download
4.2.1.9
true
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
Firebug
1.12.1
true
firebug@software.joehewitt.com
FoxTab
1.4.9
true
{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
Ghostery
5.0.4
true
firefox@ghostery.com
WOT
20130515
true
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Adobe Acrobat - Create PDF
1.2
false
web2pdfextension@web2pdf.adobedotcom
Anti-Banner
12.0.1.511
false
KavAntiBanner@Kaspersky.ru
Firefox Synchronisation Extension
1.7.110.333
false
fe_9.0@nokia.com
Kaspersky URL Advisor
12.0.1.511
false
linkfilter@kaspersky.ru
Kaspersky Virtual Keyboard
12.0.1.511
false
virtualKeyboard@kaspersky.ru
Wichtige modifizierte Einstellungen
Name
Wert
accessibility.typeaheadfind.flashBar
0
browser.cache.disk.capacity
358400
browser.cache.disk.smart_size.first_run
false
browser.cache.disk.smart_size.use_old_max
false
browser.cache.disk.smart_size_cached_value
358400
browser.places.importBookmarksHTML
false
browser.places.smartBookmarksVersion
4
browser.search.useDBForOrder
true
browser.startup.homepage_override.buildID
20130814063812
browser.startup.homepage_override.mstone
23.0.1
browser.tabs.warnOnClose
false
dom.mozApps.used
true
dom.w3c_touch_events.expose
false
extensions.lastAppVersion
23.0.1
font.internaluseonly.changed
true
gfx.direct3d.checkDX10
false
gfx.direct3d.last_used_feature_level_idx
1
network.cookie.prefsMigrated
true
places.database.lastMaintenance
1378806519
places.history.expiration.transient_current_max_pages
103753
places.history.expiration.transient_optimal_database_size
166003506
places.last_vacuum
1297520624
plugin.disable_full_page_plugin_for_types
application/pdf
plugin.importedState
true
plugin.state.npitunes
0
print.print_printer
Microsoft XPS Document Writer
print.printer_Microsoft_XPS_Document_Writer.print_bgcolor
false
print.printer_Microsoft_XPS_Document_Writer.print_bgimages
false
print.printer_Microsoft_XPS_Document_Writer.print_command
print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts
false
print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom
0
print.printer_Microsoft_XPS_Document_Writer.print_edge_left
0
print.printer_Microsoft_XPS_Document_Writer.print_edge_right
0
print.printer_Microsoft_XPS_Document_Writer.print_edge_top
0
print.printer_Microsoft_XPS_Document_Writer.print_evenpages
true
print.printer_Microsoft_XPS_Document_Writer.print_footercenter
print.printer_Microsoft_XPS_Document_Writer.print_footerleft
&PT
print.printer_Microsoft_XPS_Document_Writer.print_footerright
&D
print.printer_Microsoft_XPS_Document_Writer.print_headercenter
print.printer_Microsoft_XPS_Document_Writer.print_headerleft
&T
print.printer_Microsoft_XPS_Document_Writer.print_headerright
&U
print.printer_Microsoft_XPS_Document_Writer.print_in_color
true
print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom
0.5
print.printer_Microsoft_XPS_Document_Writer.print_margin_left
0.5
print.printer_Microsoft_XPS_Document_Writer.print_margin_right
0.5
print.printer_Microsoft_XPS_Document_Writer.print_margin_top
0.5
print.printer_Microsoft_XPS_Document_Writer.print_oddpages
true
print.printer_Microsoft_XPS_Document_Writer.print_orientation
0
print.printer_Microsoft_XPS_Document_Writer.print_pagedelay
500
print.printer_Microsoft_XPS_Document_Writer.print_paper_data
9
print.printer_Microsoft_XPS_Document_Writer.print_paper_height
11,00
print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type
0
print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit
1
print.printer_Microsoft_XPS_Document_Writer.print_paper_width
8,50
print.printer_Microsoft_XPS_Document_Writer.print_reversed
false
print.printer_Microsoft_XPS_Document_Writer.print_scaling
1,00
print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit
true
print.printer_Microsoft_XPS_Document_Writer.print_to_file
false
print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom
0
print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left
0
print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right
0
print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top
0
privacy.donottrackheader.enabled
true
privacy.popups.showBrowserMessage
false
privacy.sanitize.migrateFx3Prefs
true
security.warn_viewing_mixed
false
storage.vacuum.last.index
1
storage.vacuum.last.places.sqlite
1377275059
Grafik
Direct2D aktiviert
true
DirectWrite aktiviert
true (6.2.9200.16571)
Geräte-ID
0x0046
GPU #2 aktiv
false
GPU-beschleunigte Fenster
1/1 Direct3D 10
Karten-Beschreibung
Intel(R) HD Graphics
Karten-RAM
Unknown
Karten-Treiber
igdumd64 igd10umd64 igdumdx32 igd10umd32
Treiber-Datum
1-10-2012
Treiber-Version
8.15.10.2622
Vendor-ID
0x8086
WebGL-Renderer
Google Inc. -- ANGLE (Intel(R) HD Graphics)
AzureCanvasBackend
direct2d
AzureContentBackend
direct2d
AzureFallbackCanvasBackend
cairo
JavaScript
Inkrementelle GC
true
Barrierefreiheit
Aktiviert
false
Barrierefreiheit verhindern
0
Bibliotheken-Versionen
Minimal vorausgesetzte Version
Verwendete Version
NSPR
4.10
4.10
NSS
3.15 Basic ECC
3.15 Basic ECC
NSSSMIME
3.15 Basic ECC
3.15 Basic ECC
NSSSSL
3.15 Basic ECC
3.15 Basic ECC
NSSUTIL
3.15
3.15
Code:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 10/09/2013 um 14:01:58
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : haijes - HAIJES2
# Gestartet von : C:\Users\haijes\Downloads\3003-adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\haijes\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\haijes\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\jetpack
Datei Gelöscht : C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-flash-maker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-flash-maker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\TubeSaver
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2491 octets] - [10/09/2013 13:56:06]
AdwCleaner[S0].txt - [2307 octets] - [10/09/2013 14:01:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2367 octets] ##########
Allgemeiner Schritt 2) FRST FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by haijes (administrator) on HAIJES2 on 10-09-2013 15:37:40
Running from C:\Users\haijes\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hauppauge Computer Works) C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Games\Game Alarm\Updater.exe
(Europe Support Ltd. N.V.) C:\Games\Game Alarm\gamealarm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Users\haijes\Downloads\Defogger.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-03-09] (Microsoft Corporation)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-02-01] (Nokia)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-02-06] (Samsung Electronics)
HKCU\...\Run: [AdobeBridge] - [x]
MountPoints2: {17acaa49-a103-11e0-8db0-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {17acaa66-a103-11e0-8db0-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {45d4c3f1-903c-11e0-a70b-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {47de9b7c-36d1-11e2-a231-c0cb386c051d} - E:\LaunchU3.exe -a
MountPoints2: {6695febe-a189-11e0-af0a-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {796b65d7-99d5-11e0-8c26-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {d083391a-a4b9-11e0-8606-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {d34d4352-8f70-11e0-84ba-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {d34d436b-8f70-11e0-84ba-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {d34d43b6-8f70-11e0-84ba-5c260a32a526} - E:\AutoRun.exe
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] - C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [5164712 2013-04-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\haijes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{48B81B09-92A5-412C-AF69-F4A8B81C5719}: [NameServer]194.48.124.202 194.48.124.200
FireFox:
========
FF ProfilePath: C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\searchplugins\dictcc.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: firebug - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\firefox@ghostery.com.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [fe_9.0@nokia.com] C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 HauppaugeTVServer; C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE [558592 2010-11-03] (Hauppauge Computer Works)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [48128 2010-02-02] (Dell Inc.)
==================== Drivers (Whitelisted) ====================
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hcw17bda; C:\Windows\System32\drivers\hcw17bda.sys [67456 2010-01-27] (Hauppauge Computer Works, Inc.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 npf; C:\Windows\System32\drivers\npf.sys [40464 2009-02-08] (CACE Technologies)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2007-02-07] (CACE Technologies)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 15:36 - 2013-09-10 15:36 - 01949196 _____ (Farbar) C:\Users\haijes\Desktop\FRST64.exe
2013-09-10 14:13 - 2013-09-10 14:13 - 00000474 _____ C:\Users\haijes\Downloads\defogger_disable.log
2013-09-10 14:13 - 2013-09-10 14:13 - 00000000 _____ C:\Users\haijes\defogger_reenable
2013-09-10 14:12 - 2013-09-10 14:12 - 00050477 _____ C:\Users\haijes\Downloads\Defogger.exe
2013-09-10 13:55 - 2013-09-10 14:02 - 00000000 ____D C:\AdwCleaner
2013-09-10 13:50 - 2013-04-04 05:30 - 00263584 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-10 13:49 - 2013-09-10 13:51 - 01037278 _____ C:\Users\haijes\Downloads\3003-adwcleaner.exe
2013-09-10 11:35 - 2013-09-10 11:35 - 07442384 _____ C:\Users\haijes\Downloads\MyPhoneExplorer_Setup_v1.8.5.exe
2013-09-10 10:29 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 10:29 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 10:29 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 10:29 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 10:29 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 10:29 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 10:29 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 10:29 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 10:29 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 10:29 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 10:29 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 10:29 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 10:19 - 2013-09-10 10:23 - 00000000 ____D C:\Windows\system32\MRT
2013-09-10 10:04 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-10 10:04 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-10 10:03 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-10 10:03 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-10 10:03 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-10 10:03 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-10 10:03 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-10 10:03 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-10 10:02 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-10 10:02 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-09 00:32 - 2013-09-09 00:32 - 00129024 _____ C:\Users\haijes\Downloads\36712_731_731_vaterunsernimmunsalsdeinekinderan.ppt
2013-08-30 20:08 - 2013-08-30 21:07 - 00000000 ____D C:\Users\haijes\Desktop\Bella
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iPod
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 22:13 - 2013-09-10 13:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-09-10 15:38 - 2011-02-09 16:49 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Skype
2013-09-10 15:37 - 2013-09-10 15:37 - 00000000 ____D C:\FRST
2013-09-10 15:36 - 2013-09-10 15:36 - 01949196 _____ (Farbar) C:\Users\haijes\Desktop\FRST64.exe
2013-09-10 15:35 - 2011-12-22 20:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-10 15:35 - 2011-05-10 12:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-10 15:35 - 2011-02-08 13:25 - 01654070 _____ C:\Windows\WindowsUpdate.log
2013-09-10 14:15 - 2011-02-09 16:53 - 00000000 ____D C:\Users\haijes\Documents\Outlook-Dateien
2013-09-10 14:14 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 14:14 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 14:13 - 2013-09-10 14:13 - 00000474 _____ C:\Users\haijes\Downloads\defogger_disable.log
2013-09-10 14:13 - 2013-09-10 14:13 - 00000000 _____ C:\Users\haijes\defogger_reenable
2013-09-10 14:13 - 2011-02-08 20:34 - 00000000 ____D C:\Users\haijes
2013-09-10 14:12 - 2013-09-10 14:12 - 00050477 _____ C:\Users\haijes\Downloads\Defogger.exe
2013-09-10 14:05 - 2011-12-22 20:38 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-10 14:05 - 2011-05-10 12:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-10 14:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 14:05 - 2009-07-14 06:51 - 00355733 _____ C:\Windows\setupact.log
2013-09-10 14:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-10 14:04 - 2011-02-08 21:11 - 00056068 _____ C:\Windows\PFRO.log
2013-09-10 14:02 - 2013-09-10 13:55 - 00000000 ____D C:\AdwCleaner
2013-09-10 13:51 - 2013-09-10 13:49 - 01037278 _____ C:\Users\haijes\Downloads\3003-adwcleaner.exe
2013-09-10 13:50 - 2013-08-17 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 12:01 - 2011-02-11 10:11 - 00000000 ___RD C:\Users\haijes\Privat
2013-09-10 12:01 - 2011-02-11 10:11 - 00000000 ____D C:\Users\haijes\Schule
2013-09-10 12:00 - 2012-10-02 15:48 - 00000000 ____D C:\Users\haijes\Desktop\Fotos
2013-09-10 11:37 - 2013-04-13 15:31 - 00000000 ____D C:\Users\haijes\Dekanat
2013-09-10 11:37 - 2012-08-14 22:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2013-09-10 11:35 - 2013-09-10 11:35 - 07442384 _____ C:\Users\haijes\Downloads\MyPhoneExplorer_Setup_v1.8.5.exe
2013-09-10 10:31 - 2011-02-08 20:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-10 10:23 - 2013-09-10 10:19 - 00000000 ____D C:\Windows\system32\MRT
2013-09-10 10:18 - 2011-02-11 14:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 21:05 - 2011-02-09 17:51 - 00000000 ____D C:\Users\haijes\AppData\Local\Adobe
2013-09-09 16:16 - 2011-02-09 17:41 - 00020992 _____ C:\Users\haijes\Desktop\Daten.xlsx
2013-09-09 13:52 - 2011-06-05 19:13 - 00102416 _____ C:\Users\haijes\Desktop\Geldübersicht.xlsx
2013-09-09 11:44 - 2009-07-14 19:58 - 03819762 _____ C:\Windows\system32\perfh007.dat
2013-09-09 11:44 - 2009-07-14 19:58 - 01166822 _____ C:\Windows\system32\perfc007.dat
2013-09-09 11:44 - 2009-07-14 07:13 - 00006456 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 11:15 - 2012-07-10 10:36 - 00000000 ____D C:\Users\haijes\Pfarre
2013-09-09 00:32 - 2013-09-09 00:32 - 00129024 _____ C:\Users\haijes\Downloads\36712_731_731_vaterunsernimmunsalsdeinekinderan.ppt
2013-09-08 23:23 - 2013-02-17 15:56 - 00000000 ____D C:\Users\haijes\Pfarrhomepage
2013-08-30 21:07 - 2013-08-30 20:08 - 00000000 ____D C:\Users\haijes\Desktop\Bella
2013-08-30 11:37 - 2012-08-14 22:15 - 00000000 ____D C:\Users\haijes\AppData\Roaming\MyPhoneExplorer
2013-08-24 11:23 - 2012-05-06 11:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iPod
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
Files to move or delete:
====================
C:\Users\haijes\AppData\Local\Temp\autorun.dll
C:\Users\haijes\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\haijes\AppData\Local\Temp\Execute2App.exe
C:\Users\haijes\AppData\Local\Temp\ezGameXN.dll
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\haijes\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\haijes\AppData\Local\Temp\GameXNGO.exe
C:\Users\haijes\AppData\Local\Temp\hcwclear.exe
C:\Users\haijes\AppData\Local\Temp\InstallAX.exe
C:\Users\haijes\AppData\Local\Temp\IR32.exe
C:\Users\haijes\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\haijes\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\haijes\AppData\Local\Temp\msvcp90.dll
C:\Users\haijes\AppData\Local\Temp\msvcr90.dll
C:\Users\haijes\AppData\Local\Temp\NEventMessages.dll
C:\Users\haijes\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\haijes\AppData\Local\Temp\ose00000.exe
C:\Users\haijes\AppData\Local\Temp\Quarantine.exe
C:\Users\haijes\AppData\Local\Temp\Refresh.exe
C:\Users\haijes\AppData\Local\Temp\ResetDevice.exe
C:\Users\haijes\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-31 09:11
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01
Ran by haijes at 2013-09-10 15:39:18
Running from C:\Users\haijes\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.7)
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Content Viewer (x32 Version: 1.4.0)
Adobe Creative Suite 3 Design Standard (x32 Version: 1.0)
Adobe Creative Suite 3 Design Standard hinzufügen oder entfernen (x32 Version: 1.0)
Adobe Creative Suite 5.5 Design Premium (x32 Version: 5.5)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2)
Adobe Flash Player 10 ActiveX (x32 Version: 10.2.153.1)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Illustrator CS3 (x32 Version: 13.0)
Adobe InDesign CS3 (x32 Version: 5.0)
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe MotionPicture Color Files (x32 Version: 1.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Setup (x32 Version: 1.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe SING CS3 (x32 Version: 0.1)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe Version Cue CS3 Server (x32 Version: 3.0)
Adobe WAS CS3 (x32 Version: 1.0)
Adobe Widget Browser (x32 Version: 2.0 Build 230)
Adobe Widget Browser (x32 Version: 2.0.230)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
AHV content for Acrobat and Flash (x32 Version: 1)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Audacity 1.3.12 (x32)
BMD CRW-II (x32 Version: 1.10.000)
bob internet (x32 Version: 1.0.0.139)
bob internet (x32)
Bonjour (Version: 3.0.0.10)
Canon iP4700 series Printer Driver
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell Touchpad (Version: 7.1107.101.210)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
Free Studio version 5.6.3.706 (x32 Version: 5.6.3.706)
Free WMA to MP3 Converter 1.16 (x32)
Game Alarm (HKCU)
GeoGebra 4 (HKCU)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Hauppauge WinTV 7 (x32 Version: v7.0.28314)
HomePlug Wireless Konfiguration (x32 Version: 3.0.0.0)
HomePlug-Konfigurationsassistent (x32 Version: 3.0.0.0)
Intel(R) Network Connections 15.2.89.0 (Version: 15.2.89.0)
iTunes (Version: 11.0.5.5)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.0)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Communicator 2007 R2 (x32 Version: 3.5.6907.268)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
MyPhoneExplorer (x32 Version: 1.8.5)
Nokia Connectivity Cable Driver (x32 Version: 7.1.69.0)
Nokia Suite (x32 Version: 3.3.89.0)
PC Connectivity Solution (x32 Version: 11.5.29.0)
PDF Settings (x32 Version: 1.0)
PDF Settings CS5 (x32 Version: 10.0)
QuickTime (x32 Version: 7.70.80.34)
Samsung Kies (x32 Version: 2.5.0.12104_15)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
SbX RW Controlling HLW II 09-10 (x32)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Ski Challenge 12 (AT) (HKCU)
Ski Challenge 13 (AT) (HKCU)
Skype™ 6.6 (x32 Version: 6.6.106)
Sound Rescue Terratec 2.1 (x32)
swMSM (x32 Version: 12.0.0.1)
TeamViewer 8 (x32 Version: 8.0.18051)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Webocton - Scriptly 0.8.95.6 (x32 Version: 0.8.95.6)
WIDCOMM Bluetooth Software (Version: 6.5.1.2700)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
winpcap-overlook 4.02 (x32)
WLAN Card Utility (Version: 5.60.48.35)
==================== Restore Points =========================
30-07-2013 08:15:53 Windows Update
31-08-2013 07:08:55 Windows Update
10-09-2013 08:04:16 Windows Update
10-09-2013 11:48:21 Removed Java(TM) 6 Update 31
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0A449411-0230-4478-9AB7-345F68135B3C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {17A9BD89-CB80-4E88-B50D-8AF7D776A163} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {37CCA0AE-84CB-4E75-BF83-CEF887ED94EF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {6649CC62-E297-4B74-ADA1-7832871CB268} - System32\Tasks\AdobeAAMUpdater-1.0-haijes2-haijes => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {7E424391-7C25-433A-8BD9-76631FBBF397} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9B6124B1-6C58-48AD-A135-B560CE0B0BED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-10] (Google Inc.)
Task: {A3A594C1-E425-41B0-BCC6-350FEDB77861} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-10] (Google Inc.)
Task: {B390CF0D-C65D-4131-B47B-4DAD0875F2AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {C1BA3A37-B694-4802-B49D-56B552027A05} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C702930A-7B77-4673-A4B9-6522A88D7CD0} - System32\Tasks\{5E01FF16-541D-4779-A106-D895A0102CCF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {EF8655EB-5D4B-4CCD-AE5C-F5DB3F5FF758} - System32\Tasks\{92EA8B08-FB51-4DC4-8E4F-CD6BB35EB3C9} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {FD9578DE-5444-4874-AB99-7CF224A9A8FB} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-10 22:20 - 2012-01-10 22:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-05-31 12:38 - 2010-05-31 12:38 - 00105840 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2009-07-14 02:09 - 2009-07-14 03:38 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl
2010-05-31 12:38 - 2010-05-31 12:38 - 00105840 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2011-03-13 15:35 - 2010-04-24 06:00 - 02914304 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMUIA1.DLL
2011-03-13 15:35 - 2010-04-24 06:00 - 00650240 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMDRA1.DLL
2011-03-13 15:35 - 2010-04-24 06:00 - 00113664 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMCPA1.DLL
2012-01-10 19:37 - 2012-01-10 19:37 - 08172928 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02288512 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00919936 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 01081216 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\Dal.dll
2012-02-01 09:10 - 2012-02-01 09:10 - 00880000 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\CommonUtilities.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00055680 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\MMSParser.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00346496 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00709504 _____ (Nokia Corporation) C:\Program Files (x86)\Nokia\Nokia Suite\nossu2dm.dll
2012-02-01 09:10 - 2012-02-01 09:10 - 00942976 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\CommonWidgets.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00596864 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\WidgetLibrary.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 03260800 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\styles\Style.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00032640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00034688 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00202624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 02521984 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\DAL\Service.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00196480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00050048 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\TrayIcon.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00189824 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\CDC.DLL
2012-02-01 09:11 - 2012-02-01 09:11 - 01226112 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\dashboard.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02252672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 01294208 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 02557312 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00095104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00165248 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00384896 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 10843520 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-01-10 19:38 - 2012-01-10 19:38 - 00272768 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 01352576 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\DAL\Pccs.dll
2012-01-04 14:31 - 2012-01-04 14:31 - 00661544 _____ (Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ConnAPI.dll
2012-01-04 14:31 - 2012-01-04 14:31 - 00205352 _____ (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ConfServer.dll
2012-01-04 14:32 - 2012-01-04 14:32 - 00265256 _____ (Nokia) C:\Program Files (x86)\PC Connectivity Solution\PCCS_ABAPI.dll
2012-01-04 14:31 - 2012-01-04 14:31 - 01485352 _____ (Nokia) C:\Program Files (x86)\PC Connectivity Solution\DAAPI.dll
2012-02-01 09:10 - 2012-02-01 09:10 - 00357760 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\DAL\NossuService.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 01128320 _____ (Nokia Corporation) C:\Program Files (x86)\Nokia\Nokia Suite\nossu2fn.dll
2012-02-01 09:10 - 2012-02-01 09:10 - 00506240 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\DAL\NokiaService.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00423808 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00058240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 00388480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
2012-02-01 09:10 - 2012-02-01 09:10 - 00405376 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\DAL\MapsService.dll
2012-01-10 19:36 - 2012-01-10 19:36 - 01037696 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00654208 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\DAL\Sync.dll
2011-12-21 12:11 - 2011-12-21 12:11 - 00325120 _____ (Nokia Corporation.) C:\Program Files (x86)\Nokia\Nokia Suite\syncRuntimeAPI.dll
2011-12-21 12:10 - 2011-12-21 12:10 - 00942080 _____ (Nokia Corporation.) C:\Program Files (x86)\Nokia\Nokia Suite\ilsyncEx.dll
2011-12-21 12:09 - 2011-12-21 12:09 - 00056832 _____ (Nokia Corporation.) C:\Program Files (x86)\Nokia\Nokia Suite\Attendees.dll
2011-12-21 12:09 - 2011-12-21 12:09 - 01061888 _____ (Nokia Corporation.) C:\Program Files (x86)\Nokia\Nokia Suite\recipients.dll
2011-12-21 12:09 - 2011-12-21 12:09 - 00069120 _____ (Nokia Corporation.) C:\Program Files (x86)\Nokia\Nokia Suite\PTATTACH.dll
2011-12-21 12:10 - 2011-12-21 12:10 - 00599040 _____ (Nokia Corporation.) C:\Program Files (x86)\Nokia\Nokia Suite\iltif32.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 02914176 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\MDataStore.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 00253312 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\UI-QML_Library.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00437632 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00459136 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\MEvent.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00850304 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\MItems.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00380288 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\carousel.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 01371008 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\contacts.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00196480 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\BringYourStuff.dll
2012-02-01 09:12 - 2012-02-01 09:12 - 01962880 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\Photos.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 01531776 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\Messages.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00422272 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 04954496 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\Music.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00517504 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-01-10 19:37 - 2012-01-10 19:37 - 00682880 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00993152 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\maps.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 02191744 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\SoftwareUpdater.dll
2012-01-10 19:35 - 2012-01-10 19:35 - 00758656 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00214400 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\ApplicationInstaller.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00702336 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\BackUp.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00924544 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\caresuite.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00865152 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\ConnectToInternet.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00294272 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\customerfeedback.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00589696 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\FirstTimeUse.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00627584 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\NokiaAccount.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00141184 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\nps.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00510848 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\PIM.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00208256 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\Settings.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 00066944 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\plugins\WhatsNew.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 01131904 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\MThumbnailService.dll
2012-02-01 09:11 - 2012-02-01 09:11 - 02141056 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\MItemPlugins.dll
2012-01-05 17:00 - 2012-01-05 17:00 - 00112640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2012-11-09 22:12 - 2013-02-13 04:00 - 00166288 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentDialogs.dll
2012-11-09 22:12 - 2013-02-13 04:00 - 00054152 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModels.dll
2012-11-09 22:12 - 2013-02-13 04:00 - 00119688 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GlobalUtil.dll
2012-11-09 22:12 - 2013-02-13 04:00 - 01025936 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
2012-11-09 22:12 - 2013-02-13 04:00 - 01612680 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll
2013-01-10 16:32 - 2013-02-13 04:00 - 00106496 _____ (TODO: <Company name>) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2012-11-09 22:12 - 2013-02-13 04:00 - 03341208 _____ (Codejock Software) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll
2012-10-29 13:10 - 2012-10-29 13:10 - 00307200 _____ ( MarkAny.) C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
2011-07-05 16:19 - 2010-11-03 19:30 - 00074752 _____ (Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\DataModel.dll
2011-07-05 16:19 - 2010-11-10 18:58 - 00563200 _____ (Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\MultiMediaServices.dll
2011-07-05 16:19 - 2010-11-10 18:57 - 00598528 _____ (Hauppauge Computer Works) C:\Program Files (x86)\WinTV\WinTV7\NativeMMS.dll
2011-07-05 16:19 - 2010-11-10 18:58 - 00019456 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2013-08-17 22:13 - 2013-08-17 22:13 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-10-13 21:41 - 2011-10-13 21:41 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll
2011-04-25 00:12 - 2011-04-25 00:12 - 00012688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll
2011-10-13 21:41 - 2012-10-30 15:44 - 00455096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00147856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll
2011-04-25 00:13 - 2012-10-30 15:44 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll
2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\DumpWriter.dll
2011-04-25 00:12 - 2011-04-25 00:12 - 00019856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CLLDR.DLL
2011-04-25 00:13 - 2011-04-25 00:13 - 00270736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll
2011-04-25 00:14 - 2011-04-25 00:14 - 00115088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 00021392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl
2011-04-25 00:14 - 2011-04-25 00:14 - 00038288 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl
2011-04-25 00:13 - 2013-09-08 13:09 - 00274624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll
2011-04-25 00:13 - 2013-09-08 13:09 - 00979136 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00315792 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll
2011-10-13 21:41 - 2012-05-02 18:12 - 00042896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl
2011-10-13 21:41 - 2013-09-08 13:09 - 01118400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl
2011-10-13 21:41 - 2013-09-08 13:09 - 04460736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpgui.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-10-13 21:41 - 2012-10-30 15:44 - 02154936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\basegui.ppl
2011-04-25 00:14 - 2011-04-25 00:14 - 00041360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00582032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\localization_manager.dll
2011-04-20 20:56 - 2011-04-20 20:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2012-11-12 12:42 - 2013-02-13 12:32 - 00250368 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2012-11-29 23:59 - 2012-11-29 23:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-05-10 09:57 - 2013-05-10 09:57 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2010-11-17 14:16 - 2010-11-17 14:16 - 00053024 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2011-06-11 19:36 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSPOOL.DRV
2009-09-18 16:46 - 2009-09-18 16:46 - 00876544 _____ (STLport Consulting, Inc.) C:\Games\Game Alarm\stlport.5.0.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00020480 _____ () C:\Games\Game Alarm\rt\bin\jetvm\jvm.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00348160 _____ (Microsoft Corporation) C:\Games\Game Alarm\rt\bin\msvcr71.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00015872 _____ (Sun Microsystems, Inc.) C:\Games\Game Alarm\rt\bin\hpi.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00069632 _____ () C:\Games\Game Alarm\rt\bin\java.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00126976 _____ () C:\Games\Game Alarm\rt\bin\zip.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00077824 _____ (Sun Microsystems, Inc.) C:\Games\Game Alarm\rt\bin\net.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00020480 _____ (Sun Microsystems, Inc.) C:\Games\Game Alarm\rt\bin\nio.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00159744 _____ () C:\Games\Game Alarm\rt\jetrt\baseline720.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 01212416 _____ (Sun Microsystems, Inc.) C:\Games\Game Alarm\rt\bin\awt.dll
2012-12-11 16:17 - 2012-12-11 16:17 - 00339968 _____ (Sun Microsystems, Inc.) C:\Games\Game Alarm\rt\bin\fontmanager.dll
2013-08-10 11:31 - 2013-08-10 11:31 - 16166280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-05-10 09:57 - 2013-05-10 09:57 - 00105984 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
2011-05-30 00:04 - 2011-05-30 00:04 - 00085720 _____ (FJ Software Development) C:\Program Files (x86)\MyPhoneExplorer\DLL\MyPhoneExplorer_OutlookAddIn.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00336272 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mcou.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mapiedk.dll
2013-05-10 09:57 - 2013-05-10 09:57 - 02897488 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-05-10 09:57 - 2013-05-10 09:57 - 01446400 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2010-10-20 17:08 - 2010-10-20 17:08 - 00122720 _____ () C:\Program Files (x86)\Microsoft Office\Office14\OUTLCTL.DLL
2011-10-13 21:41 - 2012-09-03 16:16 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll
2011-04-25 00:14 - 2011-04-25 00:14 - 00086416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mailmsg.ppl
2011-04-25 00:13 - 2011-04-25 00:13 - 00017296 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hashmd5.ppl
2011-04-25 00:14 - 2011-04-25 00:14 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mdb.ppl
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2011-04-25 00:13 - 2011-04-25 00:13 - 00030096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klscav.dll
2013-06-11 12:03 - 2013-06-11 12:03 - 06163104 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash10o.ocx
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Broadcom USH w/swipe sensor
Description: Broadcom USH w/swipe sensor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/10/2013 03:35:10 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
Error: (09/10/2013 02:23:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12090
Error: (09/10/2013 02:23:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12090
Error: (09/10/2013 02:23:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/10/2013 02:23:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11076
Error: (09/10/2013 02:23:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11076
Error: (09/10/2013 02:23:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/10/2013 02:23:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10046
Error: (09/10/2013 02:23:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10046
Error: (09/10/2013 02:23:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (09/10/2013 02:05:02 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.09.2013 um 14:03:19 unerwartet heruntergefahren.
Error: (09/10/2013 00:56:51 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/10/2013 09:51:36 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.09.2013 um 22:00:03 unerwartet heruntergefahren.
Error: (09/09/2013 09:36:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/09/2013 09:36:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.
Error: (09/09/2013 09:35:46 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.09.2013 um 00:42:39 unerwartet heruntergefahren.
Error: (09/09/2013 00:43:26 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/08/2013 11:33:09 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 31.08.2013 um 10:23:39 unerwartet heruntergefahren.
Error: (08/31/2013 10:24:14 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (08/30/2013 07:52:34 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.
Microsoft Office Sessions:
=========================
Error: (09/10/2013 03:35:10 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
Error: (09/10/2013 02:23:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12090
Error: (09/10/2013 02:23:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12090
Error: (09/10/2013 02:23:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/10/2013 02:23:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11076
Error: (09/10/2013 02:23:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11076
Error: (09/10/2013 02:23:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/10/2013 02:23:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10046
Error: (09/10/2013 02:23:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10046
Error: (09/10/2013 02:23:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2013-03-22 17:28:48.668
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:48.527
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:45.164
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:44.967
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:42.484
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:42.269
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:39.282
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:39.071
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:36.494
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-22 17:28:36.302
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 3957.83 MB
Available physical RAM: 1404.61 MB
Total Pagefile: 7913.85 MB
Available Pagefile: 4692.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.08 GB) (Free:59.5 GB) NTFS
Drive e: (HAIJES_SAM4) (Removable) (Total:7.4 GB) (Free:5.38 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 77E3ED41)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10 GB) - (Type=0C)
Partition 3: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================
|
|
10.09.2013, 15:48
| #2 |
| /// the machine /// TB-Ausbilder    | Win7 - Monstermarketplace Umleitung hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
10.09.2013, 16:52
| #3 |
| | Win7 - Monstermarketplace Umleitung Habe das jetzt ausgeführt und hier sind die Ergebnisse:
__________________Malwarebytes Anti-Malware : Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.10.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 haijes :: HAIJES2 [Administrator] 10.09.2013 17:06:11 mbam-log-2013-09-10 (17-06-11).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 264362 Laufzeit: 17 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\Users\haijes\AppData\Local\Temp\nso9D38.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\haijes\Downloads\MyPhoneExplorer_Setup_1.8.4.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\haijes\Downloads\MyPhoneExplorer_Setup_v1.8.5.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\haijes\Downloads\SoftonicDownloader_fuer_photo-flash-maker.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Professional x64
Ran by haijes on 10.09.2013 at 17:38:31,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{21D3A891-5A92-4832-8CDE-17B810AED83F}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{224FB4A6-CAAF-4D03-B43D-A14F822B6331}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{25A22097-55D5-43B0-B72D-7807B950D9BA}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{25F0352F-BD81-4B6C-AB29-81FC012186D6}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{29517A15-B768-4000-8FAE-A41733C41E82}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{31867212-EADC-47A1-AF29-CAC7B0A08FDD}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{3E28D1CD-8E80-48FC-BF40-B118CE9E0346}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{3F506C4E-3C6D-415B-9EEC-925CF04F01FC}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{4ECFC99D-41DA-4F71-A15C-BB40AAB81D96}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{5EB7582E-0806-4655-AB89-0F0284D2EA4B}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{6C5D6173-29E0-419D-8855-D8D0D44ACF24}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{72AB5F4B-A5D6-45FD-8654-254A113E00E9}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{89F6903F-3C4F-46A1-9C3A-35AE911426C8}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{901D4F96-6D09-4C4B-95D0-ECDF03466711}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{965C17A0-8AEA-4C50-B811-82B1EDC8248F}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{97D40B20-1703-4794-A6A8-7C65B8FDA58B}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{B5B6A13F-DC7D-4B93-BECE-C94A5AE83D2B}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{BF9C84DC-D239-4120-BFB1-0A6190B52990}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{CD2D0E4E-85B7-4853-9DA1-5881DE5D4D39}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{D76B17E8-A764-479A-A68D-F27385013428}
Successfully deleted: [Empty Folder] C:\Users\haijes\appdata\local\{DB97C0AB-26AE-47D9-8416-C970AE41039D}
~~~ FireFox
Emptied folder: C:\Users\haijes\AppData\Roaming\mozilla\firefox\profiles\u3l6ue87.default\minidumps [285 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.09.2013 at 17:45:22,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by haijes (administrator) on HAIJES2 on 10-09-2013 17:49:25
Running from C:\Users\haijes\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hauppauge Computer Works) C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Europe Support Ltd. N.V.) C:\Games\Game Alarm\gamealarm.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Thisisu) C:\Users\haijes\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-03-09] (Microsoft Corporation)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-02-01] (Nokia)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-02-06] (Samsung Electronics)
HKCU\...\Run: [AdobeBridge] - [x]
MountPoints2: {17acaa49-a103-11e0-8db0-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {17acaa66-a103-11e0-8db0-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {45d4c3f1-903c-11e0-a70b-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {47de9b7c-36d1-11e2-a231-c0cb386c051d} - E:\LaunchU3.exe -a
MountPoints2: {6695febe-a189-11e0-af0a-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {796b65d7-99d5-11e0-8c26-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {d083391a-a4b9-11e0-8606-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {d34d4352-8f70-11e0-84ba-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {d34d436b-8f70-11e0-84ba-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {d34d43b6-8f70-11e0-84ba-5c260a32a526} - E:\AutoRun.exe
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] - C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [5164712 2013-04-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\haijes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{48B81B09-92A5-412C-AF69-F4A8B81C5719}: [NameServer]194.48.124.202 194.48.124.200
FireFox:
========
FF ProfilePath: C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\searchplugins\dictcc.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: firebug - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\firefox@ghostery.com.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [fe_9.0@nokia.com] C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
==================== Services (Whitelisted) =================
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 HauppaugeTVServer; C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE [558592 2010-11-03] (Hauppauge Computer Works)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [48128 2010-02-02] (Dell Inc.)
==================== Drivers (Whitelisted) ====================
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hcw17bda; C:\Windows\System32\drivers\hcw17bda.sys [67456 2010-01-27] (Hauppauge Computer Works, Inc.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 npf; C:\Windows\System32\drivers\npf.sys [40464 2009-02-08] (CACE Technologies)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2007-02-07] (CACE Technologies)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 17:38 - 2013-09-10 17:38 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 17:37 - 2013-09-10 17:37 - 01029490 _____ (Thisisu) C:\Users\haijes\Desktop\JRT.exe
2013-09-10 17:04 - 2013-09-10 17:04 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-10 17:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 17:02 - 2013-09-10 17:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\haijes\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 15:39 - 2013-09-10 15:39 - 00046365 _____ C:\Users\haijes\Desktop\Addition.txt
2013-09-10 15:37 - 2013-09-10 15:37 - 00000000 ____D C:\FRST
2013-09-10 15:36 - 2013-09-10 15:36 - 01949196 _____ (Farbar) C:\Users\haijes\Desktop\FRST64.exe
2013-09-10 14:13 - 2013-09-10 14:13 - 00000474 _____ C:\Users\haijes\Downloads\defogger_disable.log
2013-09-10 14:13 - 2013-09-10 14:13 - 00000000 _____ C:\Users\haijes\defogger_reenable
2013-09-10 14:12 - 2013-09-10 14:12 - 00050477 _____ C:\Users\haijes\Downloads\Defogger.exe
2013-09-10 13:55 - 2013-09-10 14:02 - 00000000 ____D C:\AdwCleaner
2013-09-10 13:50 - 2013-04-04 05:30 - 00263584 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-10 13:49 - 2013-09-10 13:51 - 01037278 _____ C:\Users\haijes\Downloads\3003-adwcleaner.exe
2013-09-10 10:29 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 10:29 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 10:29 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 10:29 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 10:29 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 10:29 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 10:29 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 10:29 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 10:29 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 10:29 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 10:29 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 10:29 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 10:19 - 2013-09-10 10:23 - 00000000 ____D C:\Windows\system32\MRT
2013-09-10 10:04 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-10 10:04 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-10 10:03 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-10 10:03 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-10 10:03 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-10 10:03 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-10 10:03 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-10 10:03 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-10 10:02 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-10 10:02 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-09 00:32 - 2013-09-09 00:32 - 00129024 _____ C:\Users\haijes\Downloads\36712_731_731_vaterunsernimmunsalsdeinekinderan.ppt
2013-08-30 20:08 - 2013-08-30 21:07 - 00000000 ____D C:\Users\haijes\Desktop\Bella
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iPod
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 22:13 - 2013-09-10 13:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-09-10 17:45 - 2013-09-10 17:45 - 00003116 _____ C:\Users\haijes\Desktop\JRT.txt
2013-09-10 17:40 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 17:40 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 17:38 - 2013-09-10 17:38 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 17:37 - 2013-09-10 17:37 - 01029490 _____ (Thisisu) C:\Users\haijes\Desktop\JRT.exe
2013-09-10 17:34 - 2011-12-22 20:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-10 17:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-10 17:32 - 2011-05-10 12:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-10 17:31 - 2011-12-22 20:38 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-10 17:31 - 2011-02-08 21:11 - 00057236 _____ C:\Windows\PFRO.log
2013-09-10 17:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 17:31 - 2009-07-14 06:51 - 00355789 _____ C:\Windows\setupact.log
2013-09-10 17:29 - 2011-02-08 13:25 - 01661654 _____ C:\Windows\WindowsUpdate.log
2013-09-10 17:28 - 2013-05-05 20:21 - 00000000 ____D C:\Users\haijes\Jungschar
2013-09-10 17:28 - 2011-02-09 16:53 - 00000000 ____D C:\Users\haijes\Documents\Outlook-Dateien
2013-09-10 17:04 - 2013-09-10 17:04 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-10 17:03 - 2013-09-10 17:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\haijes\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 16:56 - 2011-02-09 16:49 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Skype
2013-09-10 16:54 - 2011-05-10 12:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-10 16:42 - 2012-07-10 10:36 - 00000000 ____D C:\Users\haijes\Pfarre
2013-09-10 16:42 - 2011-02-08 20:34 - 00000000 ____D C:\Users\haijes
2013-09-10 16:39 - 2011-02-11 10:11 - 00000000 ____D C:\Users\haijes\Schule
2013-09-10 15:39 - 2013-09-10 15:39 - 00046365 _____ C:\Users\haijes\Desktop\Addition.txt
2013-09-10 15:37 - 2013-09-10 15:37 - 00000000 ____D C:\FRST
2013-09-10 15:36 - 2013-09-10 15:36 - 01949196 _____ (Farbar) C:\Users\haijes\Desktop\FRST64.exe
2013-09-10 14:13 - 2013-09-10 14:13 - 00000474 _____ C:\Users\haijes\Downloads\defogger_disable.log
2013-09-10 14:13 - 2013-09-10 14:13 - 00000000 _____ C:\Users\haijes\defogger_reenable
2013-09-10 14:12 - 2013-09-10 14:12 - 00050477 _____ C:\Users\haijes\Downloads\Defogger.exe
2013-09-10 14:02 - 2013-09-10 13:55 - 00000000 ____D C:\AdwCleaner
2013-09-10 13:51 - 2013-09-10 13:49 - 01037278 _____ C:\Users\haijes\Downloads\3003-adwcleaner.exe
2013-09-10 13:50 - 2013-08-17 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 12:01 - 2011-02-11 10:11 - 00000000 ___RD C:\Users\haijes\Privat
2013-09-10 12:00 - 2012-10-02 15:48 - 00000000 ____D C:\Users\haijes\Desktop\Fotos
2013-09-10 11:37 - 2013-04-13 15:31 - 00000000 ____D C:\Users\haijes\Dekanat
2013-09-10 11:37 - 2012-08-14 22:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2013-09-10 10:31 - 2011-02-08 20:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-10 10:23 - 2013-09-10 10:19 - 00000000 ____D C:\Windows\system32\MRT
2013-09-10 10:18 - 2011-02-11 14:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 21:05 - 2011-02-09 17:51 - 00000000 ____D C:\Users\haijes\AppData\Local\Adobe
2013-09-09 16:16 - 2011-02-09 17:41 - 00020992 _____ C:\Users\haijes\Desktop\Daten.xlsx
2013-09-09 13:52 - 2011-06-05 19:13 - 00102416 _____ C:\Users\haijes\Desktop\Geldübersicht.xlsx
2013-09-09 11:44 - 2009-07-14 19:58 - 03819762 _____ C:\Windows\system32\perfh007.dat
2013-09-09 11:44 - 2009-07-14 19:58 - 01166822 _____ C:\Windows\system32\perfc007.dat
2013-09-09 11:44 - 2009-07-14 07:13 - 00006456 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 00:32 - 2013-09-09 00:32 - 00129024 _____ C:\Users\haijes\Downloads\36712_731_731_vaterunsernimmunsalsdeinekinderan.ppt
2013-09-08 23:23 - 2013-02-17 15:56 - 00000000 ____D C:\Users\haijes\Pfarrhomepage
2013-08-30 21:07 - 2013-08-30 20:08 - 00000000 ____D C:\Users\haijes\Desktop\Bella
2013-08-30 11:37 - 2012-08-14 22:15 - 00000000 ____D C:\Users\haijes\AppData\Roaming\MyPhoneExplorer
2013-08-24 11:23 - 2012-05-06 11:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iPod
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
Files to move or delete:
====================
C:\Users\haijes\AppData\Local\Temp\autorun.dll
C:\Users\haijes\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\haijes\AppData\Local\Temp\Execute2App.exe
C:\Users\haijes\AppData\Local\Temp\ezGameXN.dll
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\haijes\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\haijes\AppData\Local\Temp\GameXNGO.exe
C:\Users\haijes\AppData\Local\Temp\hcwclear.exe
C:\Users\haijes\AppData\Local\Temp\InstallAX.exe
C:\Users\haijes\AppData\Local\Temp\IR32.exe
C:\Users\haijes\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\haijes\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\haijes\AppData\Local\Temp\msvcp90.dll
C:\Users\haijes\AppData\Local\Temp\msvcr90.dll
C:\Users\haijes\AppData\Local\Temp\NEventMessages.dll
C:\Users\haijes\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\haijes\AppData\Local\Temp\ose00000.exe
C:\Users\haijes\AppData\Local\Temp\Quarantine.exe
C:\Users\haijes\AppData\Local\Temp\Refresh.exe
C:\Users\haijes\AppData\Local\Temp\ResetDevice.exe
C:\Users\haijes\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-31 09:11
==================== End Of Log ============================
--- --- --- --- --- --- |
|
10.09.2013, 20:00
| #4 |
| /// the machine /// TB-Ausbilder | Win7 - Monstermarketplace UmleitungESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2013, 06:47
| #5 |
| | Win7 - Monstermarketplace Umleitung Guten Morgen, ich habe jetzt über Nacht ESET laufen gehabt. Er hat mir zwei Funde angezeigt... Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b6c0df87111c214f869f4cf505e5e96c
# engine=15082
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-11 01:08:28
# local_time=2013-09-11 03:08:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1285 16777213 100 98 20892 75509620 0 0
# compatibility_mode=5893 16776573 100 94 33779 130491558 0 0
# scanned=470957
# found=2
# cleaned=0
# scan_time=20637
sh=ACF593B8FF894B4B1E2A326058F7F23E87E4F01D ft=1 fh=57c0c69c994b76bf vn="multiple threats" ac=I fn="C:\Users\haijes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5BOF392R\TubeSaver_2070-2021_v122[1].exe"
sh=7734711563A3BDE5D331F02F1960FBB3E32B74BB ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\haijes\AppData\Local\Temp\jar_cache3856391658901057157.tmp"
Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013
Ran by haijes (administrator) on HAIJES2 on 11-09-2013 07:43:50
Running from C:\Users\haijes\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hauppauge Computer Works) C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Europe Support Ltd. N.V.) C:\Games\Game Alarm\gamealarm.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Users\haijes\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-03-09] (Microsoft Corporation)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-02-01] (Nokia)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-02-06] (Samsung Electronics)
HKCU\...\Run: [AdobeBridge] - [x]
MountPoints2: {17acaa49-a103-11e0-8db0-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {17acaa66-a103-11e0-8db0-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {45d4c3f1-903c-11e0-a70b-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {47de9b7c-36d1-11e2-a231-c0cb386c051d} - E:\LaunchU3.exe -a
MountPoints2: {6695febe-a189-11e0-af0a-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {796b65d7-99d5-11e0-8c26-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {d083391a-a4b9-11e0-8606-5c260a32a526} - E:\AutoRun.exe
MountPoints2: {d34d4352-8f70-11e0-84ba-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {d34d436b-8f70-11e0-84ba-c0cb386c051d} - E:\AutoRun.exe
MountPoints2: {d34d43b6-8f70-11e0-84ba-5c260a32a526} - E:\AutoRun.exe
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] - C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [5164712 2013-04-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\haijes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7B565BDFF114CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{48B81B09-92A5-412C-AF69-F4A8B81C5719}: [NameServer]194.48.124.202 194.48.124.200
FireFox:
========
FF ProfilePath: C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\searchplugins\dictcc.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: firebug - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefox - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\firefox@ghostery.com.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\haijes\AppData\Roaming\Mozilla\Firefox\Profiles\u3l6ue87.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [fe_9.0@nokia.com] C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 HauppaugeTVServer; C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE [558592 2010-11-03] (Hauppauge Computer Works)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [48128 2010-02-02] (Dell Inc.)
==================== Drivers (Whitelisted) ====================
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hcw17bda; C:\Windows\System32\drivers\hcw17bda.sys [67456 2010-01-27] (Hauppauge Computer Works, Inc.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 npf; C:\Windows\System32\drivers\npf.sys [40464 2009-02-08] (CACE Technologies)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2007-02-07] (CACE Technologies)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-11 07:38 - 2013-09-11 07:38 - 00891144 _____ C:\Users\haijes\Desktop\SecurityCheck.exe
2013-09-10 21:21 - 2013-09-10 21:22 - 02347384 _____ (ESET) C:\Users\haijes\Downloads\esetsmartinstaller_enu.exe
2013-09-10 17:45 - 2013-09-10 17:45 - 00003116 _____ C:\Users\haijes\Desktop\JRT.txt
2013-09-10 17:38 - 2013-09-10 17:38 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 17:37 - 2013-09-10 17:37 - 01029490 _____ (Thisisu) C:\Users\haijes\Desktop\JRT.exe
2013-09-10 17:04 - 2013-09-10 17:04 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-10 17:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 17:02 - 2013-09-10 17:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\haijes\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 15:39 - 2013-09-10 15:39 - 00046365 _____ C:\Users\haijes\Desktop\Addition.txt
2013-09-10 15:37 - 2013-09-10 15:37 - 00000000 ____D C:\FRST
2013-09-10 14:13 - 2013-09-10 14:13 - 00000474 _____ C:\Users\haijes\Downloads\defogger_disable.log
2013-09-10 14:13 - 2013-09-10 14:13 - 00000000 _____ C:\Users\haijes\defogger_reenable
2013-09-10 14:12 - 2013-09-10 14:12 - 00050477 _____ C:\Users\haijes\Downloads\Defogger.exe
2013-09-10 13:55 - 2013-09-10 14:02 - 00000000 ____D C:\AdwCleaner
2013-09-10 13:50 - 2013-04-04 05:30 - 00263584 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-10 13:49 - 2013-09-10 13:51 - 01037278 _____ C:\Users\haijes\Downloads\3003-adwcleaner.exe
2013-09-10 10:29 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 10:29 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 10:29 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 10:29 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 10:29 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 10:29 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 10:29 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 10:29 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 10:29 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 10:29 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 10:29 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 10:29 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 10:29 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 10:29 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 10:19 - 2013-09-10 10:23 - 00000000 ____D C:\Windows\system32\MRT
2013-09-10 10:04 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-10 10:04 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-10 10:04 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-10 10:04 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-10 10:03 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-10 10:03 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-10 10:03 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-10 10:03 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-10 10:03 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-10 10:03 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-10 10:02 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-10 10:02 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-09 00:32 - 2013-09-09 00:32 - 00129024 _____ C:\Users\haijes\Downloads\36712_731_731_vaterunsernimmunsalsdeinekinderan.ppt
2013-08-30 20:08 - 2013-08-30 21:07 - 00000000 ____D C:\Users\haijes\Desktop\Bella
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iPod
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 22:13 - 2013-09-10 13:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-09-11 07:43 - 2013-09-11 07:43 - 01949408 _____ (Farbar) C:\Users\haijes\Desktop\FRST64.exe
2013-09-11 07:38 - 2013-09-11 07:38 - 00891144 _____ C:\Users\haijes\Desktop\SecurityCheck.exe
2013-09-11 07:03 - 2011-12-22 20:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-11 06:54 - 2011-05-10 12:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-11 04:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-11 03:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-11 03:36 - 2011-02-08 13:25 - 01700752 _____ C:\Windows\WindowsUpdate.log
2013-09-10 22:30 - 2011-02-09 16:53 - 00000000 ____D C:\Users\haijes\Documents\Outlook-Dateien
2013-09-10 21:22 - 2013-09-10 21:21 - 02347384 _____ (ESET) C:\Users\haijes\Downloads\esetsmartinstaller_enu.exe
2013-09-10 17:45 - 2013-09-10 17:45 - 00003116 _____ C:\Users\haijes\Desktop\JRT.txt
2013-09-10 17:40 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 17:40 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 17:38 - 2013-09-10 17:38 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 17:37 - 2013-09-10 17:37 - 01029490 _____ (Thisisu) C:\Users\haijes\Desktop\JRT.exe
2013-09-10 17:32 - 2011-05-10 12:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-10 17:31 - 2011-12-22 20:38 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-10 17:31 - 2011-02-08 21:11 - 00057236 _____ C:\Windows\PFRO.log
2013-09-10 17:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-10 17:31 - 2009-07-14 06:51 - 00355789 _____ C:\Windows\setupact.log
2013-09-10 17:28 - 2013-05-05 20:21 - 00000000 ____D C:\Users\haijes\Jungschar
2013-09-10 17:04 - 2013-09-10 17:04 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 17:03 - 2013-09-10 17:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-10 17:03 - 2013-09-10 17:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\haijes\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 16:56 - 2011-02-09 16:49 - 00000000 ____D C:\Users\haijes\AppData\Roaming\Skype
2013-09-10 16:42 - 2012-07-10 10:36 - 00000000 ____D C:\Users\haijes\Pfarre
2013-09-10 16:42 - 2011-02-08 20:34 - 00000000 ____D C:\Users\haijes
2013-09-10 16:39 - 2011-02-11 10:11 - 00000000 ____D C:\Users\haijes\Schule
2013-09-10 15:39 - 2013-09-10 15:39 - 00046365 _____ C:\Users\haijes\Desktop\Addition.txt
2013-09-10 15:37 - 2013-09-10 15:37 - 00000000 ____D C:\FRST
2013-09-10 14:13 - 2013-09-10 14:13 - 00000474 _____ C:\Users\haijes\Downloads\defogger_disable.log
2013-09-10 14:13 - 2013-09-10 14:13 - 00000000 _____ C:\Users\haijes\defogger_reenable
2013-09-10 14:12 - 2013-09-10 14:12 - 00050477 _____ C:\Users\haijes\Downloads\Defogger.exe
2013-09-10 14:02 - 2013-09-10 13:55 - 00000000 ____D C:\AdwCleaner
2013-09-10 13:51 - 2013-09-10 13:49 - 01037278 _____ C:\Users\haijes\Downloads\3003-adwcleaner.exe
2013-09-10 13:50 - 2013-08-17 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 12:01 - 2011-02-11 10:11 - 00000000 ___RD C:\Users\haijes\Privat
2013-09-10 12:00 - 2012-10-02 15:48 - 00000000 ____D C:\Users\haijes\Desktop\Fotos
2013-09-10 11:37 - 2013-04-13 15:31 - 00000000 ____D C:\Users\haijes\Dekanat
2013-09-10 11:37 - 2012-08-14 22:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2013-09-10 10:31 - 2011-02-08 20:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-10 10:23 - 2013-09-10 10:19 - 00000000 ____D C:\Windows\system32\MRT
2013-09-10 10:18 - 2011-02-11 14:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 21:05 - 2011-02-09 17:51 - 00000000 ____D C:\Users\haijes\AppData\Local\Adobe
2013-09-09 16:16 - 2011-02-09 17:41 - 00020992 _____ C:\Users\haijes\Desktop\Daten.xlsx
2013-09-09 13:52 - 2011-06-05 19:13 - 00102416 _____ C:\Users\haijes\Desktop\Geldübersicht.xlsx
2013-09-09 11:44 - 2009-07-14 19:58 - 03819762 _____ C:\Windows\system32\perfh007.dat
2013-09-09 11:44 - 2009-07-14 19:58 - 01166822 _____ C:\Windows\system32\perfc007.dat
2013-09-09 11:44 - 2009-07-14 07:13 - 00006456 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 00:32 - 2013-09-09 00:32 - 00129024 _____ C:\Users\haijes\Downloads\36712_731_731_vaterunsernimmunsalsdeinekinderan.ppt
2013-09-08 23:23 - 2013-02-17 15:56 - 00000000 ____D C:\Users\haijes\Pfarrhomepage
2013-08-30 21:07 - 2013-08-30 20:08 - 00000000 ____D C:\Users\haijes\Desktop\Bella
2013-08-30 11:37 - 2012-08-14 22:15 - 00000000 ____D C:\Users\haijes\AppData\Roaming\MyPhoneExplorer
2013-08-24 11:23 - 2012-05-06 11:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iTunes
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files\iPod
2013-08-23 19:46 - 2013-08-23 19:46 - 00000000 ____D C:\Program Files (x86)\iTunes
Files to move or delete:
====================
C:\Users\haijes\AppData\Local\Temp\autorun.dll
C:\Users\haijes\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\haijes\AppData\Local\Temp\Execute2App.exe
C:\Users\haijes\AppData\Local\Temp\ezGameXN.dll
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\haijes\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\haijes\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\haijes\AppData\Local\Temp\GameXNGO.exe
C:\Users\haijes\AppData\Local\Temp\hcwclear.exe
C:\Users\haijes\AppData\Local\Temp\InstallAX.exe
C:\Users\haijes\AppData\Local\Temp\IR32.exe
C:\Users\haijes\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\haijes\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\haijes\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\haijes\AppData\Local\Temp\msvcp90.dll
C:\Users\haijes\AppData\Local\Temp\msvcr90.dll
C:\Users\haijes\AppData\Local\Temp\NEventMessages.dll
C:\Users\haijes\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\haijes\AppData\Local\Temp\ose00000.exe
C:\Users\haijes\AppData\Local\Temp\Quarantine.exe
C:\Users\haijes\AppData\Local\Temp\Refresh.exe
C:\Users\haijes\AppData\Local\Temp\ResetDevice.exe
C:\Users\haijes\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-11 03:36
==================== End Of Log ============================
--- --- --- Probleme habe ich (derzeit) keine mehr! Also schon mal herzlichen Dank für die Hilfe, ich hoffe, dass mit dem Security Check ist nicht alzu tragisch?! Kann ich nun wieder das eigene Anti-Viren-Programm einschalten und mit defogger re-enable'n? |
|
11.09.2013, 09:06
| #6 |
| /// the machine /// TB-Ausbilder | Win7 - Monstermarketplace Umleitung Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Win7 - Monstermarketplace Umleitung |
|
11.09.2013, 12:24
| #7 |
| | Win7 - Monstermarketplace Umleitung Danke für alles schrauber - es hat alles super geklappt! WOT und der addblocker werden von mir schon seit jeher verwendet und ich werde in Zukunft noch vorsichtiger durch die Online-Welt gehen! Lg cajon |
|
11.09.2013, 17:02
| #8 |
| /// the machine /// TB-Ausbilder | Win7 - Monstermarketplace Umleitung Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win7 - Monstermarketplace Umleitung |
| 192.168.0.2, adblock, adw cleaner, appdatalow, bonjour, computer, converter, defender, entfernen, error, excel, farbar, farbar recovery scan tool, firefox, flash player, ftp, google, internet explorer, karte, monitor, mp3, myphoneexplorer, plug-in, problem, registrierungsdatenbank, registry, scan, services.exe, svchost.exe, windows, windows xp, wlan, wma |
Linear-Darstellung
