|
Plagegeister aller Art und deren Bekämpfung: windows 7: Sehiba Seite taucht plötzlich aufWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.04.2014, 07:20 | #16 |
/// the machine /// TB-Ausbilder | windows 7: Sehiba Seite taucht plötzlich auf Und das kommt auch nur in Firefox? Wann genau? Frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
04.05.2014, 09:07 | #17 |
| windows 7: Sehiba Seite taucht plötzlich auf Die Sache mit den Fenstern scheint nicht mehr aufzutauchen. Dafür klickt seit zwei Tage meine Maus (plötzlich und ohne Vorwarnung) alles an. egal was ich berühre wird es geöffnet. Das habe ich schon mal gehabt bevor ich ich mein rechner neu aufsetzen musste (Siehe mein Anfangspost).
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014 Ran by Ash (administrator) on ASH-PC on 04-05-2014 10:08:15 Running from C:\Users\Ash\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe () C:\Program Files (x86)\Secure Banking\sbservice.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3759875316-3176248526-3050465731-1000\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2014-04-13] (Secure Banking) HKU\S-1-5-21-3759875316-3176248526-3050465731-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2014-04-13] (Secure Banking) HKU\S-1-5-21-3759875316-3176248526-3050465731-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Fede\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd) AppInit_DLLs: C:\Windows\system32\appinit_dll.dll => C:\Windows\system32\appinit_dll.dll [475424 2012-02-05] (Lucidlogix Inc.) AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll => C:\Windows\SysWOW64\appinit_dll.dll [429856 2012-02-05] (Lucidlogix Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1ECE68F8014ACF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\cx6etapf.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG) R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-04] () S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-04 10:03 - 2014-05-04 10:03 - 00025714 _____ () C:\Users\Ash\Desktop\Addition.txt 2014-05-04 10:02 - 2014-05-04 10:08 - 00010015 _____ () C:\Users\Ash\Desktop\FRST.txt 2014-05-04 10:02 - 2014-05-04 10:08 - 00000000 ____D () C:\FRST 2014-05-04 10:02 - 2014-05-04 10:02 - 02062336 _____ (Farbar) C:\Users\Ash\Desktop\FRST64.exe 2014-05-04 09:48 - 2014-05-04 09:48 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\WTablet 2014-05-03 09:50 - 2014-05-03 09:50 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-03 09:49 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-03 09:49 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-03 00:12 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-03 00:12 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-03 00:12 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-03 00:12 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-02 11:25 - 2014-05-02 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-28 12:00 - 2014-04-28 12:00 - 00000000 __SHD () C:\Users\Fede\AppData\Local\EmieUserList 2014-04-28 12:00 - 2014-04-28 12:00 - 00000000 __SHD () C:\Users\Fede\AppData\Local\EmieSiteList 2014-04-27 12:02 - 2014-04-27 12:02 - 31112616 _____ (Oracle Corporation) C:\Users\Fede\Downloads\jre-8u5-windows-i586.exe 2014-04-27 12:01 - 2014-04-27 12:02 - 138607664 _____ () C:\Users\Fede\Downloads\avira_free_antivirus_de_14.0.3.350.exe 2014-04-27 12:01 - 2014-04-27 12:01 - 01110476 _____ () C:\Users\Fede\Downloads\7z920.exe 2014-04-27 11:59 - 2014-04-27 11:59 - 00399347 _____ () C:\Users\Fede\Downloads\Secure Banking v1.5.1.rar 2014-04-27 11:55 - 2014-04-27 11:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Fede\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 11:55 - 2014-04-27 11:55 - 38317592 _____ (Google Inc.) C:\Users\Fede\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe 2014-04-27 11:54 - 2014-04-27 11:58 - 328324136 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\WindowsXP-KB936929-SP3-x86-DEU.exe 2014-04-27 11:54 - 2014-04-27 11:56 - 63320784 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\IE11-Windows6.1-x64-de-de.exe 2014-04-27 11:54 - 2014-04-27 11:56 - 39074536 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\FileFormatConverters.exe 2014-04-27 11:54 - 2014-04-27 11:56 - 373578968 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe 2014-04-27 11:54 - 2014-04-27 11:55 - 26747104 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\Windows-KB890830-x64-V5.11.exe 2014-04-27 11:52 - 2014-04-27 11:53 - 277936872 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\WindowsXP-KB835935-SP2-DEU.exe 2014-04-27 11:52 - 2014-04-27 11:52 - 02017888 _____ () C:\Users\Fede\Downloads\sp1aexpress_ger.exe 2014-04-26 01:12 - 2014-04-26 01:12 - 00000205 _____ () C:\Users\Fede\Desktop\Portal 2.url 2014-04-26 01:12 - 2014-04-26 01:12 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-04-22 15:45 - 2014-04-22 15:45 - 00000616 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-04-22 15:45 - 2014-04-22 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-04-21 16:39 - 2014-04-21 16:39 - 00001534 _____ () C:\Users\Fede\Desktop\DAZStudio.exe - Verknüpfung.lnk 2014-04-21 15:05 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-04-21 15:05 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-21 15:02 - 2014-04-21 15:02 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf 2014-04-21 15:02 - 2014-04-21 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-04-21 15:02 - 2014-04-21 15:02 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-04-21 15:01 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-04-21 15:01 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-04-21 15:01 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-04-21 15:01 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-04-21 15:01 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-04-21 15:01 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-04-21 15:01 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-04-21 15:01 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-04-21 15:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-04-21 15:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-04-21 15:01 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-04-21 15:01 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-04-21 15:01 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-04-21 15:01 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-04-21 15:01 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-04-21 15:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-04-21 15:01 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-04-21 15:01 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-04-21 15:01 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys 2014-04-21 15:01 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-04-21 15:01 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2014-04-21 15:01 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2014-04-21 15:01 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-04-21 15:00 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-04-21 15:00 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-04-21 14:59 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-04-21 14:59 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-04-21 14:57 - 2014-05-04 09:47 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2014-04-21 14:55 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-21 14:55 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-21 14:55 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-21 14:55 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-21 14:55 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-21 14:55 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-21 14:55 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-21 14:55 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-21 14:55 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-21 14:55 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-21 14:55 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-21 14:55 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-21 14:55 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-21 14:55 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-21 14:55 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-21 14:55 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-21 14:55 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-21 14:55 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-21 14:55 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-21 14:55 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-21 14:55 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-21 14:55 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-21 14:55 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-21 14:55 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-21 14:55 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-21 14:55 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-21 14:55 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-21 14:55 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-21 14:55 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-21 14:55 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-21 14:55 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-21 14:55 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-21 14:55 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-21 14:55 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-21 14:55 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-21 14:55 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-21 14:55 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-21 14:55 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-21 14:55 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-21 14:55 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-21 14:55 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-21 14:55 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-21 14:55 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-21 14:55 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-21 14:54 - 2014-05-03 23:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-21 14:54 - 2014-05-01 13:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-21 14:53 - 2014-04-21 14:53 - 00000000 ____D () C:\Users\Ash\AppData\Local\Secunia PSI 2014-04-21 14:52 - 2014-04-21 14:52 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2014-04-21 14:52 - 2014-04-21 14:52 - 00000000 ____D () C:\Program Files (x86)\Secunia 2014-04-21 14:11 - 2014-04-21 14:11 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Mozilla 2014-04-21 14:07 - 2014-05-03 09:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-21 14:07 - 2014-04-21 14:07 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-21 14:07 - 2014-04-21 14:07 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-16 19:28 - 2014-04-16 19:29 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\DAZ 3D 2014-04-16 19:28 - 2014-04-16 19:28 - 00000000 ____D () C:\Users\Fede\Documents\DAZ 3D 2014-04-16 19:16 - 2014-04-16 19:16 - 00000934 _____ () C:\Users\Ash\Desktop\DAZ Studio 4.6 (64-bit).lnk 2014-04-16 19:16 - 2014-04-16 19:16 - 00000000 ____D () C:\Users\Public\Pixologic 2014-04-16 19:10 - 2014-04-16 19:10 - 00001738 _____ () C:\Users\Ash\Desktop\DAZ Install Manager.lnk 2014-04-16 19:09 - 2014-04-16 19:16 - 00000000 ____D () C:\Users\Ash\Documents\DAZ 2014-04-16 18:52 - 2014-05-04 09:30 - 00000000 ____D () C:\Users\Public\Documents\My DAZ 3D Library 2014-04-16 18:40 - 2014-04-16 18:40 - 00000000 ____D () C:\Users\Public\Documents\DAZ 3D 2014-04-16 18:40 - 2014-04-16 18:40 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\DAZ 3D 2014-04-16 18:39 - 2014-04-16 19:16 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2014-04-16 18:39 - 2014-04-16 19:16 - 00000000 ____D () C:\ProgramData\DAZ 3D 2014-04-16 18:39 - 2014-04-16 19:16 - 00000000 ____D () C:\Program Files\DAZ 3D 2014-04-16 18:39 - 2014-04-16 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2014-04-16 18:39 - 2014-04-16 18:39 - 00000000 ____D () C:\Program Files (x86)\DAZ 3D 2014-04-16 15:52 - 2014-04-25 21:03 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk 2014-04-15 16:05 - 2014-04-15 16:05 - 00000795 _____ () C:\DelFix.txt 2014-04-15 14:35 - 2014-04-15 14:48 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-04-15 14:35 - 2014-04-15 14:35 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-04-15 14:35 - 2014-04-15 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-04-13 19:04 - 2014-04-15 16:05 - 00000000 ____D () C:\Windows\ERUNT 2014-04-13 09:21 - 2014-04-13 09:21 - 00001078 _____ () C:\Users\Public\Desktop\Secure Banking.lnk 2014-04-13 09:21 - 2012-09-10 16:08 - 00425278 _____ (Hopfgartner Niklas ) C:\Users\Ash\Desktop\setup.exe 2014-04-12 17:22 - 2014-04-13 09:21 - 00000000 ____D () C:\Program Files (x86)\Secure Banking 2014-04-12 17:21 - 2014-04-12 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-04-12 17:21 - 2014-04-12 17:21 - 00000000 ____D () C:\Program Files\7-Zip 2014-04-10 19:44 - 2014-05-04 09:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-10 19:44 - 2014-04-10 19:44 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-10 19:44 - 2014-04-10 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-10 19:44 - 2014-04-10 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-10 19:44 - 2014-04-10 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-10 19:44 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-10 19:44 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-10 19:44 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-10 19:41 - 2014-04-21 14:03 - 00001268 _____ () C:\Users\Ash\Desktop\Revo Uninstaller.lnk 2014-04-10 19:41 - 2014-04-21 14:03 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-04-09 20:16 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 20:16 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 20:16 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 20:16 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 20:16 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 20:16 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 20:16 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 20:16 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 20:16 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 20:16 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 20:16 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 20:16 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 20:16 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 20:16 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 20:16 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 20:16 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 20:16 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-07 20:22 - 2014-04-07 20:22 - 00000000 ____D () C:\Users\Fede\Documents\SelfMV 2014-04-07 20:09 - 2014-04-07 20:09 - 00002006 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-04-07 20:09 - 2014-04-07 20:09 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-04-07 20:09 - 2014-04-07 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-04-07 20:09 - 2014-01-23 05:21 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscemdm.sys 2014-04-07 20:09 - 2014-01-23 05:21 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscebus.sys 2014-04-07 20:09 - 2014-01-23 05:21 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscemdfl.sys 2014-04-07 20:09 - 2014-01-23 05:21 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscewhnt.sys 2014-04-07 20:09 - 2014-01-23 05:21 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscewh.sys 2014-04-07 20:09 - 2014-01-23 05:21 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscecmnt.sys 2014-04-07 20:09 - 2014-01-23 05:21 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscecm.sys 2014-04-07 19:57 - 2014-04-07 19:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Fede\Documents\samsung 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Samsung 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Fede\AppData\Local\Samsung 2014-04-07 19:38 - 2014-04-07 19:40 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-04-07 19:38 - 2014-04-07 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-04-07 19:38 - 2014-01-23 18:23 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2014-04-07 19:38 - 2014-01-23 18:23 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2014-04-07 19:37 - 2014-04-07 19:37 - 00000000 ____D () C:\Users\Ash\AppData\Local\Downloaded Installations 2014-04-07 11:27 - 2014-04-28 12:21 - 00000000 ____D () C:\Users\Fede\AppData\Local\Microsoft Games 2014-04-06 19:50 - 2014-04-17 09:32 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\vlc 2014-04-06 19:49 - 2014-04-06 19:49 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-06 19:49 - 2014-04-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-06 19:49 - 2014-04-06 19:49 - 00000000 ____D () C:\Program Files\VideoLAN 2014-04-05 19:43 - 2014-04-05 23:29 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\TS3Client 2014-04-05 19:43 - 2014-04-05 19:43 - 00001170 _____ () C:\Users\Fede\Desktop\TeamSpeak 3 Client.lnk 2014-04-05 19:43 - 2014-04-05 19:43 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-04-05 19:43 - 2014-04-05 19:43 - 00000000 ____D () C:\Users\Fede\AppData\Local\TeamSpeak 3 Client 2014-04-05 18:00 - 2014-04-05 18:00 - 00000936 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Fede\Documents\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 ==================== One Month Modified Files and Folders ======= 2014-05-04 10:08 - 2014-05-04 10:02 - 00010015 _____ () C:\Users\Ash\Desktop\FRST.txt 2014-05-04 10:08 - 2014-05-04 10:02 - 00000000 ____D () C:\FRST 2014-05-04 10:03 - 2014-05-04 10:03 - 00025714 _____ () C:\Users\Ash\Desktop\Addition.txt 2014-05-04 10:02 - 2014-05-04 10:02 - 02062336 _____ (Farbar) C:\Users\Ash\Desktop\FRST64.exe 2014-05-04 09:54 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-04 09:54 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-04 09:53 - 2011-04-12 09:43 - 00698928 _____ () C:\Windows\system32\perfh007.dat 2014-05-04 09:53 - 2011-04-12 09:43 - 00149068 _____ () C:\Windows\system32\perfc007.dat 2014-05-04 09:53 - 2009-07-14 07:13 - 01618616 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-04 09:48 - 2014-05-04 09:48 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\WTablet 2014-05-04 09:48 - 2014-04-10 19:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-04 09:48 - 2014-03-27 22:52 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2014-05-04 09:48 - 2014-03-27 22:51 - 00058408 _____ () C:\Users\Ash\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-04 09:48 - 2014-03-27 22:44 - 00000000 ____D () C:\Users\Ash\AppData\Local\VirtualStore 2014-05-04 09:47 - 2014-04-21 14:57 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2014-05-04 09:47 - 2014-03-27 22:54 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-05-04 09:47 - 2010-11-21 05:47 - 00154450 _____ () C:\Windows\PFRO.log 2014-05-04 09:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-04 09:47 - 2009-07-14 06:51 - 00041863 _____ () C:\Windows\setupact.log 2014-05-04 09:46 - 2014-03-27 22:45 - 02088027 _____ () C:\Windows\WindowsUpdate.log 2014-05-04 09:30 - 2014-04-16 18:52 - 00000000 ____D () C:\Users\Public\Documents\My DAZ 3D Library 2014-05-04 09:30 - 2014-03-29 11:24 - 00000000 ____D () C:\Users\Fede\AppData\Local\Adobe 2014-05-03 23:18 - 2014-04-21 14:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-03 22:26 - 2014-03-28 21:42 - 00000000 ____D () C:\Users\Fede\AppData\Local\Battle.net 2014-05-03 17:22 - 2014-03-29 10:52 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Spotify 2014-05-03 13:13 - 2014-03-27 22:52 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2014-05-03 09:50 - 2014-05-03 09:50 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-03 09:40 - 2014-04-21 14:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-02 15:26 - 2014-04-01 21:36 - 00001456 _____ () C:\Users\Fede\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-05-02 12:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-02 11:25 - 2014-05-02 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-02 09:51 - 2014-03-28 00:04 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-05-01 13:30 - 2014-04-21 14:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-01 13:30 - 2014-03-28 01:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-01 13:30 - 2014-03-28 01:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-01 09:41 - 2014-03-28 20:58 - 00000000 ____D () C:\Windows\pss 2014-05-01 09:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-29 16:01 - 2014-05-03 00:12 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:40 - 2014-05-03 00:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 14:48 - 2014-05-03 00:12 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-03 00:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 12:21 - 2014-04-07 11:27 - 00000000 ____D () C:\Users\Fede\AppData\Local\Microsoft Games 2014-04-28 12:00 - 2014-04-28 12:00 - 00000000 __SHD () C:\Users\Fede\AppData\Local\EmieUserList 2014-04-28 12:00 - 2014-04-28 12:00 - 00000000 __SHD () C:\Users\Fede\AppData\Local\EmieSiteList 2014-04-28 11:04 - 2014-03-29 10:53 - 00000000 ____D () C:\Users\Fede\AppData\Local\Spotify 2014-04-27 12:02 - 2014-04-27 12:02 - 31112616 _____ (Oracle Corporation) C:\Users\Fede\Downloads\jre-8u5-windows-i586.exe 2014-04-27 12:02 - 2014-04-27 12:01 - 138607664 _____ () C:\Users\Fede\Downloads\avira_free_antivirus_de_14.0.3.350.exe 2014-04-27 12:01 - 2014-04-27 12:01 - 01110476 _____ () C:\Users\Fede\Downloads\7z920.exe 2014-04-27 11:59 - 2014-04-27 11:59 - 00399347 _____ () C:\Users\Fede\Downloads\Secure Banking v1.5.1.rar 2014-04-27 11:58 - 2014-04-27 11:54 - 328324136 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\WindowsXP-KB936929-SP3-x86-DEU.exe 2014-04-27 11:56 - 2014-04-27 11:55 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Fede\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 11:56 - 2014-04-27 11:54 - 63320784 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\IE11-Windows6.1-x64-de-de.exe 2014-04-27 11:56 - 2014-04-27 11:54 - 39074536 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\FileFormatConverters.exe 2014-04-27 11:56 - 2014-04-27 11:54 - 373578968 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe 2014-04-27 11:55 - 2014-04-27 11:55 - 38317592 _____ (Google Inc.) C:\Users\Fede\Downloads\ChromeStandaloneSetup_34.0.1847.116.exe 2014-04-27 11:55 - 2014-04-27 11:54 - 26747104 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\Windows-KB890830-x64-V5.11.exe 2014-04-27 11:53 - 2014-04-27 11:52 - 277936872 _____ (Microsoft Corporation) C:\Users\Fede\Downloads\WindowsXP-KB835935-SP2-DEU.exe 2014-04-27 11:52 - 2014-04-27 11:52 - 02017888 _____ () C:\Users\Fede\Downloads\sp1aexpress_ger.exe 2014-04-26 01:12 - 2014-04-26 01:12 - 00000205 _____ () C:\Users\Fede\Desktop\Portal 2.url 2014-04-26 01:12 - 2014-04-26 01:12 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-04-25 21:04 - 2014-03-28 00:17 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-04-25 21:03 - 2014-04-16 15:52 - 00000769 _____ () C:\Users\Public\Desktop\World of Tanks.lnk 2014-04-25 21:03 - 2014-03-28 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2014-04-24 18:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-22 15:45 - 2014-04-22 15:45 - 00000616 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-04-22 15:45 - 2014-04-22 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-04-21 16:39 - 2014-04-21 16:39 - 00001534 _____ () C:\Users\Fede\Desktop\DAZStudio.exe - Verknüpfung.lnk 2014-04-21 15:04 - 2014-03-28 21:41 - 00058408 _____ () C:\Users\Fede\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-21 15:03 - 2009-07-14 06:45 - 04938312 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-21 15:03 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-21 15:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-21 15:02 - 2014-04-21 15:02 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-04-21 15:02 - 2014-04-21 15:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf 2014-04-21 15:02 - 2014-04-21 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-04-21 15:02 - 2014-04-21 15:02 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-04-21 15:01 - 2014-03-28 01:18 - 01591896 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-04-21 15:00 - 2014-03-27 22:51 - 00000000 ____D () C:\Program Files\Intel 2014-04-21 14:53 - 2014-04-21 14:53 - 00000000 ____D () C:\Users\Ash\AppData\Local\Secunia PSI 2014-04-21 14:52 - 2014-04-21 14:52 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2014-04-21 14:52 - 2014-04-21 14:52 - 00000000 ____D () C:\Program Files (x86)\Secunia 2014-04-21 14:11 - 2014-04-21 14:11 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Mozilla 2014-04-21 14:07 - 2014-04-21 14:07 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-21 14:07 - 2014-04-21 14:07 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-21 14:03 - 2014-04-10 19:41 - 00001268 _____ () C:\Users\Ash\Desktop\Revo Uninstaller.lnk 2014-04-21 14:03 - 2014-04-10 19:41 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-04-17 09:32 - 2014-04-06 19:50 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\vlc 2014-04-16 19:29 - 2014-04-16 19:28 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\DAZ 3D 2014-04-16 19:28 - 2014-04-16 19:28 - 00000000 ____D () C:\Users\Fede\Documents\DAZ 3D 2014-04-16 19:16 - 2014-04-16 19:16 - 00000934 _____ () C:\Users\Ash\Desktop\DAZ Studio 4.6 (64-bit).lnk 2014-04-16 19:16 - 2014-04-16 19:16 - 00000000 ____D () C:\Users\Public\Pixologic 2014-04-16 19:16 - 2014-04-16 19:09 - 00000000 ____D () C:\Users\Ash\Documents\DAZ 2014-04-16 19:16 - 2014-04-16 18:39 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2014-04-16 19:16 - 2014-04-16 18:39 - 00000000 ____D () C:\ProgramData\DAZ 3D 2014-04-16 19:16 - 2014-04-16 18:39 - 00000000 ____D () C:\Program Files\DAZ 3D 2014-04-16 19:10 - 2014-04-16 19:10 - 00001738 _____ () C:\Users\Ash\Desktop\DAZ Install Manager.lnk 2014-04-16 19:10 - 2014-04-16 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAZ 3D 2014-04-16 18:40 - 2014-04-16 18:40 - 00000000 ____D () C:\Users\Public\Documents\DAZ 3D 2014-04-16 18:40 - 2014-04-16 18:40 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\DAZ 3D 2014-04-16 18:39 - 2014-04-16 18:39 - 00000000 ____D () C:\Program Files (x86)\DAZ 3D 2014-04-15 16:05 - 2014-04-15 16:05 - 00000795 _____ () C:\DelFix.txt 2014-04-15 16:05 - 2014-04-13 19:04 - 00000000 ____D () C:\Windows\ERUNT 2014-04-15 14:48 - 2014-04-15 14:35 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-04-15 14:35 - 2014-04-15 14:35 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-04-15 14:35 - 2014-04-15 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-04-14 09:47 - 2014-03-28 21:41 - 00000000 ____D () C:\Users\Fede\AppData\Local\VirtualStore 2014-04-14 09:43 - 2014-03-30 15:27 - 00000000 ____D () C:\Users\Fede\AppData\Local\CrashDumps 2014-04-14 04:24 - 2014-05-03 09:49 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-05-03 09:49 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-13 09:21 - 2014-04-13 09:21 - 00001078 _____ () C:\Users\Public\Desktop\Secure Banking.lnk 2014-04-13 09:21 - 2014-04-12 17:22 - 00000000 ____D () C:\Program Files (x86)\Secure Banking 2014-04-12 17:21 - 2014-04-12 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-04-12 17:21 - 2014-04-12 17:21 - 00000000 ____D () C:\Program Files\7-Zip 2014-04-10 19:44 - 2014-04-10 19:44 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-10 19:44 - 2014-04-10 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-10 19:44 - 2014-04-10 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-10 19:44 - 2014-04-10 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-10 01:11 - 2014-03-27 23:44 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 01:10 - 2014-03-27 23:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-07 20:22 - 2014-04-07 20:22 - 00000000 ____D () C:\Users\Fede\Documents\SelfMV 2014-04-07 20:09 - 2014-04-07 20:09 - 00002006 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-04-07 20:09 - 2014-04-07 20:09 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-04-07 20:09 - 2014-04-07 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-04-07 19:57 - 2014-04-07 19:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Fede\Documents\samsung 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Samsung 2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Fede\AppData\Local\Samsung 2014-04-07 19:40 - 2014-04-07 19:38 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-04-07 19:40 - 2014-03-27 23:01 - 00000000 ____D () C:\ProgramData\Samsung 2014-04-07 19:38 - 2014-04-07 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-04-07 19:38 - 2014-03-27 22:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-07 19:37 - 2014-04-07 19:37 - 00000000 ____D () C:\Users\Ash\AppData\Local\Downloaded Installations 2014-04-06 19:49 - 2014-04-06 19:49 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-06 19:49 - 2014-04-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-06 19:49 - 2014-04-06 19:49 - 00000000 ____D () C:\Program Files\VideoLAN 2014-04-05 23:29 - 2014-04-05 19:43 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\TS3Client 2014-04-05 19:43 - 2014-04-05 19:43 - 00001170 _____ () C:\Users\Fede\Desktop\TeamSpeak 3 Client.lnk 2014-04-05 19:43 - 2014-04-05 19:43 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-04-05 19:43 - 2014-04-05 19:43 - 00000000 ____D () C:\Users\Fede\AppData\Local\TeamSpeak 3 Client 2014-04-05 18:00 - 2014-04-05 18:00 - 00000936 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Fede\Documents\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Fede\AppData\Roaming\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2014-04-05 18:00 - 2014-04-05 18:00 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 Some content of TEMP: ==================== C:\Users\Ash\AppData\Local\Temp\avgnt.exe C:\Users\Ash\AppData\Local\Temp\Lucidlogix VIRTU MVP Setup_64Bit_2.1.110.20705.exe C:\Users\Ash\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe C:\Users\Ash\AppData\Local\Temp\Quarantine.exe C:\Users\Fede\AppData\Local\Temp\avgnt.exe C:\Users\Fede\AppData\Local\Temp\Gw2.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-02 19:02 ==================== End Of Log ============================ --- --- --- --- --- --- Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 04.05.2014 Suchlauf-Zeit: 09:56:02 Logdatei: Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.04.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Ash Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 292790 Verstrichene Zeit: 7 Min, 39 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Geändert von Ashigaru01 (04.05.2014 um 09:13 Uhr) |
04.05.2014, 10:58 | #18 |
/// the machine /// TB-Ausbilder | windows 7: Sehiba Seite taucht plötzlich auf Sieht gut aus. Schon mal ne andere Maus probiert`?
__________________
__________________ |
04.05.2014, 21:45 | #19 |
| windows 7: Sehiba Seite taucht plötzlich auf Nein, ist vielleicht etwas defekt. Ich bin nur zur Zeit etwas überempfindlich wenn es um mögliche Trojaner geht Aber danke dir für die Mühe und deine tolle Hilfe |
05.05.2014, 16:39 | #20 |
/// the machine /// TB-Ausbilder | windows 7: Sehiba Seite taucht plötzlich auf Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu windows 7: Sehiba Seite taucht plötzlich auf |
antivir, datei, firefox, hallo zusammen, hijack, hijackthis, home, langsam, log, mac, mbam, passwörter, plötzlich, problem, ratlos, rechner, seite, trojaner, verändert, werbung, windows, windows 7, woche, wochen, zeichen |