Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Polizeivirus

Polizeivirus


Plagegeister aller Art und deren Bekämpfung: Polizeivirus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 4 1 2 34
Alt 25.10.2013, 10:36   #16
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Das ist ein direkter Download, bei mir geht er. Welcher Browser? Versuch mal Rechtsklick Speichern unter.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.10.2013, 23:47   #17
doro89
 
Polizeivirus - Standard

Polizeivirus


Habe den Internet Explorer. Geht auch mit speichern unter nicht.
__________________
Alt 26.10.2013, 13:19   #18
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Eigentlich unmöglich. Mach mal mit Firefox
__________________
__________________
Alt 27.10.2013, 15:17   #19
doro89
 
Polizeivirus - Standard

Polizeivirus


Mit Firefox klappt der Download, aber jetzt steht die Datei kann nicht geöffnet werden. Das Programm mit dem sie die Datei öffnen möchten muss bekannt sein.

Alt 27.10.2013, 19:00   #20
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Was genau hast Du geladen?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.10.2013, 02:47   #21
doro89
 
Polizeivirus - Standard

Polizeivirus


Na mit Firefox auf deinen link geklickt, und dann au ausführen.

Edit: Hab jetzt nochmals versucht nen Scan zu machen und siehe da, plötzlich bleibt es nicht mehr hängen. Keine Ahnung warum...

FRST Log:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2013 01
Ran by d-ro (administrator) on D-RO-PC on 28-10-2013 02:58:02
Running from C:\Users\d-ro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XV348SN
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Windows\runservice.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Ralink Technology, Corp.) C:\Windows\SysWOW64\MotWirelessSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Somoto) C:\Users\d-ro\AppData\Local\FilesFrog Update Checker\update_checker.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe
() c:\progra~2\optimi~1\OptProCrash.exe
() C:\Users\d-ro\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
() C:\Users\d-ro\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM-x32\...\Runonce: [network_matomyi_1] -  [x]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [MMAgent] - C:\Program Files (x86)\Mobile Master\MMAgent.exe [1400672 2012-04-20] (Jumping Bytes)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Dominik\Games\SEGA\Football Manager 2012\Steam.exe [1813928 2013-10-09] (Valve Corporation)
HKCU\...\Run: [AviraSpeedup] - C:\Program Files (x86)\AviraSpeedup\AviraSpeedup.exe [4856296 2012-11-05] (Avira)
HKCU\...\Run: [HP Deskjet 3070 B611 series (NET)] - C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
HKCU\...\Run: [bitssc] - rundll32 "C:\Windows\system32\convlder64.dll",CreateProcessNotify
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-07-10] ()
HKCU\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135672 2013-09-29] (PC Utilities Pro)
HKCU\...\Run: [AppsHat] - C:\Users\d-ro\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
HKCU\...\Run: [FLV Player] - C:\Users\d-ro\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
MountPoints2: F - F:\autorun.exe
MountPoints2: {030d2f9f-0882-11e1-84b0-806e6f6e6963} - D:\Autorun.exe
MountPoints2: {0ac49cc8-a7eb-11e1-9d5d-806e6f6e6963} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {a37e3778-674d-11e2-ae25-90a03642cea8} - F:\autorun.exe
MountPoints2: {a7736ea2-b2f6-11e1-b9ba-dc0ea10f05ff} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {f5353af6-6897-11e2-9b6a-bd8b8507a0e1} - F:\autorun.exe
MountPoints2: {f5353e87-6897-11e2-9b6a-bd8b8507a0e1} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {f5353e9e-6897-11e2-9b6a-bd8b8507a0e1} - F:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [HTC Sync Loader] - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL [22536 2013-10-09] ()
AppInit_DLLs-x32: c:\progra~3\wincert\win32c~1.dll c:\progra~2\movies~1\safety~1\safety~2.dll  c:\progra~2\optimi~1\optpro~1.dll [2869720 2013-10-17] ()
IMEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\agatha christie - death on the nile-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\bejeweled 2 deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browsemngr.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browsermngr.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
IMEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IMEO\cc_kart2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\chuzzle deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\cltmngsvc.exe: [Debugger] tasklist.exe
IMEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\cnmnsu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\cnsemain.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\delta babylon.exe: [Debugger] tasklist.exe
IMEO\delta tb.exe: [Debugger] tasklist.exe
IMEO\delta2.exe: [Debugger] tasklist.exe
IMEO\deltainstaller.exe: [Debugger] tasklist.exe
IMEO\deltasetup.exe: [Debugger] tasklist.exe
IMEO\deltatb.exe: [Debugger] tasklist.exe
IMEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IMEO\devicesetup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\devicesetuplauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\drivegreen1-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\fate-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hp deskjet 3070 b611 series.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hpqdtss.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hpqlpvwr.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\hpscan.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\htcupctloader.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\iminentsetup.exe: [Debugger] tasklist.exe
IMEO\insaniquarium deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\jewel quest solitaire-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\jewelmatch3-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\mysteryofmortlakemansion-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\nobuclient.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\penguins-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\photoproduct.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\plantsvszombies-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\polar-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\provider.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\racing-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\rjatydimofu.exe: [Debugger] tasklist.exe
IMEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\slingo deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\sweetimsetup.exe: [Debugger] tasklist.exe
IMEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IMEO\torchlight-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\virtualvillagers4thetreeoflife-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\wedding dash-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\zuma deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\zune.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3070 B611 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3070 B611 series (Netzwerk).lnk -> C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wllfrjgf.lnk
ShortcutTarget: wllfrjgf.lnk -> fgjrfllw.plz,GL300 (No File)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll [485384 2013-10-09] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll [657928 2013-10-09] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SRTOOL~1\IE\searchresultsDx.dll ()
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\d-ro\AppData\Roaming\Mozilla\Firefox\Profiles\3fkzruso.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_34 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\d-ro\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: a2zLyrics-16 - C:\Users\d-ro\AppData\Roaming\Mozilla\Firefox\Profiles\3fkzruso.default\Extensions\2f86d471-1122-4c15-901a-d7fd67316cd9@ca42b8d2-0eb6-47be-84a2-6d95abe186e8.com
FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) - C:\Users\d-ro\AppData\Roaming\Mozilla\Firefox\Profiles\3fkzruso.default\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
FF Extension: Apps Hat - C:\Users\d-ro\AppData\Roaming\Mozilla\Firefox\Profiles\3fkzruso.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1\
FF Extension: Mobile Master Add-In - C:\Program Files (x86)\Mobile Master\ext\1\

Chrome: 
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-103&v=n9602-149&t=4
CHR RestoreOnStartup: "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-103&v=n9602-149&t=4"
CHR DefaultSearchURL: (Ask.com) - hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=103&systemid=473&v=n9602-149&apn_uid=9421734181624531&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
CHR DefaultSuggestURL: (Ask.com) -       "suggest_url": "",
CHR Extension: (Movies Toolbar) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic\21.56058_0
CHR Extension: (Google Docs) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (a2zLyrics-16) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfocabhmkfcdibnkgogpaclhgblhnemn\1.25.5_0
CHR Extension: (Minibar ) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo\2.0.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\d-ro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\d-ro\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx

==================== Services (Whitelisted) =================

R2 70e6ca8c; c:\progra~2\optimi~1\OptProCrash.exe [143488 2013-10-28] ()
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-01] (Avira Operations GmbH & Co. KG)
S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [551896 2012-02-20] (Protection Technology)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-04-30] ()
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
R2 RaAutoInstSrv_Motorola; C:\Windows\SysWOW64\MotWirelessSvc.exe [20480 2008-09-11] (Ralink Technology, Corp.)
R2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3422728 2013-10-09] (SafetyNut Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [277904 2013-03-25] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [228000 2013-03-25] (Protect Software GmbH)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3852976 2012-02-20] (Protection Technology)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-17] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-27] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-17] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 ZG760_64; C:\Windows\System32\DRIVERS\WlanGZ64.SYS [870912 2009-04-17] (ZyDAS Technology Corporation)
S3 b57xdbd; \SystemRoot\system32\drivers\b57xdbd.sys [x]
S3 b57xdmp; \SystemRoot\system32\drivers\b57xdmp.sys [x]
S3 bScsiMSa; \SystemRoot\system32\drivers\bScsiMSa.sys [x]
S3 bScsiSDa; system32\DRIVERS\bScsiSDa.sys [x]
S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [x]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-28 02:15 - 2013-10-28 02:15 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-10-28 02:15 - 2013-10-28 02:15 - 00000000 ____D C:\ProgramData\Browser Manager
2013-10-28 02:15 - 2013-10-28 02:15 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-28 01:43 - 2013-10-28 01:43 - 00000000 ____D C:\Users\d-ro\Documents\Optimizer Pro
2013-10-28 01:43 - 2013-10-28 01:43 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Optimizer Pro
2013-10-28 01:42 - 2013-10-28 01:42 - 00163400 _____ () C:\Users\d-ro\Downloads\VideoPlayer-3Loxqme.exe
2013-10-28 01:42 - 2013-10-28 01:42 - 00004276 _____ C:\Windows\System32\Tasks\a2zLyrics-16-codedownloader
2013-10-28 01:42 - 2013-10-28 01:42 - 00001954 _____ C:\Windows\Tasks\a2zLyrics-16-chromeinstaller.job
2013-10-28 01:42 - 2013-10-28 01:42 - 00001880 _____ C:\Windows\Tasks\a2zLyrics-16-firefoxinstaller.job
2013-10-28 01:42 - 2013-10-28 01:42 - 00001246 _____ C:\Windows\Tasks\a2zLyrics-16-codedownloader.job
2013-10-28 01:42 - 2013-10-28 01:42 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-16
2013-10-28 01:38 - 2013-10-28 01:42 - 00000000 ____D C:\Users\d-ro\AppData\Local\WebPlayer
2013-10-28 01:38 - 2013-10-28 01:38 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2013-10-28 01:38 - 2013-10-28 01:38 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-28 01:38 - 2013-10-28 01:38 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-10-28 01:37 - 2013-10-28 01:38 - 00000000 ____D C:\Users\d-ro\AppData\Local\Minibar
2013-10-28 01:37 - 2013-10-28 01:37 - 00000000 ____D C:\Users\d-ro\AppData\Local\somotomoviestoolbar1
2013-10-28 01:37 - 2013-10-28 01:37 - 00000000 ____D C:\ProgramData\Wincert
2013-10-28 01:37 - 2013-10-28 01:37 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-10-28 01:36 - 2013-10-28 02:49 - 00000000 ____D C:\ProgramData\SafetyNut
2013-10-28 01:36 - 2013-10-28 01:36 - 00163400 _____ () C:\Users\d-ro\Downloads\VideoPlayer-aZWIML0.exe
2013-10-28 01:36 - 2013-10-28 01:36 - 00003242 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-28 01:36 - 2013-10-28 01:36 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-28 01:36 - 2013-10-28 01:36 - 00000000 ____D C:\Users\d-ro\AppData\Local\FilesFrog Update Checker
2013-10-28 01:36 - 2013-10-28 01:36 - 00000000 ____D C:\Program Files (x86)\Movies Toolbar
2013-10-27 15:15 - 2013-10-27 15:15 - 00002634 _____ C:\Users\d-ro\Downloads\Winmgmt(1).reg
2013-10-27 15:14 - 2013-10-27 15:14 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Mozilla
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\Users\d-ro\AppData\Local\Mozilla
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-27 15:13 - 2013-10-27 15:13 - 00281640 _____ (Mozilla) C:\Users\d-ro\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 14:50 - 2013-10-27 14:50 - 01956160 _____ (Farbar) C:\Users\d-ro\Downloads\FRST64.exe
2013-10-27 14:48 - 2013-10-27 14:49 - 01089001 _____ (Farbar) C:\Users\d-ro\Downloads\FRST (1).exe
2013-10-27 14:48 - 2013-10-27 14:48 - 01089001 _____ (Farbar) C:\Users\d-ro\Downloads\FRST.exe
2013-10-25 23:50 - 2013-10-25 23:50 - 00002634 _____ C:\Users\d-ro\Desktop\Winmgmt (1).reg
2013-10-25 23:49 - 2013-10-25 23:49 - 00002634 _____ C:\Users\d-ro\Downloads\Winmgmt.reg
2013-10-25 23:48 - 2013-10-28 01:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-25 23:48 - 2013-10-28 00:59 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-25 23:48 - 2013-10-25 23:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-25 23:48 - 2013-10-25 23:54 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-25 23:48 - 2013-10-25 23:48 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-25 23:48 - 2013-10-25 23:48 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 23:47 - 2013-10-25 23:48 - 00000000 ____D C:\Users\d-ro\AppData\Local\Deployment
2013-10-25 23:47 - 2013-10-25 23:47 - 00000000 ____D C:\Users\d-ro\AppData\Local\Apps\2.0
2013-10-23 18:23 - 2013-10-23 18:23 - 00010214 _____ C:\Users\d-ro\Desktop\Games,DVD Liste.xlsx
2013-10-21 22:36 - 2013-10-21 22:36 - 00000000 ____D C:\Users\d-ro\Desktop\schnurrli
2013-10-21 21:55 - 2013-10-21 21:55 - 00061544 ____T (Microsoft Corporation) C:\ProgramData\wllfrjgf.pzz
2013-10-21 00:03 - 2013-10-21 21:55 - 01577984 ____T C:\ProgramData\wllfrjgf.fki
2013-10-20 23:43 - 2013-10-22 16:38 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro
2013-10-20 23:43 - 2013-10-20 23:43 - 00074240 _____ C:\Windows\system32\convlder64.dll
2013-10-20 23:37 - 2013-10-25 23:48 - 00000000 ____D C:\Users\d-ro\AppData\Local\Google
2013-10-20 23:37 - 2013-10-20 23:52 - 00000000 ____D C:\ProgramData\lnDan373
2013-10-16 18:15 - 2013-10-16 18:15 - 00003027 _____ C:\Users\d-ro\Desktop\JRT.txt
2013-10-16 18:09 - 2013-10-16 18:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-16 17:56 - 2013-10-16 17:58 - 00000000 ____D C:\AdwCleaner
2013-10-15 23:51 - 2013-10-15 23:51 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-15 23:51 - 2013-10-15 23:51 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Malwarebytes
2013-10-15 23:51 - 2013-10-15 23:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 23:51 - 2013-10-15 23:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 23:51 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-15 23:50 - 2013-10-15 23:50 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\d-ro\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-15 21:57 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-15 21:57 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-15 21:57 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-15 21:57 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-15 21:57 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-15 21:57 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-15 21:57 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-15 09:50 - 2013-10-22 15:53 - 00000000 ____D C:\FRST
2013-10-13 00:49 - 2013-07-17 15:42 - 00000034 _____ C:\Users\d-ro\Downloads\PS.txt
2013-10-12 22:04 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 22:04 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 22:04 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 22:04 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 22:04 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 22:04 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 22:04 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 22:04 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 22:04 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 22:04 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 22:04 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 22:04 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-11 14:41 - 2013-10-11 14:41 - 00000000 ____D C:\be9b450fd522e3262c5851da355f06
2013-10-11 14:22 - 2013-10-11 14:23 - 00262144 _____ C:\Windows\Minidump\101113-24164-01.dmp
2013-10-10 17:43 - 2013-09-13 12:39 - 00001791 _____ C:\Users\d-ro\Downloads\Support Me.htm
2013-10-10 16:32 - 2013-04-27 04:22 - 00000908 _____ C:\Users\d-ro\Downloads\uploaded by drpcdoki.txt
2013-10-10 01:54 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 01:54 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 01:53 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 01:53 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 01:53 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 01:53 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 01:53 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 01:53 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 01:53 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 01:53 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 01:53 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 01:53 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 01:52 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 01:52 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 01:52 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 01:51 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 01:51 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 01:51 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 01:51 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 01:51 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 01:51 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 01:51 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 01:51 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 01:51 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 01:51 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 01:51 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 01:51 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 01:50 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 01:50 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 01:50 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 01:50 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 01:50 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 01:50 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 01:50 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 01:50 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 01:50 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 01:50 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 01:50 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 01:50 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 01:50 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 01:50 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 01:50 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 01:50 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 01:48 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 01:48 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 01:48 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 01:47 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-06 12:32 - 2013-10-06 12:32 - 00266288 _____ C:\Windows\Minidump\100613-24055-01.dmp

==================== One Month Modified Files and Folders =======

2013-10-28 02:49 - 2013-10-28 01:36 - 00000000 ____D C:\ProgramData\SafetyNut
2013-10-28 02:15 - 2013-10-28 02:15 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-10-28 02:15 - 2013-10-28 02:15 - 00000000 ____D C:\ProgramData\Browser Manager
2013-10-28 02:15 - 2013-10-28 02:15 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-28 02:04 - 2012-04-26 10:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 01:59 - 2013-10-25 23:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-28 01:43 - 2013-10-28 01:43 - 00000000 ____D C:\Users\d-ro\Documents\Optimizer Pro
2013-10-28 01:43 - 2013-10-28 01:43 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Optimizer Pro
2013-10-28 01:42 - 2013-10-28 01:42 - 00163400 _____ () C:\Users\d-ro\Downloads\VideoPlayer-3Loxqme.exe
2013-10-28 01:42 - 2013-10-28 01:42 - 00004276 _____ C:\Windows\System32\Tasks\a2zLyrics-16-codedownloader
2013-10-28 01:42 - 2013-10-28 01:42 - 00001954 _____ C:\Windows\Tasks\a2zLyrics-16-chromeinstaller.job
2013-10-28 01:42 - 2013-10-28 01:42 - 00001880 _____ C:\Windows\Tasks\a2zLyrics-16-firefoxinstaller.job
2013-10-28 01:42 - 2013-10-28 01:42 - 00001246 _____ C:\Windows\Tasks\a2zLyrics-16-codedownloader.job
2013-10-28 01:42 - 2013-10-28 01:42 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-16
2013-10-28 01:42 - 2013-10-28 01:38 - 00000000 ____D C:\Users\d-ro\AppData\Local\WebPlayer
2013-10-28 01:38 - 2013-10-28 01:38 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2013-10-28 01:38 - 2013-10-28 01:38 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-10-28 01:38 - 2013-10-28 01:38 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-10-28 01:38 - 2013-10-28 01:37 - 00000000 ____D C:\Users\d-ro\AppData\Local\Minibar
2013-10-28 01:37 - 2013-10-28 01:37 - 00000000 ____D C:\Users\d-ro\AppData\Local\somotomoviestoolbar1
2013-10-28 01:37 - 2013-10-28 01:37 - 00000000 ____D C:\ProgramData\Wincert
2013-10-28 01:37 - 2013-10-28 01:37 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-10-28 01:36 - 2013-10-28 01:36 - 00163400 _____ () C:\Users\d-ro\Downloads\VideoPlayer-aZWIML0.exe
2013-10-28 01:36 - 2013-10-28 01:36 - 00003242 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-10-28 01:36 - 2013-10-28 01:36 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-10-28 01:36 - 2013-10-28 01:36 - 00000000 ____D C:\Users\d-ro\AppData\Local\FilesFrog Update Checker
2013-10-28 01:36 - 2013-10-28 01:36 - 00000000 ____D C:\Program Files (x86)\Movies Toolbar
2013-10-28 01:35 - 2011-11-06 15:20 - 01587402 _____ C:\Windows\WindowsUpdate.log
2013-10-28 01:02 - 2012-03-11 18:52 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3054353935-986533666-2989170981-1001UA.job
2013-10-28 00:59 - 2013-10-25 23:48 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-28 00:45 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 00:45 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 00:40 - 2011-11-06 16:00 - 00697098 _____ C:\Windows\system32\perfh007.dat
2013-10-28 00:40 - 2011-11-06 16:00 - 00148362 _____ C:\Windows\system32\perfc007.dat
2013-10-28 00:40 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-28 00:38 - 2012-02-18 17:29 - 00000000 ____D C:\ProgramData\clear.fi
2013-10-28 00:35 - 2013-01-23 02:11 - 00031542 _____ C:\Windows\setupact.log
2013-10-28 00:35 - 2012-04-30 23:28 - 00000833 ___SH C:\Windows\SysWOW64\mmf.sys
2013-10-28 00:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-27 15:15 - 2013-10-27 15:15 - 00002634 _____ C:\Users\d-ro\Downloads\Winmgmt(1).reg
2013-10-27 15:14 - 2013-10-27 15:14 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Mozilla
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\Users\d-ro\AppData\Local\Mozilla
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-27 15:14 - 2013-10-27 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-27 15:14 - 2012-07-22 23:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-27 15:13 - 2013-10-27 15:13 - 00281640 _____ (Mozilla) C:\Users\d-ro\Downloads\Firefox Setup Stub 24.0.exe
2013-10-27 14:50 - 2013-10-27 14:50 - 01956160 _____ (Farbar) C:\Users\d-ro\Downloads\FRST64.exe
2013-10-27 14:49 - 2013-10-27 14:48 - 01089001 _____ (Farbar) C:\Users\d-ro\Downloads\FRST (1).exe
2013-10-27 14:48 - 2013-10-27 14:48 - 01089001 _____ (Farbar) C:\Users\d-ro\Downloads\FRST.exe
2013-10-27 14:44 - 2013-03-14 16:30 - 00138346 _____ C:\Windows\PFRO.log
2013-10-26 21:53 - 2012-03-11 18:52 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3054353935-986533666-2989170981-1001Core.job
2013-10-25 23:54 - 2013-10-25 23:48 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-25 23:54 - 2013-10-25 23:48 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-25 23:50 - 2013-10-25 23:50 - 00002634 _____ C:\Users\d-ro\Desktop\Winmgmt (1).reg
2013-10-25 23:49 - 2013-10-25 23:49 - 00002634 _____ C:\Users\d-ro\Downloads\Winmgmt.reg
2013-10-25 23:48 - 2013-10-25 23:48 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-25 23:48 - 2013-10-25 23:48 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 23:48 - 2013-10-25 23:47 - 00000000 ____D C:\Users\d-ro\AppData\Local\Deployment
2013-10-25 23:48 - 2013-10-20 23:37 - 00000000 ____D C:\Users\d-ro\AppData\Local\Google
2013-10-25 23:47 - 2013-10-25 23:47 - 00000000 ____D C:\Users\d-ro\AppData\Local\Apps\2.0
2013-10-24 18:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-23 18:23 - 2013-10-23 18:23 - 00010214 _____ C:\Users\d-ro\Desktop\Games,DVD Liste.xlsx
2013-10-22 16:38 - 2013-10-20 23:43 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro
2013-10-22 15:53 - 2013-10-15 09:50 - 00000000 ____D C:\FRST
2013-10-22 15:50 - 2012-02-18 17:13 - 00000000 ___RD C:\Users\d-ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-21 22:36 - 2013-10-21 22:36 - 00000000 ____D C:\Users\d-ro\Desktop\schnurrli
2013-10-21 21:55 - 2013-10-21 21:55 - 00061544 ____T (Microsoft Corporation) C:\ProgramData\wllfrjgf.pzz
2013-10-21 21:55 - 2013-10-21 00:03 - 01577984 ____T C:\ProgramData\wllfrjgf.fki
2013-10-20 23:52 - 2013-10-20 23:37 - 00000000 ____D C:\ProgramData\lnDan373
2013-10-20 23:43 - 2013-10-20 23:43 - 00074240 _____ C:\Windows\system32\convlder64.dll
2013-10-16 18:15 - 2013-10-16 18:15 - 00003027 _____ C:\Users\d-ro\Desktop\JRT.txt
2013-10-16 18:09 - 2013-10-16 18:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-16 17:58 - 2013-10-16 17:56 - 00000000 ____D C:\AdwCleaner
2013-10-16 17:58 - 2013-06-22 19:18 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Uniblue
2013-10-16 17:58 - 2013-06-22 19:18 - 00000000 ____D C:\Program Files (x86)\Uniblue
2013-10-16 17:47 - 2013-06-07 23:48 - 00000000 ____D C:\Users\d-ro\AppData\Local\DoNotTrackPlus
2013-10-16 00:37 - 2013-01-02 17:00 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\HpUpdate
2013-10-15 23:54 - 2013-01-04 19:55 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Applian FLV and Media Player
2013-10-15 23:51 - 2013-10-15 23:51 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-15 23:51 - 2013-10-15 23:51 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\Malwarebytes
2013-10-15 23:51 - 2013-10-15 23:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 23:51 - 2013-10-15 23:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 23:50 - 2013-10-15 23:50 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\d-ro\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-13 00:56 - 2013-08-29 20:57 - 00000000 ____D C:\Users\d-ro\AppData\Roaming\vlc
2013-10-13 00:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-12 22:10 - 2009-07-14 05:45 - 00364288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-12 22:06 - 2012-03-01 18:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 22:02 - 2012-05-13 11:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 22:02 - 2011-08-12 09:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 22:01 - 2013-06-23 01:49 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-11 14:41 - 2013-10-11 14:41 - 00000000 ____D C:\be9b450fd522e3262c5851da355f06
2013-10-11 14:41 - 2013-08-15 04:11 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 14:41 - 2013-01-14 01:38 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 14:23 - 2013-10-11 14:22 - 00262144 _____ C:\Windows\Minidump\101113-24164-01.dmp
2013-10-11 14:22 - 2013-04-19 20:13 - 641975984 _____ C:\Windows\MEMORY.DMP
2013-10-11 14:22 - 2012-10-30 19:01 - 00000000 ____D C:\Windows\Minidump
2013-10-10 01:32 - 2012-04-26 10:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 01:32 - 2012-04-26 10:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 01:32 - 2011-08-12 09:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-06 12:32 - 2013-10-06 12:32 - 00266288 _____ C:\Windows\Minidump\100613-24055-01.dmp
2013-10-04 22:36 - 2013-09-17 23:30 - 00000000 ____D C:\Users\d-ro\Documents\Anno 1404
2013-10-01 02:27 - 2012-03-01 18:14 - 00000000 ____D C:\ProgramData\CanonIJPLM

Some content of TEMP:
====================
C:\Users\d-ro\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\d-ro\AppData\Local\Temp\appshat-distribution.exe
C:\Users\d-ro\AppData\Local\Temp\BabylonTB.exe
C:\Users\d-ro\AppData\Local\Temp\biclient.exe
C:\Users\d-ro\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\d-ro\AppData\Local\Temp\Delta.exe
C:\Users\d-ro\AppData\Local\Temp\DeltaTB.exe
C:\Users\d-ro\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\d-ro\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\d-ro\AppData\Local\Temp\MybabylonTB.exe
C:\Users\d-ro\AppData\Local\Temp\OptimizerPro.exe
C:\Users\d-ro\AppData\Local\Temp\propsys.dll
C:\Users\d-ro\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\d-ro\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-21 01:36

==================== End Of Log ============================
--- --- ---
Geändert von doro89 (28.10.2013 um 03:02 Uhr)

Alt 28.10.2013, 12:39   #22
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Zitat:
Na mit Firefox auf deinen link geklickt, und dann au ausführen.
steht das so in der Anleitung?
Du sollst FRST auf dem Desktop speichern, nicht aus den temp-Dateien ausführen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.10.2013, 17:41   #23
doro89
 
Polizeivirus - Standard

Polizeivirus


Hallo??? Es geht um den Download den du am 24.10.2013 um 12.16 Uhr gepostet hast, der ging ja nicht!!!

Alt 29.10.2013, 09:38   #24
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


es geht um den Teil mit ausführen.

Zitat:
Running from C:\Users\d-ro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XV348SN
Du sollst nicht auf den Link klicken, und dann auf ausführen, sondern auf speichern, damit sich die FRST.exe auf deinem Rechner befindet.

Wenn FRST aus nem Temp-Ordner läuft kann ich nix fixen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.10.2013, 16:59   #25
doro89
 
Polizeivirus - Standard

Polizeivirus


Vom Desktop aus klappt der Scan aber nicht dann hängt sich frst immer auf habe ich ja schon gesagt.

Alt 30.10.2013, 10:59   #26
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Der Scan ist der Gleiche, egal ob aus den Temps oder vom Desktop

Antivirenprogramm mal abgeschaltet vor dem Scan?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.10.2013, 16:15   #27
doro89
 
Polizeivirus - Standard

Polizeivirus


Ja habe ich abgeschaltet, und wie gesagt wenn ich es speiichere und vom Desktop aus starte hängt es sich auf, so wie ich auf dem Screen gezeigt habe.

Alt 01.11.2013, 11:17   #28
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Dann lade bitte eine alte Version bei Filepony. Wenn das dann auch nicht geht:

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.11.2013, 01:08   #29
doro89
 
Polizeivirus - Standard

Polizeivirus


Hat auch mit einer älteren Version nicht geklappt. Habe die OTL Logfiles angehängt da nur schon der erste logfile mehr als die erlaubten zeichen lang war.

Alt 03.11.2013, 08:19   #30
schrauber
/// the machine
/// TB-Ausbilder
 
Polizeivirus - Standard

Polizeivirus


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann keine Anhänge öffnen bzw nur sehr schwer.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 2 von 4 1 2 34

Themen zu Polizeivirus
adobe, association, busse, farbar, farbar recovery scan tool, flash player, launch, minidump, netzwerk, pup.optional.a2zlyrics.a, pup.optional.datamngr.a, pup.optional.filesfrog.a, pup.optional.minibar.a, pup.optional.moviestoolbar.a, pup.optional.optimizepro.a, pup.optional.optimizerpro, pup.optional.optimizerpro.a, pup.optional.optimzerpro.a, pup.optional.safetynut.a, pup.optional.somoto, pup.optional.somoto.a, services.exe, svchost.exe, symantec, trojan.agent, trojan.fakems, winlogon.exe


« bundespolizei trojaner in firefox | Antivir: Warnung swapfile.sys konnte nicht geöffnet werden »


Ähnliche Themen: Polizeivirus


  1. Polizeivirus
    Log-Analyse und Auswertung - 29.01.2014 (11)
  2. Polizeivirus in Ö
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (3)
  3. Polizeivirus .LPD BM.I
    Log-Analyse und Auswertung - 16.05.2013 (13)
  4. Polizeivirus
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (2)
  5. Holländischer Polizeivirus ...
    Plagegeister aller Art und deren Bekämpfung - 08.02.2013 (11)
  6. Polizeivirus Österreich
    Log-Analyse und Auswertung - 07.02.2013 (9)
  7. Polizeivirus
    Log-Analyse und Auswertung - 15.11.2012 (17)
  8. polizeivirus! österreich
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (10)
  9. Auch ich hab den Polizeivirus
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (13)
  10. PolizeiVirus
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (31)
  11. Polizeivirus
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (13)
  12. Polizeivirus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (3)
  13. polizeivirus
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (2)
  14. Polizeivirus !
    Log-Analyse und Auswertung - 14.08.2012 (1)
  15. Polizeivirus
    Log-Analyse und Auswertung - 24.07.2012 (9)
  16. BKA-PolizeiVirus
    Log-Analyse und Auswertung - 23.03.2012 (7)
  17. 100€ Polizeivirus
    Plagegeister aller Art und deren Bekämpfung - 12.01.2012 (51)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Polizeivirus - Das ist ein direkter Download, bei mir geht er. Welcher Browser? Versuch mal Rechtsklick Speichern unter. - Polizeivirus...
Archiv
Du betrachtest: Polizeivirus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131