Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Oracel America inc - mit Blauen Screen -.-

Oracel America inc - mit Blauen Screen -.-


Log-Analyse und Auswertung: Oracel America inc - mit Blauen Screen -.-

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 25.10.2013, 20:59   #1
Illu27
 
Oracel America inc - mit Blauen Screen -.- - Unglücklich

Oracel America inc - mit Blauen Screen -.-


Hallo Liebe Community,

Seit einigen Tagen bekomme ich nach starten meines Laptop immer den Hinweis das ein Java Programm sich gerne auf meinem Computer updaten möchten. Allein der Name ist mir ein dorn im Auge. "Oracel America inc" Über Google bin ich auf eurer Forum gestoßen wo jemand ein Ähnliches Problem hat.

Mir ist außerdem aufgefallen das die Leistung meines Lappis deutlich nachgelassen hat und dieses sich nach ca 60 min Abwesenheit (längere Zeit klicke, tippe oder sonstiges NICHT mache) auf einen Blauen Screen schaltet und danach nur noch über die Power taste ausschalten lässt... Ich glaube zwar nicht das es am Oracel liegt - aber seit der Berechtigungsanfrage häuft sich das Problem mit dem Blauen Bildschirm leider...

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:33 on 25/10/2013 (***Cosy**)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2013
Ran by **** (administrator) on COSYS-PC on 25-10-2013 20:35:16
Running from C:\Users\****\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Conduit) C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Data Perceptions / PowerProgrammer) C:\Windows\SysWOW64\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Conduit) C:\Users\****\AppData\Roaming\SearchProtect\bin\cltmng.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(RealNetworks, Inc.) C:\Users\****\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
() C:\Program Files (x86)\Opera\16.0.1196.73\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [207845 2011-04-30] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-05] (Google Inc.)
HKCU\...\Run: [SearchProtect] - C:\Users\****\AppData\Roaming\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1813928 2013-10-09] (Valve Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_163A9CA3FD899221214D54082779999A] - C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BDRegion] - c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-29] (cyberlink)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit)
HKLM-x32\...\Run: [TkBellExe] - c:\users\jahcosy\Update\realsched.exe [295512 2013-06-22] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll, C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll c:\progra~2\nvidia~1\nvstre~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {0302FC2F-CF36-4731-A3E5-6975B461DBB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {0302FC2F-CF36-4731-A3E5-6975B461DBB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {0302FC2F-CF36-4731-A3E5-6975B461DBB6} URL = 
SearchScopes: HKCU - {0302FC2F-CF36-4731-A3E5-6975B461DBB6} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=B84574E50B3F1E87
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  No File
BHO: No Name - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{55A30D4A-999F-427A-A13B-825949BD8E2F}: [NameServer]195.230.105.134 195.230.105.135

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default
FF user.js: detected! => C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\users\****\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\users\****\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\****\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\****\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\de_DE@dicts.j3e.de
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\ich@maltegoetz.de
FF Extension:                    em:name="Free YouTube Download (Free Studio) Menu" - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: DownloadHelper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: elemhidehelper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\elemhidehelper@adblockplus.org.xpi
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\JahCosy\AppData\Roaming\Mozilla\Firefox\Profiles\r2tl6agq.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/", "hxxp://www2.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=B84574E50B3F1E87", "hxxp://search.conduit.com/?ctid=CT3281675&SearchSource=48&CUI=UN28985807722547216&UM=2"
CHR Plugin: (Shockwave Flash) - C:\Users\****\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\****\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\****\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\****\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Google Translate for Google+) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0
CHR Extension: (beeg.) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lanmpklkdcfhmbeoafbplgnbfiijokmg\2013.2.3.47970_0
CHR Extension: (Top Eleven) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn\2.0.0.5_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\****\AppData\Roaming\BabSolution\CR\delta2.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\****\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx
CHR StartMenuInternet: Google Chrome - C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-29] (CyberLink)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-08] (Conduit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [278800 2010-08-18] (Data Perceptions / PowerProgrammer)

==================== Drivers (Whitelisted) ====================

S3 d554gps; C:\Windows\system32\drivers\d554gps64.sys [96296 2010-01-26] (Ericsson AB)
R3 d554scard; C:\Windows\System32\DRIVERS\d554scard.sys [60968 2010-06-24] (Ericsson AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [378952 2010-04-27] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [416328 2010-04-27] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-04-27] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [468552 2010-04-27] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S2 Nsynas32; C:\Windows\SysWow64\Drivers\Nsynas32.sys [17784 2000-12-04] (Syncrosoft Hard- und Software GmbH)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-06-21] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [274984 2010-07-31] (Ericsson AB)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-25 20:34 - 2013-10-25 20:34 - 00000000 ____D C:\FRST
2013-10-25 20:33 - 2013-10-25 20:34 - 01955944 _____ (Farbar) C:\Users\****\Downloads\FRST64.exe
2013-10-25 20:32 - 2013-10-25 20:33 - 00000476 _____ C:\Users\****\Downloads\defogger_disable.log
2013-10-25 20:32 - 2013-10-25 20:32 - 00000000 _____ C:\Users\****\defogger_reenable
2013-10-25 20:29 - 2013-10-25 20:29 - 00050477 _____ C:\Users\****\Downloads\Defogger.exe
2013-10-23 22:05 - 2013-10-23 22:05 - 01087800 _____ C:\Windows\Minidump\102313-20170-01.dmp
2013-10-22 16:37 - 2013-10-22 16:38 - 00965968 _____ C:\Windows\Minidump\102213-21294-01.dmp
2013-10-20 20:37 - 2013-10-20 20:37 - 01075784 _____ C:\Windows\Minidump\102013-21325-01.dmp
2013-10-20 11:11 - 2013-10-20 11:11 - 00000000 ____D C:\SearchProtect
2013-10-15 23:57 - 2013-10-23 22:05 - 952124378 _____ C:\Windows\MEMORY.DMP
2013-10-15 23:57 - 2013-10-15 23:57 - 00969400 _____ C:\Windows\Minidump\101513-20810-01.dmp
2013-10-13 18:31 - 2013-10-25 19:33 - 00003214 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3248007861-3670486273-2687767414-1001
2013-10-11 03:11 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-11 03:11 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-11 03:11 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 03:11 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 03:11 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 03:11 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 03:11 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 03:11 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-11 03:11 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 03:11 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-11 03:10 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-11 03:10 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-11 03:10 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-11 03:10 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-11 03:10 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 03:10 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 03:10 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 03:10 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 00:38 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 00:38 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 00:38 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 00:38 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 00:38 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 00:38 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 00:38 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-11 00:38 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 00:38 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 00:38 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 00:38 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 00:38 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 00:38 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 00:38 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 00:38 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 00:38 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 00:38 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 00:38 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-11 00:38 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-11 00:38 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-11 00:38 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 00:38 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-11 00:38 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 00:38 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-11 00:38 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-11 00:38 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-10-08 15:16 - 2013-10-25 19:31 - 00004088 _____ C:\Windows\setupact.log
2013-10-08 15:16 - 2013-10-08 15:16 - 00000000 _____ C:\Windows\setuperr.log

==================== One Month Modified Files and Folders =======

2013-10-25 20:34 - 2013-10-25 20:34 - 00000000 ____D C:\FRST
2013-10-25 20:34 - 2013-10-25 20:33 - 01955944 _____ (Farbar) C:\Users\****\Downloads\FRST64.exe
2013-10-25 20:33 - 2013-10-25 20:32 - 00000476 _____ C:\Users\****\Downloads\defogger_disable.log
2013-10-25 20:32 - 2013-10-25 20:32 - 00000000 _____ C:\Users\****\defogger_reenable
2013-10-25 20:32 - 2011-10-04 21:33 - 00000000 ____D C:\Users\****
2013-10-25 20:29 - 2013-10-25 20:29 - 00050477 _____ C:\Users\****\Downloads\Defogger.exe
2013-10-25 20:17 - 2013-05-23 12:06 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-10-25 20:06 - 2011-10-05 00:02 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3248007861-3670486273-2687767414-1001UA.job
2013-10-25 19:39 - 2009-07-14 06:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-25 19:39 - 2009-07-14 06:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-25 19:35 - 2011-09-29 19:49 - 01953201 _____ C:\Windows\WindowsUpdate.log
2013-10-25 19:33 - 2013-10-13 18:31 - 00003214 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3248007861-3670486273-2687767414-1001
2013-10-25 19:33 - 2013-09-21 00:26 - 00003344 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3248007861-3670486273-2687767414-1001
2013-10-25 19:33 - 2013-08-29 21:18 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-25 19:33 - 2011-09-30 03:29 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-10-25 19:33 - 2011-09-30 03:29 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-10-25 19:33 - 2011-09-30 03:18 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-10-25 19:31 - 2013-10-08 15:16 - 00004088 _____ C:\Windows\setupact.log
2013-10-25 19:31 - 2011-09-29 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-25 19:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-24 00:06 - 2011-10-05 00:02 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3248007861-3670486273-2687767414-1001Core.job
2013-10-23 22:05 - 2013-10-23 22:05 - 01087800 _____ C:\Windows\Minidump\102313-20170-01.dmp
2013-10-23 22:05 - 2013-10-15 23:57 - 952124378 _____ C:\Windows\MEMORY.DMP
2013-10-23 22:05 - 2011-10-23 10:27 - 00000000 ____D C:\Windows\Minidump
2013-10-22 16:38 - 2013-10-22 16:37 - 00965968 _____ C:\Windows\Minidump\102213-21294-01.dmp
2013-10-20 20:37 - 2013-10-20 20:37 - 01075784 _____ C:\Windows\Minidump\102013-21325-01.dmp
2013-10-20 11:11 - 2013-10-20 11:11 - 00000000 ____D C:\SearchProtect
2013-10-19 19:33 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-19 03:12 - 2011-11-07 21:02 - 00000000 ____D C:\Users\****\AppData\Roaming\TS3Client
2013-10-18 03:12 - 2011-10-05 00:02 - 00002382 _____ C:\Users\****\Desktop\Google Chrome.lnk
2013-10-16 03:01 - 2012-12-25 23:00 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-16 03:01 - 2012-12-25 23:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-16 03:01 - 2012-12-25 23:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-16 00:01 - 2011-10-05 00:02 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3248007861-3670486273-2687767414-1001UA
2013-10-16 00:01 - 2011-10-05 00:02 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3248007861-3670486273-2687767414-1001Core
2013-10-15 23:57 - 2013-10-15 23:57 - 00969400 _____ C:\Windows\Minidump\101513-20810-01.dmp
2013-10-15 01:21 - 2013-08-14 18:03 - 00000000 ____D C:\Users\****\dwhelper
2013-10-14 14:09 - 2010-11-21 08:50 - 05001554 _____ C:\Windows\system32\perfh007.dat
2013-10-14 14:09 - 2010-11-21 08:50 - 01526522 _____ C:\Windows\system32\perfc007.dat
2013-10-14 14:09 - 2009-07-14 07:13 - 00006256 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 20:12 - 2011-09-30 03:47 - 00000000 ____D C:\ProgramData\Sonic
2013-10-11 03:32 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2013-10-11 03:31 - 2009-07-14 06:45 - 00319144 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 03:30 - 2012-05-15 00:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 03:30 - 2012-05-15 00:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-11 03:28 - 2011-10-05 00:06 - 00000000 ____D C:\Users\****\AppData\Local\PMB Files
2013-10-11 03:03 - 2013-08-17 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 03:01 - 2011-11-21 22:19 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 03:33 - 2011-10-05 01:04 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2013-10-10 00:41 - 2011-10-05 01:55 - 00000000 ____D C:\Users\****\AppData\Local\Nero
2013-10-09 18:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-08 15:16 - 2013-10-08 15:16 - 00000000 _____ C:\Windows\setuperr.log
2013-10-06 22:03 - 2011-11-07 20:59 - 00000000 ____D C:\Users\****\AppData\Local\TeamSpeak 3 Client
2013-10-02 00:41 - 2011-10-12 21:43 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc

Files to move or delete:
====================
C:\Users\****\autoplaylist.dat
C:\Users\****\cddbcontrol.dll
C:\Users\****\cddblink.dll
C:\Users\****\cddbmusicid.dll
C:\Users\****\convert.exe
C:\Users\****\dbghelp.dll
C:\Users\****\dunzip32.dll
C:\Users\****\fixrjb.exe
C:\Users\****\hxaudiodevicehook.dll
C:\Users\****\ierjplug.dll
C:\Users\****\keys.dat
C:\Users\****\mc_enc_h263.dll
C:\Users\****\mediainfo.dll
C:\Users\****\mmcdda32.dll
C:\Users\****\rdsf3260.dll
C:\Users\****\realcleaner.exe
C:\Users\****\realconverter.exe
C:\Users\****\realjbox.exe
C:\Users\****\realplay.exe
C:\Users\****\realshare.exe
C:\Users\****\realtrimmer.exe
C:\Users\****\rjbres.dll
C:\Users\****\rjdlg.dll
C:\Users\****\rjprog.dll
C:\Users\****\rjwmapln.dll
C:\Users\****\rndevicedbbuilder.exe
C:\Users\****\rpau3260.dll
C:\Users\****\rphelperapp.exe
C:\Users\****\rpplugprot.dll
C:\Users\****\rpshell.dll
C:\Users\****\rpshellextension.dll
C:\Users\****\rpwa3260.dll
C:\Users\****\strs23.dat
C:\Users\****\strs26.dat
C:\Users\****\tnetdtct.dll
C:\Users\****\tpasdk.dll
C:\Users\****\tsasdk.dll
C:\Users\****\wmdmhelper.dll


Some content of TEMP:
====================
C:\Users\AppData\Local\Temp\SecondStepInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-21 17:34

==================== End Of Log ============================
Holla die Waldfee... hätte nicht gedacht das man den User so oft in der Liste findet. Hab ihm aus eigenem Interesse in **** gesetzt. falls ich die anderen beiden Logs in als Datei anhängen darf wäre das echt klasse (vorrausgesetzt die sind nicht fürs WWW zum Download verfügbar)

Vielen dank schon mal im vorraus

fg ILLU

PS. hatte ne Free Version von McAfee auf dem Laptop vor Instaliert und später auf empfehlung von einem bekannten MS Essential Installiert. Immer aktuelle - aber wie ich gerade auch nach gelesen habe genau so scharf Sinnig wie jemand mit 75% Sehkraft

 

Themen zu Oracel America inc - mit Blauen Screen -.-
bildschirm, computer, datei anhängen, farbar, farbar recovery scan tool, frage, home, homepage, minidump, mozilla, plug-in, problem, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.babylontoolbar.a, pup.optional.conduit.a, pup.optional.delta.a, pup.optional.filescout.a, pup.optional.installcore.a, pup.optional.installiq.a, pup.optional.opencandy, pup.optional.searchprotect.a, pup.optional.tarma.a, realtek, security, services.exe, starten, teamspeak, win32/hoax.archsms.abz


« Virenbefall: tr/atraps.gen2 + tr/kazy / Werbung auf allen Homepages | QVO6; Win7 Home x64; Firefox »


Ähnliche Themen: Oracel America inc - mit Blauen Screen -.-


  1. Windows 8.1 stürzt ab und zeigt blauen Bildschirm
    Log-Analyse und Auswertung - 12.09.2015 (9)
  2. Windows 7 sobald PC Internetverbindung bekommt, fahrt er nach blauen Fehlerbildschirm sofort runter
    Log-Analyse und Auswertung - 02.01.2015 (3)
  3. Windows 8: Trojaner mit blauen Links und grünen Pfeilen beim surfen mit chrome und firefox
    Log-Analyse und Auswertung - 11.11.2014 (17)
  4. Problem mit Antivir und Oracle America inc
    Log-Analyse und Auswertung - 20.04.2014 (5)
  5. Trojaner: Java Auto Updater von Oracle America, inc. und SoftwareUpdater.ui
    Log-Analyse und Auswertung - 13.04.2014 (3)
  6. Oracle America Inc. (jucheck.exe)
    Log-Analyse und Auswertung - 06.10.2013 (11)
  7. Oracle America
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (2)
  8. bank of america Spam: Your CashPro Online Digital Certificate
    Diskussionsforum - 22.05.2013 (0)
  9. oracle america jucheck virus?
    Log-Analyse und Auswertung - 27.01.2013 (3)
  10. maschine startet nur mit blauen bildschirm GVU
    Plagegeister aller Art und deren Bekämpfung - 21.01.2013 (22)
  11. oracle america.inc zerstört meinen Computer!
    Log-Analyse und Auswertung - 18.01.2013 (10)
  12. GVU? maschine startet im abgesicherten modus nur mit blauen bildschirm
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (2)
  13. Oracle America Inc. (jucheck.exe)
    Log-Analyse und Auswertung - 23.10.2012 (7)
  14. Frozen-Screen oder Black-Screen - warum?
    Alles rund um Windows - 07.10.2012 (5)
  15. Servus , Firewall beim Start aus und System crasht unter blauen Bildschirm in sich zu
    Log-Analyse und Auswertung - 06.01.2010 (3)
  16. nach login nur blauen Hintergrund und Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 20.04.2007 (5)
  17. Hilfe habe nur blauen desktop!
    Log-Analyse und Auswertung - 06.01.2006 (20)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Oracel America inc - mit Blauen Screen -.- - Hallo Liebe Community, Seit einigen Tagen bekomme ich nach starten meines Laptop immer den Hinweis das ein Java Programm sich gerne auf meinem Computer updaten möchten. Allein der Name ist - Oracel America inc - mit Blauen Screen -.-...
Archiv
Du betrachtest: Oracel America inc - mit Blauen Screen -.- auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19