| |
| |||||||
Log-Analyse und Auswertung: Trojaner nach Adobe Flash Player UpdateWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.01.2014, 14:41
| #7 |
| |  Trojaner nach Adobe Flash Player Update Hallo Schrauber, Java ist aktualisiert und bin Deinen Anweisungen gefolgt. Unten findest Du die Logfiles. Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 03
Ran by admin at 2014-01-19 11:35:07 Run:2
Running from C:\FRST
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ZeroAccess:
C:\Windows\assembly\tmp
C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
*****************
C:\Windows\assembly\tmp => Moved successfully.
"C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}" => File/Directory not found.
==== End of Fixlog ====
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by admin (administrator) on ADMIN-PC on 19-01-2014 11:41:22
Running from C:\FRST
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\esClient.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\saHookMain.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\saHookMain.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfeann.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\WHSConnector.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
() C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\WHSTrayApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_12_0_0_38_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - E
HKLM\...\Run: [mwlDaemon] - E
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-09-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-09-29] (Acer Corp.)
HKLM-x32\...\Run: [MVS Splash] - C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.exe [480872 2012-11-13] ()
HKLM-x32\...\Run: [McAfee Managed Services Tray] - C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe [480872 2012-11-13] ()
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [300472 2010-05-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Alfred\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-12] (Google Inc.)
HKU\Alfred\...\Run: [PcSync] - C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
HKU\Alfred\...\Run: [InternetCalls] - "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
HKU\Alfred\...\Run: [SplitCam] - C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\Alfred\...\Policies\system: [LogonHoursAction] 2
HKU\Alfred\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\McAfeeMVSUser\...\Run: [PcSync] - C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
HKU\McAfeeMVSUser\...\Run: [InternetCalls] - "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
HKU\McAfeeMVSUser\...\Run: [Philips Intelligent Agent] - "C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
HKU\McAfeeMVSUser\...\Run: [SplitCam] - C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\McAfeeMVSUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\McAfeeMVSUser\...\Policies\system: [LogonHoursAction] 2
HKU\McAfeeMVSUser\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Susi_Harry\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-12] (Google Inc.)
HKU\Susi_Harry\...\Run: [PcSync] - C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
HKU\Susi_Harry\...\Run: [InternetCalls] - "C:\Program Files (x86)\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
HKU\Susi_Harry\...\Run: [Philips Intelligent Agent] - "C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
HKU\Susi_Harry\...\Run: [VirtualBrowseAloud] - C:\Users\Susi_Harry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFIKAPCY\Talande Webb.exe
HKU\Susi_Harry\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\Susi_Harry\...\Policies\system: [LogonHoursAction] 2
HKU\Susi_Harry\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm065^YYA^se&si=flvrunner&ptb=1459ABF5-92D8-4B5A-8043-FDD8798397C1&ind=2013111614&n=77fda53e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20131219135316.dll (McAfee, Inc.)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: BrowserHelper Class - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20131219135316.dll (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Home Server Banner - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Gutscheinmieze - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - Gutscheinmieze\toolbar.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dll (McAfee, Inc.)
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\MyRmProt5.0.0.811.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 83.255.245.11 193.150.193.150
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\m9dsssli.default
FF DefaultSearchEngine: foxsearch
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: foxsearch
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\NPMcFFPlg.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-21]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-01-12]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [feobgjncdknhelkhjpiejdbpliekmfaj] - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McChPlg.crx [2013-09-10]
CHR HKLM-x32\...\Chrome\Extension: [feobgjncdknhelkhjpiejdbpliekmfaj] - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McChPlg.crx [2013-09-10]
==================== Services (Whitelisted) =================
R2 arXfrSvc; C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [231280 2011-01-10] (Microsoft Corporation)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 esClient; C:\Program Files\Windows Home Server\esClient.exe [109936 2011-01-10] (Microsoft Corporation)
R2 McAfee SiteAdvisor Enterprise Service; C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [160800 2013-09-10] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241968 2013-08-07] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 myAgtSvc; C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [295920 2013-10-03] (McAfee, Inc.)
R2 WHSConnector; C:\Program Files\Windows Home Server\WHSConnector.exe [489840 2011-01-10] (Microsoft Corporation)
R2 RumorServer; "C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" /RunDLL=RumorServer.dll;ServiceHost [x]
==================== Drivers (Whitelisted) ====================
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-25] (Samsung Electronics Co., Ltd.)
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [646656 2010-06-10] (PixArt Imaging Incorporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 MfeAVFK; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-08-07] (McAfee, Inc.)
S3 MfeRKDK; C:\Windows\System32\drivers\MfeRKDk.sys [40904 2009-12-15] (McAfee, Inc.)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [71240 2009-12-15] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 MFE_RR; \??\C:\Users\admin\AppData\Local\Temp\mfe_rr.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 11:27 - 2014-01-19 11:27 - 00005402 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-19 11:27 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-19 11:27 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-19 11:27 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-19 11:27 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 19:59 - 2014-01-18 19:59 - 00000834 _____ C:\Windows\PFRO.log
2014-01-18 19:47 - 2014-01-18 19:47 - 00054456 _____ C:\Users\Public\Documents\FRST2.txt
2014-01-18 16:59 - 2014-01-18 16:59 - 00001189 _____ C:\Users\Public\Documents\checkup.txt
2014-01-18 16:56 - 2014-01-18 16:56 - 00987425 _____ C:\Users\admin\Downloads\SecurityCheck.exe
2014-01-18 10:56 - 2014-01-18 10:56 - 02076160 _____ (Farbar) C:\Users\Susi_Harry\Downloads\FRST64.exe
2014-01-18 10:55 - 2014-01-18 10:55 - 00000205 _____ C:\Users\Susi_Harry\Desktop\Fixlist.txt
2014-01-17 17:08 - 2014-01-17 17:09 - 00037454 _____ C:\Users\admin\Downloads\Addition.txt
2014-01-17 14:26 - 2014-01-17 17:09 - 00053823 _____ C:\Users\admin\Downloads\FRST.txt
2014-01-17 14:25 - 2014-01-19 11:41 - 00000000 ____D C:\FRST
2014-01-17 14:25 - 2014-01-17 14:25 - 02076160 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-01-17 14:02 - 2014-01-17 14:02 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL (1).exe
2014-01-17 13:51 - 2014-01-19 11:37 - 00000616 _____ C:\Windows\setupact.log
2014-01-17 13:51 - 2014-01-17 13:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 01:07 - 2014-01-17 01:07 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-17 00:30 - 2014-01-17 00:31 - 00000000 ____D C:\Program Files (x86)\QuickTime
2014-01-17 00:30 - 2014-01-17 00:30 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-17 00:26 - 2014-01-19 11:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 00:26 - 2014-01-17 00:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-17 00:26 - 2014-01-17 00:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-16 23:57 - 2014-01-16 23:57 - 01037068 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-01-16 23:56 - 2014-01-16 23:56 - 01037068 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-01-16 23:36 - 2014-01-19 11:36 - 00643069 _____ C:\Windows\WindowsUpdate.log
2014-01-16 23:28 - 2014-01-17 01:15 - 00000000 ____D C:\AdwCleaner
2014-01-16 23:22 - 2014-01-16 23:22 - 00020383 _____ C:\Users\Public\Documents\OTL.zip
2014-01-16 21:06 - 2014-01-17 14:23 - 00137980 _____ C:\Users\Public\Documents\OTL.Txt
2014-01-16 21:06 - 2014-01-16 21:01 - 00082410 _____ C:\Users\Public\Documents\Extras.Txt
2014-01-16 21:06 - 2014-01-16 20:53 - 00018022 _____ C:\Users\Public\Documents\CCleanerscan20140116.txt
2014-01-16 20:52 - 2014-01-17 01:09 - 00000000 ____D C:\Users\Public\Documents\CCleaner
2014-01-16 20:50 - 2014-01-17 01:07 - 00000000 ____D C:\Program Files\CCleaner
2014-01-16 20:50 - 2014-01-16 20:50 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 19:39 - 2014-01-17 14:19 - 00137980 _____ C:\Users\admin\Downloads\OTL.Txt
2014-01-16 19:39 - 2014-01-16 21:01 - 00082410 _____ C:\Users\admin\Downloads\Extras.Txt
2014-01-16 19:33 - 2014-01-16 19:33 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL.exe
2014-01-16 18:25 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 18:25 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 18:25 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 18:25 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 18:25 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 18:25 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 18:25 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 18:25 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 18:25 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-16 14:44 - 2014-01-16 14:44 - 00000000 ____D C:\Users\admin\AppData\Roaming\Malwarebytes
2014-01-16 14:43 - 2014-01-16 14:43 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 14:43 - 2014-01-16 14:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-16 14:43 - 2014-01-16 14:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 14:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-16 14:38 - 2014-01-16 14:43 - 00000000 ____D C:\Program Files (x86)\stinger
2014-01-16 14:36 - 2014-01-16 14:37 - 00000404 _____ C:\Users\admin\Desktop\RootkitRemover_20140116_143654.log
2014-01-14 14:13 - 2014-01-14 14:13 - 00000000 ____D C:\Windows Home Server-Treiber für Wiederherstellung
2014-01-13 21:03 - 2014-01-13 21:04 - 00000000 ___HD C:\ProgramData\CanonIJScan
2014-01-11 17:07 - 2014-01-13 21:08 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2014-01-11 17:05 - 2014-01-11 17:06 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Canon
2014-01-11 17:04 - 2014-01-11 17:05 - 00000000 ____D C:\Users\Susi_Harry\Neuer Ordner
2014-01-11 16:55 - 2012-09-20 05:00 - 00393728 _____ (CANON INC.) C:\Windows\system32\CNMXLMBL.DLL
2014-01-11 16:49 - 2014-01-11 16:49 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2014-01-11 16:49 - 2012-09-21 09:33 - 00321024 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BLL.dll
2014-01-11 16:49 - 2012-05-25 09:21 - 00103936 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BLU.dll
2014-01-11 16:49 - 2012-05-15 15:58 - 00098048 _____ C:\Windows\SysWOW64\CNC176BD.TBL
2014-01-11 16:49 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-01-11 16:47 - 2014-01-11 16:47 - 00001985 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-01-11 16:47 - 2014-01-11 16:47 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2014-01-11 16:41 - 2014-01-11 16:41 - 00002316 _____ C:\Users\Public\Desktop\Canon MX920 series On-Screen-Handbuch.lnk
2014-01-11 16:41 - 2014-01-11 16:41 - 00000000 ____D C:\Program Files\Canon
2014-01-11 16:40 - 2014-01-11 16:41 - 00000000 ___HD C:\Program Files\CanonBJ
2014-01-11 16:40 - 2014-01-11 16:40 - 00000000 ____D C:\Windows\system32\STRING
2014-01-11 16:40 - 2012-07-31 09:48 - 00359936 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2014-01-11 16:40 - 2012-07-31 09:48 - 00039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2014-01-11 14:42 - 2014-01-11 14:42 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2014-01-11 14:42 - 2014-01-11 14:42 - 00000000 ___HD C:\ProgramData\CanonBJ
2014-01-11 14:41 - 2012-09-21 09:34 - 00366080 _____ (CANON INC.) C:\Windows\system32\CNC_BLL.dll
2014-01-11 14:41 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\Windows\system32\CNCALBL.DLL
2014-01-11 14:41 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\Windows\system32\CNMLMBL.DLL
2014-01-11 14:41 - 2012-05-25 09:21 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BLC.dll
2014-01-11 14:41 - 2012-05-25 09:20 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BLI.dll
2014-01-11 14:41 - 2012-05-15 15:58 - 00098048 _____ C:\Windows\system32\CNC176BD.TBL
2014-01-11 14:41 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-01-08 11:03 - 2014-01-08 11:08 - 00017408 _____ C:\Users\admin\AppData\Local\WebpageIcons.db
2014-01-08 11:03 - 2014-01-08 11:03 - 00000000 ____D C:\Users\admin\AppData\Local\Zattoo
2014-01-08 11:02 - 2014-01-15 17:37 - 00000000 ____D C:\Program Files (x86)\Zattoo4
2014-01-08 11:02 - 2014-01-08 11:02 - 00001832 _____ C:\Users\UpdatusUser\Desktop\Zattoo.lnk
2014-01-08 11:02 - 2014-01-08 11:02 - 00001832 _____ C:\Users\McAfeeMVSUser\Desktop\Zattoo.lnk
2014-01-08 11:02 - 2014-01-08 11:02 - 00001832 _____ C:\Users\Alfred\Desktop\Zattoo.lnk
2014-01-08 10:56 - 2014-01-08 10:56 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\concept design
2014-01-08 10:50 - 2014-01-15 17:34 - 00000000 ____D C:\Users\admin\AppData\Roaming\concept design
2013-12-29 10:56 - 2013-12-29 10:56 - 00001321 _____ C:\Users\Public\Desktop\Photomizer 2 Bresser Edition.lnk
2013-12-29 10:56 - 2013-12-29 10:56 - 00000000 ____D C:\Program Files (x86)\Engelmann Media
2013-12-29 10:54 - 2013-12-29 10:54 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\Engelmann Media
2013-12-29 10:36 - 2013-12-29 10:36 - 00000000 ____D C:\Users\admin\AppData\Roaming\Engelmann Media
2013-12-29 10:36 - 2013-12-29 10:36 - 00000000 ____D C:\ProgramData\Licenses
2013-12-29 10:25 - 2013-06-06 14:44 - 08672840 ____R (ark) C:\Windows\system32\Drivers\PictureDll.sys
2013-12-29 10:25 - 2013-06-06 14:44 - 00381512 ____R (ark) C:\Windows\system32\Drivers\FaceDll.sys
2013-12-29 10:25 - 2013-06-06 14:44 - 00054088 ____R (usb camera) C:\Windows\system32\Drivers\usbcamcl.sys
2013-12-29 10:25 - 2013-06-06 14:44 - 00038472 ____R (usb camera) C:\Windows\system32\Drivers\usbDecode.sys
2013-12-29 10:25 - 2013-06-06 14:44 - 00014408 ____R (ark) C:\Windows\system32\Drivers\FilterDll.sys
2013-12-29 10:25 - 2001-05-11 13:18 - 00420240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
2013-12-26 22:06 - 2013-12-26 22:06 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\BankID
2013-12-25 00:11 - 2013-12-25 00:11 - 00000093 _____ C:\Windows\WFT-E5Utility.INI
2013-12-25 00:02 - 2013-12-25 00:02 - 00000867 _____ C:\Users\Susi_Harry\.recently-used.xbel
2013-12-24 10:19 - 2013-12-24 10:19 - 00000000 ____D C:\ProgramData\InterAction studios
2013-12-24 10:17 - 2013-12-29 15:24 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games
2013-12-24 10:17 - 2013-12-24 10:19 - 00001887 _____ C:\Users\admin\Desktop\Alawar Games.lnk
2013-12-24 10:17 - 2013-12-24 10:17 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-24 10:17 - 2013-12-24 10:17 - 00000000 ____D C:\Program Files (x86)\Alawar
2013-12-24 10:06 - 2013-12-24 10:09 - 25700041 _____ C:\Users\Susi_Harry\Downloads\Chicken-Invaders-4-Ultimate(www.vatandownload.com).rar
2013-12-24 09:56 - 2013-12-24 09:56 - 00000000 ____D C:\Users\admin\AppData\Local\cache
2013-12-24 09:56 - 2013-12-24 09:56 - 00000000 ____D C:\Users\admin\.android
2013-12-24 09:56 - 2013-12-24 09:56 - 00000000 _____ C:\Users\admin\daemonprocess.txt
2013-12-21 12:39 - 2014-01-16 20:53 - 00000000 ____D C:\Users\admin\AppData\Roaming\Media Player Classic
2013-12-21 12:23 - 2013-12-21 12:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 12:18 - 2013-12-21 12:18 - 00000233 _____ C:\Windows\wininit.ini
2013-12-21 11:49 - 2013-12-21 11:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\BankID
2013-12-21 11:48 - 2013-12-21 11:48 - 00000000 ____D C:\Program Files (x86)\BankID
2013-12-21 11:44 - 2014-01-16 23:30 - 00000999 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-20 02:44 - 2013-12-20 02:44 - 00002176 _____ C:\Users\Public\Desktop\Google Earth.lnk
==================== One Month Modified Files and Folders =======
2014-01-19 11:42 - 2010-04-16 18:27 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 11:41 - 2014-01-17 14:25 - 00000000 ____D C:\FRST
2014-01-19 11:38 - 2012-01-07 20:12 - 00000392 _____ C:\Windows\Tasks\FinalTorrent Update Checker.job
2014-01-19 11:38 - 2010-04-16 18:27 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 11:37 - 2014-01-17 13:51 - 00000616 _____ C:\Windows\setupact.log
2014-01-19 11:37 - 2009-12-26 08:15 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 11:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 11:36 - 2014-01-16 23:36 - 00643069 _____ C:\Windows\WindowsUpdate.log
2014-01-19 11:30 - 2009-07-14 05:45 - 00015088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 11:30 - 2009-07-14 05:45 - 00015088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 11:28 - 2013-09-28 17:46 - 00000000 ____D C:\ProgramData\Oracle
2014-01-19 11:27 - 2014-01-19 11:27 - 00005402 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-19 11:27 - 2010-04-24 16:59 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 11:27 - 2010-04-08 04:38 - 00702942 _____ C:\Windows\system32\perfh007.dat
2014-01-19 11:27 - 2010-04-08 04:38 - 00150582 _____ C:\Windows\system32\perfc007.dat
2014-01-19 11:27 - 2009-07-14 06:13 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 11:26 - 2014-01-17 00:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 19:59 - 2014-01-18 19:59 - 00000834 _____ C:\Windows\PFRO.log
2014-01-18 19:47 - 2014-01-18 19:47 - 00054456 _____ C:\Users\Public\Documents\FRST2.txt
2014-01-18 16:59 - 2014-01-18 16:59 - 00001189 _____ C:\Users\Public\Documents\checkup.txt
2014-01-18 16:56 - 2014-01-18 16:56 - 00987425 _____ C:\Users\admin\Downloads\SecurityCheck.exe
2014-01-18 10:56 - 2014-01-18 10:56 - 02076160 _____ (Farbar) C:\Users\Susi_Harry\Downloads\FRST64.exe
2014-01-18 10:55 - 2014-01-18 10:55 - 00000205 _____ C:\Users\Susi_Harry\Desktop\Fixlist.txt
2014-01-17 17:09 - 2014-01-17 17:08 - 00037454 _____ C:\Users\admin\Downloads\Addition.txt
2014-01-17 17:09 - 2014-01-17 14:26 - 00053823 _____ C:\Users\admin\Downloads\FRST.txt
2014-01-17 14:25 - 2014-01-17 14:25 - 02076160 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-01-17 14:23 - 2014-01-16 21:06 - 00137980 _____ C:\Users\Public\Documents\OTL.Txt
2014-01-17 14:19 - 2014-01-16 19:39 - 00137980 _____ C:\Users\admin\Downloads\OTL.Txt
2014-01-17 14:02 - 2014-01-17 14:02 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL (1).exe
2014-01-17 13:54 - 2009-07-14 05:45 - 00440784 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 13:51 - 2014-01-17 13:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 01:25 - 2009-10-12 23:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 01:24 - 2013-08-05 21:36 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 01:21 - 2010-04-09 17:15 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 01:15 - 2014-01-16 23:28 - 00000000 ____D C:\AdwCleaner
2014-01-17 01:09 - 2014-01-16 20:52 - 00000000 ____D C:\Users\Public\Documents\CCleaner
2014-01-17 01:07 - 2014-01-17 01:07 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-17 01:07 - 2014-01-16 20:50 - 00000000 ____D C:\Program Files\CCleaner
2014-01-17 00:31 - 2014-01-17 00:30 - 00000000 ____D C:\Program Files (x86)\QuickTime
2014-01-17 00:30 - 2014-01-17 00:30 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-17 00:26 - 2014-01-17 00:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-17 00:26 - 2014-01-17 00:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-17 00:26 - 2012-06-27 11:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 00:26 - 2010-04-07 20:27 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2014-01-16 23:57 - 2014-01-16 23:57 - 01037068 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-01-16 23:56 - 2014-01-16 23:56 - 01037068 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-01-16 23:30 - 2013-12-21 11:44 - 00000999 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-16 23:30 - 2011-01-11 21:05 - 00000969 _____ C:\Users\admin\Desktop\Internet Explorer.lnk
2014-01-16 23:30 - 2010-05-05 13:17 - 00001013 _____ C:\Users\admin\Desktop\Mozilla Firefox.lnk
2014-01-16 23:22 - 2014-01-16 23:22 - 00020383 _____ C:\Users\Public\Documents\OTL.zip
2014-01-16 21:01 - 2014-01-16 21:06 - 00082410 _____ C:\Users\Public\Documents\Extras.Txt
2014-01-16 21:01 - 2014-01-16 19:39 - 00082410 _____ C:\Users\admin\Downloads\Extras.Txt
2014-01-16 20:53 - 2014-01-16 21:06 - 00018022 _____ C:\Users\Public\Documents\CCleanerscan20140116.txt
2014-01-16 20:53 - 2013-12-21 12:39 - 00000000 ____D C:\Users\admin\AppData\Roaming\Media Player Classic
2014-01-16 20:53 - 2011-06-22 20:09 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2014-01-16 20:53 - 2009-10-13 00:02 - 00000000 ____D C:\Windows\Panther
2014-01-16 20:50 - 2014-01-16 20:50 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-16 19:33 - 2014-01-16 19:33 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL.exe
2014-01-16 19:18 - 2009-10-12 23:29 - 00000000 ____D C:\Program Files (x86)\Acer GameZone
2014-01-16 19:17 - 2009-10-12 23:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-16 19:16 - 2011-12-14 21:57 - 00000000 ____D C:\ProgramData\eMule
2014-01-16 19:13 - 2012-10-20 08:19 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\uTorrent
2014-01-16 14:44 - 2014-01-16 14:44 - 00000000 ____D C:\Users\admin\AppData\Roaming\Malwarebytes
2014-01-16 14:43 - 2014-01-16 14:43 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 14:43 - 2014-01-16 14:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-16 14:43 - 2014-01-16 14:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 14:43 - 2014-01-16 14:38 - 00000000 ____D C:\Program Files (x86)\stinger
2014-01-16 14:37 - 2014-01-16 14:36 - 00000404 _____ C:\Users\admin\Desktop\RootkitRemover_20140116_143654.log
2014-01-15 17:37 - 2014-01-08 11:02 - 00000000 ____D C:\Program Files (x86)\Zattoo4
2014-01-15 17:36 - 2012-02-07 19:23 - 00000000 ____D C:\Program Files (x86)\Free Video Converter
2014-01-15 17:34 - 2014-01-08 10:50 - 00000000 ____D C:\Users\admin\AppData\Roaming\concept design
2014-01-15 17:34 - 2013-09-21 08:58 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2014-01-14 14:13 - 2014-01-14 14:13 - 00000000 ____D C:\Windows Home Server-Treiber für Wiederherstellung
2014-01-14 14:13 - 2010-04-09 18:00 - 00000000 ____D C:\Windows\system32\(SYSTEM RESERVED)
2014-01-13 21:08 - 2014-01-11 17:07 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2014-01-13 21:04 - 2014-01-13 21:03 - 00000000 ___HD C:\ProgramData\CanonIJScan
2014-01-13 21:04 - 2013-04-06 07:31 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\Canon
2014-01-13 17:45 - 2010-04-09 14:34 - 00000000 ____D C:\Users\Susi_Harry\AppData\Local\VirtualStore
2014-01-12 19:00 - 2011-06-22 19:09 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\Skype
2014-01-11 17:06 - 2014-01-11 17:05 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Canon
2014-01-11 17:05 - 2014-01-11 17:04 - 00000000 ____D C:\Users\Susi_Harry\Neuer Ordner
2014-01-11 17:04 - 2010-04-09 14:33 - 00000000 ____D C:\Users\Susi_Harry
2014-01-11 17:00 - 2012-11-04 14:06 - 00000000 ____D C:\Users\admin\AppData\Roaming\canon
2014-01-11 17:00 - 2012-11-04 13:03 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-11 16:49 - 2014-01-11 16:49 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2014-01-11 16:49 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2014-01-11 16:47 - 2014-01-11 16:47 - 00001985 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-01-11 16:47 - 2014-01-11 16:47 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2014-01-11 16:41 - 2014-01-11 16:41 - 00002316 _____ C:\Users\Public\Desktop\Canon MX920 series On-Screen-Handbuch.lnk
2014-01-11 16:41 - 2014-01-11 16:41 - 00000000 ____D C:\Program Files\Canon
2014-01-11 16:41 - 2014-01-11 16:40 - 00000000 ___HD C:\Program Files\CanonBJ
2014-01-11 16:40 - 2014-01-11 16:40 - 00000000 ____D C:\Windows\system32\STRING
2014-01-11 15:50 - 2011-06-25 21:48 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Skype
2014-01-11 15:41 - 2010-07-13 17:59 - 00000000 ____D C:\Program Files (x86)\Samsung
2014-01-11 14:42 - 2014-01-11 14:42 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2014-01-11 14:42 - 2014-01-11 14:42 - 00000000 ___HD C:\ProgramData\CanonBJ
2014-01-09 17:18 - 2011-05-14 10:50 - 00000121 _____ C:\Users\Public\LMDebug.log
2014-01-08 13:13 - 2010-05-14 14:25 - 01602628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 13:00 - 2011-12-14 22:25 - 00000000 ____D C:\Program Files (x86)\DivX
2014-01-08 13:00 - 2011-12-14 22:24 - 00000000 ____D C:\ProgramData\DivX
2014-01-08 11:08 - 2014-01-08 11:03 - 00017408 _____ C:\Users\admin\AppData\Local\WebpageIcons.db
2014-01-08 11:03 - 2014-01-08 11:03 - 00000000 ____D C:\Users\admin\AppData\Local\Zattoo
2014-01-08 11:02 - 2014-01-08 11:02 - 00001832 _____ C:\Users\UpdatusUser\Desktop\Zattoo.lnk
2014-01-08 11:02 - 2014-01-08 11:02 - 00001832 _____ C:\Users\McAfeeMVSUser\Desktop\Zattoo.lnk
2014-01-08 11:02 - 2014-01-08 11:02 - 00001832 _____ C:\Users\Alfred\Desktop\Zattoo.lnk
2014-01-08 10:56 - 2014-01-08 10:56 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\concept design
2014-01-08 07:15 - 2012-02-18 17:03 - 00000000 ____D C:\Users\Susi_Harry\Documents\HENRIK
2013-12-29 15:24 - 2013-12-24 10:17 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games
2013-12-29 10:56 - 2013-12-29 10:56 - 00001321 _____ C:\Users\Public\Desktop\Photomizer 2 Bresser Edition.lnk
2013-12-29 10:56 - 2013-12-29 10:56 - 00000000 ____D C:\Program Files (x86)\Engelmann Media
2013-12-29 10:54 - 2013-12-29 10:54 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\Engelmann Media
2013-12-29 10:54 - 2010-04-07 19:05 - 00000000 ____D C:\Users\admin
2013-12-29 10:36 - 2013-12-29 10:36 - 00000000 ____D C:\Users\admin\AppData\Roaming\Engelmann Media
2013-12-29 10:36 - 2013-12-29 10:36 - 00000000 ____D C:\ProgramData\Licenses
2013-12-29 10:25 - 2009-07-14 03:34 - 00000742 _____ C:\Windows\win.ini
2013-12-26 22:06 - 2013-12-26 22:06 - 00000000 ____D C:\Users\Susi_Harry\AppData\Roaming\BankID
2013-12-25 00:11 - 2013-12-25 00:11 - 00000093 _____ C:\Windows\WFT-E5Utility.INI
2013-12-25 00:08 - 2010-11-16 15:05 - 00000000 ____D C:\Users\Susi_Harry\.gimp-2.6
2013-12-25 00:02 - 2013-12-25 00:02 - 00000867 _____ C:\Users\Susi_Harry\.recently-used.xbel
2013-12-24 10:19 - 2013-12-24 10:19 - 00000000 ____D C:\ProgramData\InterAction studios
2013-12-24 10:19 - 2013-12-24 10:17 - 00001887 _____ C:\Users\admin\Desktop\Alawar Games.lnk
2013-12-24 10:17 - 2013-12-24 10:17 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-12-24 10:17 - 2013-12-24 10:17 - 00000000 ____D C:\Program Files (x86)\Alawar
2013-12-24 10:09 - 2013-12-24 10:06 - 25700041 _____ C:\Users\Susi_Harry\Downloads\Chicken-Invaders-4-Ultimate(www.vatandownload.com).rar
2013-12-24 09:56 - 2013-12-24 09:56 - 00000000 ____D C:\Users\admin\AppData\Local\cache
2013-12-24 09:56 - 2013-12-24 09:56 - 00000000 ____D C:\Users\admin\.android
2013-12-24 09:56 - 2013-12-24 09:56 - 00000000 _____ C:\Users\admin\daemonprocess.txt
2013-12-22 18:08 - 2013-09-02 07:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 12:39 - 2011-12-14 22:26 - 00000000 ____D C:\Users\admin\AppData\Roaming\DivX
2013-12-21 12:29 - 2011-07-05 16:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-21 12:29 - 2011-07-05 16:50 - 00000000 ____D C:\ProgramData\Skype
2013-12-21 12:24 - 2013-12-21 12:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 12:24 - 2010-04-23 17:32 - 00000000 ____D C:\Users\admin\AppData\Local\Mozilla
2013-12-21 12:18 - 2013-12-21 12:18 - 00000233 _____ C:\Windows\wininit.ini
2013-12-21 12:08 - 2011-12-14 22:25 - 00000000 ____D C:\Program Files\DivX
2013-12-21 11:49 - 2013-12-21 11:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\BankID
2013-12-21 11:48 - 2013-12-21 11:48 - 00000000 ____D C:\Program Files (x86)\BankID
2013-12-21 11:42 - 2010-05-14 14:54 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-20 02:44 - 2013-12-20 02:44 - 00002176 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-20 02:44 - 2009-10-12 23:44 - 00000000 ____D C:\Program Files (x86)\Google
Files to move or delete:
====================
C:\Users\Public\hosts.dat
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Alfred\AppData\Local\Temp\DivXSetup.exe
C:\Users\Alfred\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Alfred\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Susi_Harry\AppData\Local\Temp\contentDATs.exe
C:\Users\Susi_Harry\AppData\Local\Temp\DivXSetup.exe
C:\Users\Susi_Harry\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Susi_Harry\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Susi_Harry\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Susi_Harry\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Susi_Harry\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Susi_Harry\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Susi_Harry\AppData\Local\Temp\utt619E.tmp.exe
C:\Users\Susi_Harry\AppData\Local\Temp\utt67D1.tmp.exe
C:\Users\Susi_Harry\AppData\Local\Temp\_isFD84.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 08:02
==================== End Of Log ============================
FSS.txt Code:
ATTFilter Farbar Service Scanner Version: 08-01-2014
Ran by admin (administrator) on 19-01-2014 at 14:35:22
Running from "C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8GQJ4Q23"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
IE proxy is enabled.
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of bfe. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of bfe. The value does not exist.
Unable to retrieve ServiceDll of bfe. The value does not exist.
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
Checking Start type iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to retrieve ServiceDll of iphlpsvc. The value does not exist.
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
|
| Themen zu Trojaner nach Adobe Flash Player Update |
| adobe, adobe flash player, adobe flash player 11, anti-malware, artemis, ccleaner, desktop, firewall, flash player, folge, funktioniert nicht, funktioniert nicht mehr, herunterfahren, logfile, malwarebytes, mc afee, mcafee, nicht mehr, programm, programme, prozesse, rechner, recovery, scan, system, tools, trojaner, update, virenscanner |
Baum-Darstellung