| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Browserprobleme (snapdo\sweetdreams) und unbekannte ProgrammeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.05.2014, 16:15
| #1 |
| |  Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Hallo, ich habe seit zirka 3 Wochen Probleme mit meinem Laptop. Nach der Erneuerung meines Virenprogramms sind in den darauf folgenden Tagen Veraenderungen auf meinem Browser aufgetreten. Die Startseite war nicht mehr Google und wechselt auch beim Oeffnen neuer Tabs kurze Zeit nach Google andere Seiten. Auffaellig sind auch dass seit dem neue Programme unten rechts auf der Taskleiste aufgetaucht sind und sich beim Start von Windows oeffnen. |
|
04.05.2014, 17:35
| #2 |
| /// the machine /// TB-Ausbilder    | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.05.2014, 23:54
| #3 |
| | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Hallo schrauber,
__________________vielen Dank fuer die schnelle Antwort. Hier das Ergebniss des Scans: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-05-2014
Ran by Monica (administrator) on MONICA-KOMPUTER on 05-05-2014 00:48:16
Running from C:\Users\Monica\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Cyfrowy Polsat\MF669\AssistantServices.exe
() C:\Program Files (x86)\Iminent\WinkHandler.exe
() C:\Program Files\003\xmkysecqun64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\LPT\srptm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
() C:\Program Files (x86)\Iminent\WinkHandler.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Smartbar) C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
() C:\Program Files (x86)\Cyfrowy Polsat\MF669\CancelAutoPlay.exe
() C:\Program Files (x86)\Cyfrowy Polsat\MF669\UIExec.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Samsung) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Monica\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe
() C:\Users\Monica\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe
() C:\Users\Monica\AppData\Local\Smartbar\Application\Lrcnta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-04-25] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020064 2012-02-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-13] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2012-01-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AnyProtect] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [21692960 2014-04-04] (AnyProtect by CMI)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-12] ()
HKLM-x32\...\Run: [CancelAutoPlay] => C:\Program Files (x86)\Cyfrowy Polsat\MF669\CancelAutoPlay.exe [414544 2011-12-27] ()
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Cyfrowy Polsat\MF669\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2499584 2010-03-25] (Vodafone)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1001\...\MountPoints2: {196fd54b-8521-11e1-8475-806e6f6e6963} - D:\SecSWMgrGuide.exe
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135672 2013-06-07] (PC Utilities Pro)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [GoogleChromeAutoLaunch_DF1279495D2E2A9E6F7652FD6CA5A9CD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-10-16] (Google Inc.)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.exe [28192 2014-04-29] (Smartbar)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\MountPoints2: {0dfe2ea7-439b-11e3-a25f-e8039afae5b6} - E:\Windows/Autorun.exe
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\MountPoints2: {2bc035dd-b332-11e3-bd1c-e8039afae5b6} - E:\setup_vmc_lite.exe /checkApplicationPresence
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-02-25] (NVIDIA Corporation)
AppInit_DLLs-x32: 0 => "0" File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvtZFk98_eg5DWkO3ZBsoWf7UGaTDDBPU_qjlP5r0C6ooXPJCNfQuN_-TYKeziSOA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvhT-X7epmeRH8wWcNpZPGDz7-Rmp1lWqAMNA31qBq7M2y10R1bzF1o60KZXNTuJg,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.dalesearch.com/?babsrc=HP_ss&mntrId=9E49E8039AFAE5B6&affID=124446&tsp=5037
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvtZFk98_eg5DWkO3ZBsoWf7UGaTDDBPU_qjlP5r0C6ooXPJCNfQuN_-TYKeziSOA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1383599889&from=cor&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1397077803&from=tugs&uid=HitachiXHTS547575A9E384_J2140059DZY0DADZY0DAX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvtZFk98_eg5DWkO3ZBsoWf7UGaTDDBPU_qjlP5r0C6ooXPJCNfQuN_-TYKeziSOA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvtZFk98_eg5DWkO3ZBsoWf7UGaTDDBPU_qjlP5r0C6ooXPJCNfQuN_-TYKeziSOA,,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvtZFk98_eg5DWkO3ZBsoWf7UGaTDDBPU_qjlP5r0C6ooXPJCNfQuN_-TYKeziSOA,,&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZDr--M9JXGUna05RzFauEW2RX6malJlxACRnCFkZNezweJgsAXaMK43xRJnjRmdSPMT34DF1p3PdNvtZFk98_eg5DWkO3ZBsoWf7UGaTDDBPU_qjlP5r0C6ooXPJCNfQuN_-TYKeziSOA,,&q={searchTerms}
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: BatBrowse - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} - C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ []
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Lightning Newtab) - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2013-11-04]
CHR Extension: (MediaPlayerplus) - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-04]
CHR Extension: (Norton Identity Protection) - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-20]
CHR Extension: (Google Wallet) - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [cekcjpgehmohobmdiikfnopibipmgnml] - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-11-04]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2013-11-04]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\Extensions\Chrome.crx [2012-04-13]
CHR HKLM-x32\...\Chrome\Extension: [pialekdjmfmckiccfkgbbgphficjdekh] - C:\Users\Monica\AppData\Roaming\BabSolution\CR\dalesearch.crx [2012-04-13]
==================== Services (Whitelisted) =================
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-09] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 UI Assistant Service; C:\Program Files (x86)\Cyfrowy Polsat\MF669\AssistantServices.exe [274720 2012-05-11] ()
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-03-25] (Vodafone)
R2 WinkHandler; C:\Program Files (x86)\Iminent\WinkHandler.exe [425792 2014-03-26] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2014-01-02] (Cherished Technololgy LIMITED)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-03-29] ()
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-13] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [1151096 2011-08-18] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [488568 2011-07-20] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\ENG64.SYS [117880 2012-01-08] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\EX64.SYS [2048632 2012-01-08] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [729720 2011-08-02] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [37496 2011-08-02] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [1084536 2011-07-28] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-04-13] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [189560 2011-07-25] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [401016 2011-07-25] (Symantec Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-18] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-05 00:48 - 2014-05-05 00:49 - 00026068 _____ () C:\Users\Monica\Downloads\FRST.txt
2014-05-05 00:48 - 2014-05-05 00:48 - 00000000 ____D () C:\FRST
2014-05-05 00:47 - 2014-05-05 00:47 - 02062336 _____ (Farbar) C:\Users\Monica\Downloads\FRST64.exe
2014-05-04 01:15 - 2014-05-04 01:15 - 00499200 _____ () C:\Users\Monica\Downloads\Player_Setup.exe
2014-05-04 01:06 - 2014-05-04 01:06 - 00499184 _____ () C:\Users\Monica\Downloads\Java (1).exe
2014-05-03 09:41 - 2014-05-03 09:41 - 00001368 _____ () C:\Users\Monica\Desktop\Wyczyść rejestr za darmo!.lnk
2014-05-03 09:39 - 2014-05-03 09:39 - 00000000 ___RD () C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-03 08:40 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-03 08:39 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-03 08:39 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-03 08:39 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-02 11:21 - 2014-05-02 11:21 - 00000000 ____D () C:\Users\Monica\AppData\Local\LPT
2014-05-01 19:31 - 2014-05-02 08:53 - 00000000 ____D () C:\Users\Monica\Desktop\impreza
2014-04-30 16:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-04-30 16:07 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll
2014-04-30 16:07 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll
2014-04-30 16:07 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2014-04-30 16:07 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2014-04-30 16:06 - 2014-04-30 16:11 - 00000000 ____D () C:\AdwCleaner
2014-04-30 16:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2014-04-30 16:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2014-04-30 16:04 - 2014-04-30 16:06 - 00000000 ____D () C:\Users\Monica\Desktop\Nowy folder (2)
2014-04-30 16:04 - 2014-04-30 16:04 - 01310621 _____ () C:\Users\Monica\Downloads\adwcleaner.exe
2014-04-30 09:54 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-30 09:54 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-30 09:54 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-30 09:54 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-30 09:54 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-30 09:54 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-30 09:54 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-30 09:54 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-30 09:54 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-30 09:54 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-30 09:54 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-30 09:54 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-30 09:54 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 09:54 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-30 09:54 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-30 09:54 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-30 09:54 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-30 09:54 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-30 09:54 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-30 09:54 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-30 09:54 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-30 09:54 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-30 09:54 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-30 09:54 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-30 09:54 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-30 09:53 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-30 09:53 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-30 09:53 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-30 09:53 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-30 09:53 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-30 09:53 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-30 09:53 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-30 09:53 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-30 09:53 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-30 09:53 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-30 09:53 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-30 09:53 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-30 09:53 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-30 09:53 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-30 09:53 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-30 09:53 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-30 09:53 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-30 09:53 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-30 09:53 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-15 22:19 - 2014-04-15 22:19 - 00425617 _____ () C:\Users\Monica\Downloads\Outlook.com.zip
2014-04-15 22:15 - 2014-04-15 22:16 - 06572185 _____ () C:\Users\Monica\Downloads\KONJUNKTIV II.zip
2014-04-13 18:26 - 2014-04-13 18:26 - 02478919 _____ () C:\Users\Monica\Downloads\IMG_3310.MOV
2014-04-13 18:24 - 2014-04-13 18:24 - 01793253 _____ () C:\Users\Monica\Downloads\IMG_3317.MOV
2014-04-13 18:15 - 2014-04-13 18:15 - 00565547 _____ () C:\Users\Monica\Downloads\zalaczniki (5).zip
2014-04-13 18:13 - 2014-04-13 18:13 - 00676402 _____ () C:\Users\Monica\Downloads\zalaczniki (4).zip
2014-04-13 18:11 - 2014-04-13 18:11 - 00634585 _____ () C:\Users\Monica\Downloads\zalaczniki (3).zip
2014-04-13 18:10 - 2014-04-13 18:10 - 00398330 _____ () C:\Users\Monica\Downloads\zalaczniki (2).zip
2014-04-13 18:09 - 2014-04-13 18:09 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki (1).zip
2014-04-13 18:07 - 2014-04-13 18:07 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki.zip
2014-04-11 10:53 - 2014-05-02 16:02 - 00000000 ____D () C:\Users\Monica\Desktop\INCO pics
2014-04-10 15:18 - 2014-04-10 15:18 - 00000000 _____ () C:\Users\Monica\Downloads\pictures (1).zip
2014-04-10 15:17 - 2014-04-10 15:17 - 00000000 _____ () C:\Users\Monica\Downloads\pictures.zip
2014-04-09 23:40 - 2014-04-09 23:40 - 00993712 _____ () C:\Users\Monica\Downloads\setup (4).exe
2014-04-09 23:15 - 2014-04-09 23:15 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Optimizer Elite Max
2014-04-09 23:12 - 2014-04-30 10:19 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-09 23:12 - 2014-04-09 23:12 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\SupTab
2014-04-09 23:12 - 2014-04-09 23:12 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-09 23:11 - 2014-04-10 08:55 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Activeris
2014-04-09 23:10 - 2014-05-04 11:00 - 00000302 _____ () C:\windows\Tasks\PCHelpers_period.job
2014-04-09 23:10 - 2014-04-10 01:08 - 00000302 _____ () C:\windows\Tasks\PCHelpers1st.job
2014-04-09 23:10 - 2014-04-09 23:15 - 00002880 _____ () C:\windows\System32\Tasks\PCHelpers_period
2014-04-09 23:10 - 2014-04-09 23:10 - 00002690 _____ () C:\windows\System32\Tasks\PCHelpers1st
2014-04-09 23:08 - 2014-04-09 23:08 - 00441744 _____ () C:\Users\Monica\Downloads\Java.exe
2014-04-09 22:49 - 2014-04-09 22:50 - 00993712 _____ () C:\Users\Monica\Downloads\setup (3).exe
2014-04-09 17:27 - 2014-04-09 17:27 - 00993712 _____ () C:\Users\Monica\Downloads\setup (2).exe
2014-04-09 00:33 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 00:33 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 00:33 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 00:33 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 00:33 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 00:33 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 00:33 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 00:33 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 00:33 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 00:33 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 00:33 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 00:33 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 00:33 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-05 00:49 - 2014-05-05 00:48 - 00026068 _____ () C:\Users\Monica\Downloads\FRST.txt
2014-05-05 00:48 - 2014-05-05 00:48 - 00000000 ____D () C:\FRST
2014-05-05 00:47 - 2014-05-05 00:47 - 02062336 _____ (Farbar) C:\Users\Monica\Downloads\FRST64.exe
2014-05-05 00:39 - 2013-10-20 22:00 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Skype
2014-05-05 00:39 - 2013-10-16 14:50 - 00001048 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-05 00:34 - 2012-04-13 21:44 - 02027630 _____ () C:\windows\WindowsUpdate.log
2014-05-05 00:32 - 2014-04-04 16:32 - 00000280 _____ () C:\windows\Tasks\SpeedUpMyPC Maintenance.job
2014-05-05 00:16 - 2013-11-04 23:20 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-05 00:16 - 2013-11-04 23:16 - 00000296 _____ () C:\windows\Tasks\MetaCrawler.job
2014-05-05 00:03 - 2014-02-16 18:03 - 00000296 _____ () C:\windows\Tasks\Digital Sites.job
2014-05-05 00:03 - 2013-10-21 00:03 - 00000061 _____ () C:\Users\Monica\AppData\Roaming\WB.CFG
2014-05-05 00:03 - 2013-10-20 23:03 - 00000296 _____ () C:\windows\Tasks\DigitalSite.job
2014-05-04 23:40 - 2013-10-16 14:50 - 00001044 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-04 23:31 - 2014-04-04 16:32 - 00002182 _____ () C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job
2014-05-04 23:31 - 2014-04-04 16:32 - 00001512 _____ () C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job
2014-05-04 23:31 - 2014-04-04 16:32 - 00001422 _____ () C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1.job
2014-05-04 23:31 - 2014-04-04 16:32 - 00001408 _____ () C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job
2014-05-04 23:31 - 2014-04-04 16:31 - 00003128 _____ () C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job
2014-05-04 23:31 - 2013-11-04 23:21 - 00042220 _____ () C:\Users\Monica\daemonprocess.txt
2014-05-04 18:08 - 2012-04-13 05:49 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-05-04 17:53 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 17:53 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 15:16 - 2014-02-04 22:44 - 00000000 ____D () C:\Users\Monica\Documents\Youcam
2014-05-04 15:02 - 2014-03-29 15:52 - 00000286 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-05-04 15:01 - 2014-03-29 15:52 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-05-04 15:01 - 2014-03-29 15:52 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\System Speedup
2014-05-04 11:46 - 2009-07-14 06:51 - 00056826 _____ () C:\windows\setupact.log
2014-05-04 11:00 - 2014-04-09 23:10 - 00000302 _____ () C:\windows\Tasks\PCHelpers_period.job
2014-05-04 01:15 - 2014-05-04 01:15 - 00499200 _____ () C:\Users\Monica\Downloads\Player_Setup.exe
2014-05-04 01:06 - 2014-05-04 01:06 - 00499184 _____ () C:\Users\Monica\Downloads\Java (1).exe
2014-05-03 09:43 - 2013-11-04 23:17 - 00003108 _____ () C:\windows\System32\Tasks\RegClean Pro
2014-05-03 09:41 - 2014-05-03 09:41 - 00001368 _____ () C:\Users\Monica\Desktop\Wyczyść rejestr za darmo!.lnk
2014-05-03 09:39 - 2014-05-03 09:39 - 00000000 ___RD () C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-03 09:39 - 2014-04-04 16:32 - 00000274 _____ () C:\windows\Tasks\SpeedUpMyPC Startup.job
2014-05-03 09:39 - 2012-04-13 05:49 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-03 08:58 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-02 16:02 - 2014-04-11 10:53 - 00000000 ____D () C:\Users\Monica\Desktop\INCO pics
2014-05-02 11:22 - 2012-12-31 04:06 - 00000000 ____D () C:\Users\Monica\AppData\Local\VirtualStore
2014-05-02 11:21 - 2014-05-02 11:21 - 00000000 ____D () C:\Users\Monica\AppData\Local\LPT
2014-05-02 11:21 - 2014-04-04 16:33 - 00000000 ____D () C:\Users\Monica\AppData\Local\Smartbar
2014-05-02 08:53 - 2014-05-01 19:31 - 00000000 ____D () C:\Users\Monica\Desktop\impreza
2014-04-30 16:11 - 2014-04-30 16:06 - 00000000 ____D () C:\AdwCleaner
2014-04-30 16:08 - 2012-04-13 06:43 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-30 16:06 - 2014-04-30 16:04 - 00000000 ____D () C:\Users\Monica\Desktop\Nowy folder (2)
2014-04-30 16:06 - 2012-04-13 06:40 - 00000909 _____ () C:\windows\DirectX.log
2014-04-30 16:04 - 2014-04-30 16:04 - 01310621 _____ () C:\Users\Monica\Downloads\adwcleaner.exe
2014-04-30 14:52 - 2014-03-29 15:52 - 00000294 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-04-30 10:19 - 2014-04-09 23:12 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-30 10:16 - 2010-11-21 05:47 - 00123972 _____ () C:\windows\PFRO.log
2014-04-30 10:14 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-30 10:12 - 2013-10-07 21:15 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\SoftGrid Client
2014-04-29 20:45 - 2013-10-16 14:51 - 00002407 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 16:01 - 2014-05-03 08:40 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-03 08:39 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 08:39 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 08:39 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-15 22:19 - 2014-04-15 22:19 - 00425617 _____ () C:\Users\Monica\Downloads\Outlook.com.zip
2014-04-15 22:16 - 2014-04-15 22:15 - 06572185 _____ () C:\Users\Monica\Downloads\KONJUNKTIV II.zip
2014-04-13 18:26 - 2014-04-13 18:26 - 02478919 _____ () C:\Users\Monica\Downloads\IMG_3310.MOV
2014-04-13 18:24 - 2014-04-13 18:24 - 01793253 _____ () C:\Users\Monica\Downloads\IMG_3317.MOV
2014-04-13 18:15 - 2014-04-13 18:15 - 00565547 _____ () C:\Users\Monica\Downloads\zalaczniki (5).zip
2014-04-13 18:13 - 2014-04-13 18:13 - 00676402 _____ () C:\Users\Monica\Downloads\zalaczniki (4).zip
2014-04-13 18:11 - 2014-04-13 18:11 - 00634585 _____ () C:\Users\Monica\Downloads\zalaczniki (3).zip
2014-04-13 18:10 - 2014-04-13 18:10 - 00398330 _____ () C:\Users\Monica\Downloads\zalaczniki (2).zip
2014-04-13 18:09 - 2014-04-13 18:09 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki (1).zip
2014-04-13 18:07 - 2014-04-13 18:07 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki.zip
2014-04-12 23:18 - 2014-03-20 21:44 - 00000000 ____D () C:\Users\Monica\AppData\Local\CrashDumps
2014-04-11 10:54 - 2014-03-30 18:37 - 00000000 ____D () C:\Users\Monica\Desktop\Pics with Jenn
2014-04-11 10:54 - 2014-03-28 15:19 - 00000000 ____D () C:\Users\Monica\Desktop\zdj au pair
2014-04-10 15:18 - 2014-04-10 15:18 - 00000000 _____ () C:\Users\Monica\Downloads\pictures (1).zip
2014-04-10 15:17 - 2014-04-10 15:17 - 00000000 _____ () C:\Users\Monica\Downloads\pictures.zip
2014-04-10 09:06 - 2013-10-26 07:41 - 00000000 ____D () C:\Users\Monica\Desktop\Dokumenty
2014-04-10 08:58 - 2012-12-31 04:13 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 08:55 - 2014-04-09 23:11 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Activeris
2014-04-10 08:47 - 2014-04-04 16:36 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-04-10 01:08 - 2014-04-09 23:10 - 00000302 _____ () C:\windows\Tasks\PCHelpers1st.job
2014-04-09 23:40 - 2014-04-09 23:40 - 00993712 _____ () C:\Users\Monica\Downloads\setup (4).exe
2014-04-09 23:15 - 2014-04-09 23:15 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Optimizer Elite Max
2014-04-09 23:15 - 2014-04-09 23:10 - 00002880 _____ () C:\windows\System32\Tasks\PCHelpers_period
2014-04-09 23:12 - 2014-04-09 23:12 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\SupTab
2014-04-09 23:12 - 2014-04-09 23:12 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-09 23:10 - 2014-04-09 23:10 - 00002690 _____ () C:\windows\System32\Tasks\PCHelpers1st
2014-04-09 23:08 - 2014-04-09 23:08 - 00441744 _____ () C:\Users\Monica\Downloads\Java.exe
2014-04-09 22:50 - 2014-04-09 22:49 - 00993712 _____ () C:\Users\Monica\Downloads\setup (3).exe
2014-04-09 17:27 - 2014-04-09 17:27 - 00993712 _____ () C:\Users\Monica\Downloads\setup (2).exe
2014-04-09 03:31 - 2012-04-13 05:48 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-08 12:44 - 2014-03-29 15:50 - 00000000 ____D () C:\Users\Monica\AppData\Local\Lollipop
2014-04-08 10:07 - 2013-10-16 13:40 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\BabSolution
2014-04-06 20:33 - 2014-04-04 15:47 - 98978592 _____ () C:\Users\Monica\Desktop\MVI_1188.MOV
2014-04-05 16:14 - 2012-04-13 21:27 - 00738700 _____ () C:\windows\system32\perfh00A.dat
2014-04-05 16:14 - 2012-04-13 21:27 - 00158964 _____ () C:\windows\system32\perfc00A.dat
2014-04-05 16:14 - 2012-04-13 21:21 - 00722262 _____ () C:\windows\system32\prfh0816.dat
2014-04-05 16:14 - 2012-04-13 21:21 - 00153396 _____ () C:\windows\system32\prfc0816.dat
2014-04-05 16:14 - 2012-04-13 21:16 - 00741788 _____ () C:\windows\system32\perfh015.dat
2014-04-05 16:14 - 2012-04-13 21:16 - 00156512 _____ () C:\windows\system32\perfc015.dat
2014-04-05 16:14 - 2009-07-14 07:13 - 03446070 _____ () C:\windows\system32\PerfStringBackup.INI
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-22 21:07
==================== End Of Log ============================
Und hier die Addition.txt : Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-05-2014
Ran by Monica at 2014-05-05 00:50:18
Running from C:\Users\Monica\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.122 - Atheros)
Codec Package Packages (HKCU\...\Codec Package Packages) (Version: - ) <==== ATTENTION
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.20 - Samsung Electronics Co., Ltd.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA Control Panel 296.01 (Version: 296.01 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 296.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.01 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Shopping Helper Smartbar (HKLM-x32\...\{96F1EBE2-6BF6-44E8-84AC-DB577BAD1DD5}) (Version: 11.49.63.16848 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{cbc82837-3088-4da9-a40f-f72aa8be3d21}) (Version: 11.49.63.16848 - ReSoft Ltd.) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.40.0 - Synaptics Incorporated)
Update for Codec Package (HKCU\...\DigitalSite) (Version: - ) <==== ATTENTION
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤 (HKLM-x32\...\{61920449-0393-4707-B7DD-E6C0013C8B2C}) (Version: 15.4.5722.2 - Microsoft Corporation)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Restore Points =========================
25-03-2014 14:00:54 Installed Vodafone Mobile Connect Lite.
29-03-2014 14:05:57 Installed Nitro Reader 3
04-04-2014 14:31:09 Uniblue SpeedUpMyPC installation
09-04-2014 01:00:16 Windows Update
30-04-2014 07:53:06 Instalator modułów systemu Windows
30-04-2014 14:04:26 Windows Live Essentials
30-04-2014 14:05:54 Zainstalowany program DirectX
30-04-2014 14:06:32 Zainstalowany program DirectX
30-04-2014 14:07:21 WLSetup
03-05-2014 06:38:56 Instalator modułów systemu Windows
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1073AC40-3F2C-4DF1-A77A-698AC159BE5C} - System32\Tasks\PCHelpers1st => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: {1819D424-432F-49A3-A44A-13D403BBC65B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe [2011-08-11] (Symantec Corporation)
Task: {1E1677E3-5082-4A0E-8868-65CD29B96633} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-28] (SEC)
Task: {3B110628-9343-4CA2-A456-D8E1B08392B1} - System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3 => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.exe [2014-04-04] (Freeven) <==== ATTENTION
Task: {42548BD0-D39C-4EBD-BB06-54A340138F83} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-24] (Uniblue Systems Limited) <==== ATTENTION
Task: {44D582AA-3031-4A20-98B5-82D6096B78E8} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {4E43214A-0556-4F57-9A4E-D3D42D8EDDBF} - System32\Tasks\PCHelpers_period => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: {53F92164-D51E-4F4B-B962-B37471C9D0B4} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {5F68257F-AE78-4289-BDDA-D386D8F95954} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-04] (Adobe Systems Incorporated)
Task: {6E4D2E05-525C-4F7C-9699-CC9CBEBF9659} - System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4 => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.exe [2014-04-04] (Freeven) <==== ATTENTION
Task: {77139C40-3E09-42D8-B4FC-6FA100934E23} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2012-02-27] (Samsung)
Task: {79B22F22-F1C9-40BB-B3F0-D5ECCB21EF93} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-01-31] (Samsung Electronics Co., Ltd.)
Task: {7B2B86E5-9918-49DC-A573-2F22A22B8A4B} - System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-04] (Freeven) <==== ATTENTION
Task: {81D4AD8C-1B36-4D66-86DC-ADB1120C5B26} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {931E2142-B286-40B6-8C5F-51C973B48D45} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {95259927-ADC4-408D-A89D-2C3046F7B4FB} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {97D5C6FA-AF9C-4A14-B324-7B74776A0119} - System32\Tasks\MetaCrawler => C:\Users\Monica\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {981C4735-9C33-471F-ADA4-0A94DB5FA3FD} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {A201C6F4-CCDE-4411-AB3D-4A4C92E686BE} - System32\Tasks\Digital Sites => C:\Users\Monica\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {A3E819B3-7ED3-446E-94E5-094464996C83} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-01-20] (Systweak Inc) <==== ATTENTION
Task: {B5E6DB60-CF77-4D9E-85FD-CB287B2DE2A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.)
Task: {BAC4C584-9A28-4EF6-A2A0-EBB0E072F2B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.)
Task: {BD61F6C0-99D6-4E59-8ABA-2A5A6DDA8B57} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {BDBC9BD1-FE94-4524-9B98-6FC50683CE37} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-03-12] (Samsung Electronics Co., Ltd.)
Task: {BFA06493-09C1-4574-849B-2CD5497DBCFF} - System32\Tasks\DigitalSite => C:\Users\Monica\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {C45D53C7-2509-45F4-8254-CEDD0D149419} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {CE441999-1D23-4105-95B7-987A555F7A33} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {D6549E1B-7ECB-43D7-9466-F26FE19C5E4E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe [2011-08-13] (Symantec Corporation)
Task: {DB4116BA-B786-4E0A-A0DC-CD3C995E44A5} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-24] (Uniblue Systems Limited) <==== ATTENTION
Task: {E1A528CF-8C72-4B3F-B4E4-B8587894E912} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {E5605451-EDFE-4B64-9FD8-D840FB1E78E6} - System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5 => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.exe [2014-04-04] (Freeven) <==== ATTENTION
Task: {E77B3EC1-941D-4913-A570-72D6AE566C34} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe [2011-08-11] (Symantec Corporation)
Task: {E85F15AA-779F-40A3-9635-0C66A5F415BA} - System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2 => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.exe [2014-04-04] (Freeven) <==== ATTENTION
Task: {E9082252-3908-4623-8CB4-0B079979D954} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.exe
Task: C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.exe
Task: C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.exe
Task: C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job => C:\Program Files (x86)\MediaPlayerplus\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.exe
Task: C:\windows\Tasks\Digital Sites.job => C:\Users\Monica\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\DigitalSite.job => C:\Users\Monica\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\MetaCrawler.job => C:\Users\Monica\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: C:\windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: C:\windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
==================== Loaded Modules (whitelisted) =============
2013-12-04 17:19 - 2013-11-18 16:32 - 01958880 _____ () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\loader.dll
2012-04-13 05:49 - 2012-02-08 04:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2014-02-09 12:41 - 2014-02-09 12:41 - 00032288 _____ () C:\Program Files (x86)\LPT\srpts.exe
2012-04-13 07:02 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-04-13 05:57 - 2012-02-13 08:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2013-11-07 13:21 - 2012-05-11 10:41 - 00274720 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF669\AssistantServices.exe
2014-03-29 15:51 - 2014-03-26 17:45 - 00425792 ____N () C:\Program Files (x86)\Iminent\WinkHandler.exe
2014-03-29 15:51 - 2014-03-29 15:51 - 00706560 _____ () C:\Program Files\003\xmkysecqun64.exe
2014-02-09 12:41 - 2014-02-09 12:41 - 00013344 _____ () C:\Program Files (x86)\LPT\srptm.exe
2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-11-04 23:21 - 2013-12-12 23:55 - 00761024 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2013-11-07 13:21 - 2011-12-27 10:26 - 00414544 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF669\CancelAutoPlay.exe
2013-11-07 13:21 - 2012-05-11 10:41 - 00156448 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF669\UIExec.exe
2012-02-15 04:22 - 2012-01-05 11:24 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2011-12-23 03:24 - 2011-12-23 03:24 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-04-12 16:10 - 2013-04-12 16:10 - 00101376 _____ () C:\Users\Monica\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe
2013-04-12 16:10 - 2013-04-12 16:10 - 00111104 _____ () C:\Users\Monica\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe
2014-04-29 11:16 - 2014-04-29 11:16 - 00023072 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-02-09 12:41 - 2014-02-09 12:41 - 00070176 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00022048 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2012-04-13 07:02 - 2009-12-01 09:21 - 00031840 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00052256 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00054304 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00152608 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00017440 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00166432 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00037408 _____ () C:\Program Files (x86)\LPT\srbu.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00014880 _____ () C:\Program Files (x86)\LPT\srpdm.dll
2014-02-09 12:41 - 2014-02-09 12:41 - 00033824 _____ () C:\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2012-04-13 05:49 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-04 16:32 - 2013-06-06 10:43 - 26034688 _____ () C:\Program Files (x86)\Uniblue\SpeedUpMyPC\libcef.dll
2014-04-04 16:32 - 2014-03-24 11:02 - 00452720 _____ () C:\Program Files (x86)\Uniblue\SpeedUpMyPC\x86\Trackerbird.py.clr4.dll
2012-04-13 05:58 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00047136 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00069152 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srau.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00165920 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 02336288 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00067104 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\spbl.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00155680 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00014368 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\siem.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00066080 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\sppsm.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00696864 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00014880 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00078880 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00027168 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-04-29 11:18 - 2014-04-29 11:18 - 00057888 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srut.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00029216 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srsbs.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00065568 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00054816 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\smti.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00031264 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srom.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00030752 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\smtu.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00039456 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\smta.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00044064 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srbu.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00024096 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\sgml.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00061984 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00021880 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srpdm.dll
2014-04-29 11:16 - 2014-04-29 11:16 - 00043552 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00035360 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00193056 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\sgmu.dll
2014-04-29 11:13 - 2014-04-29 11:13 - 00061440 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-04-29 11:17 - 2014-04-29 11:17 - 00255520 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\srns.dll
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2012-04-13 06:09 - 2012-02-08 04:00 - 00755280 _____ () C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll
2012-04-13 05:58 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-04-13 06:08 - 2011-09-08 12:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 13:15 - 2011-08-15 13:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 09:41 - 2011-08-17 09:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 06:29 - 2011-11-25 06:29 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 12:23 - 2011-08-15 12:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-11-25 06:28 - 2011-11-25 06:28 - 00484352 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2011-11-25 06:42 - 2011-11-25 06:42 - 00499976 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2011-11-25 06:26 - 2011-11-25 06:26 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 09:05 - 2011-07-19 09:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 09:04 - 2011-07-19 09:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 13:17 - 2011-08-15 13:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-29 20:45 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2014-04-29 11:16 - 2014-04-29 11:16 - 00032288 _____ () C:\Users\Monica\AppData\Local\Smartbar\Application\lrcnt.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/03/2014 09:08:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Nie można ukończyć akcji. Spróbuj wykonać ją ponownie. Jeśli problem będzie się powtarzać, skontaktuj się z Pomocą techniczną firmy Microsoft.
Error: (05/03/2014 08:59:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Nie można ukończyć akcji. Spróbuj wykonać ją ponownie. Jeśli problem będzie się powtarzać, skontaktuj się z Pomocą techniczną firmy Microsoft.
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Product registration is corrupted for {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Uninstall key is not found for product {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Product registration is corrupted for {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Uninstall key is not found for product {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Product registration is corrupted for {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC) (User: )
Description: Tylko informacje.
Uninstall key is not found for product {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:13 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
System errors:
=============
Error: (05/03/2014 08:38:48 AM) (Source: DCOM) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (04/30/2014 04:23:57 PM) (Source: Service Control Manager) (User: )
Description: Usługa Computer Backup (MyPC Backup) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
Error: (04/30/2014 03:53:56 PM) (Source: Service Control Manager) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Vodafone Mobile Connect Service.
Error: (04/30/2014 03:53:22 PM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi LPT System Updater Service z powodu następującego błędu:
%%1053
Error: (04/30/2014 03:53:22 PM) (Source: Service Control Manager) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą LPT System Updater Service.
Error: (04/30/2014 10:14:50 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (04/30/2014 09:51:57 AM) (Source: DCOM) (User: )
Description: 1053VSS{0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
Error: (04/30/2014 09:51:54 AM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi Kopiowanie woluminów w tle z powodu następującego błędu:
%%1053
Error: (04/30/2014 09:51:54 AM) (Source: Service Control Manager) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Kopiowanie woluminów w tle.
Error: (04/29/2014 05:40:46 PM) (Source: Server) (User: )
Description: Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{B0F55508-A22A-4BDB-9014-A08A48A9E65A}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera.
Microsoft Office Sessions:
=========================
Error: (05/03/2014 09:08:18 AM) (Source: CVHSVC)(User: )
Description: Nie można ukończyć akcji. Spróbuj wykonać ją ponownie. Jeśli problem będzie się powtarzać, skontaktuj się z Pomocą techniczną firmy Microsoft.
Error: (05/03/2014 08:59:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Nie można ukończyć akcji. Spróbuj wykonać ją ponownie. Jeśli problem będzie się powtarzać, skontaktuj się z Pomocą techniczną firmy Microsoft.
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:18 AM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0415-0000-0000000FF1CE}
Error: (05/03/2014 08:58:13 AM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue
==================== Memory info ===========================
Percentage of memory in use: 62%
Total physical RAM: 3875.54 MB
Available physical RAM: 1470.09 MB
Total Pagefile: 7749.26 MB
Available Pagefile: 4117.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:674.41 GB) (Free:619.26 GB) NTFS
Drive d: (TWICE_BORN) (CDROM) (Total:7.15 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: D3E1C6DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=674 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24 GB) - (Type=27)
==================== End Of Log ============================
|
|
05.05.2014, 16:42
| #4 |
| /// the machine /// TB-Ausbilder | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.05.2014, 13:14
| #5 |
| | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Nur eine Frage zum ersten Schritt! Was genau muss ich machen, wenn ich den revo Uninstaller offen habe. Wie bring ich die Ergebnisse der Addition.txt in das Programm und was muss ich dann druecken. Vielen Dank im Vorraus! Die naechsten Schritte habe ich bereits an einem anderen Computer mal gemacht, da bekomm ich hoffentlich alles hin. Gruesse Olkusz123 |
|
07.05.2014, 08:49
| #6 |
| /// the machine /// TB-Ausbilder | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Schau in die Addition.txt von FRST, dort findest Du die installierten Programme. Hinter einigen steht <=== ATTENTION, als Beispiel Programm xyz <=== ATTENTION Nun Revo öffnen, Programm xyz in der Liste suchen, auf Uninstall klicken.
__________________ --> Browserprobleme (snapdo\sweetdreams) und unbekannte Programme |
|
08.05.2014, 22:23
| #7 |
| | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme So jetzt denk ich habe ich alles zusammen: Einziger Unterschied ist das ich von Malwarebytes-Anti-Maleware zwei Dateien habe Die erste trug die Ueberschrift rootkit: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 08.05.2014 21:15:13, SYSTEM, MONICA-KOMPUTER, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Update, 08.05.2014 21:15:19, SYSTEM, MONICA-KOMPUTER, Manual, Malware Database, 2014.3.4.9, 2014.5.8.9, (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 08.05.2014 21:15:13, SYSTEM, MONICA-KOMPUTER, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Update, 08.05.2014 21:15:19, SYSTEM, MONICA-KOMPUTER, Manual, Malware Database, 2014.3.4.9, 2014.5.8.9, (end) Code:
ATTFilter # AdwCleaner v3.207 - Log utworzony 08/05/2014 o 22:39:43
# Aktualizacja 05/05/2014 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : Monica - MONICA-KOMPUTER
# Ścieżka : C:\Users\Monica\Downloads\adwcleaner.exe
# Opcja : Usuń
***** [ Usługi ] *****
[#] Usługa Usunięto : IePluginService
[#] Usługa Usunięto : LPTSystemUpdater
[#] Usługa Usunięto : Wpm
[#] Usługa Usunięto : xmkysecqun64
***** [ Pliki / Foldery ] *****
Folder Usunięto : C:\ProgramData\Babylon
Folder Usunięto : C:\ProgramData\BitGuard
Folder Usunięto : C:\ProgramData\BonanzaDealsLive
Folder Usunięto : C:\ProgramData\eSafe
Folder Usunięto : C:\ProgramData\IePluginService
Folder Usunięto : C:\ProgramData\WPM
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Usunięto : C:\Program Files (x86)\AnyProtectEx
Folder Usunięto : C:\Program Files (x86)\BonanzaDeals
Folder Usunięto : C:\Program Files (x86)\BonanzaDealsLive
Folder Usunięto : C:\Program Files (x86)\Iminent
Folder Usunięto : C:\Program Files (x86)\LPT
Folder Usunięto : C:\Program Files (x86)\MediaPlayerplus
Folder Usunięto : C:\Program Files (x86)\Mobogenie
Folder Usunięto : C:\Program Files (x86)\Optimizer Pro
Folder Usunięto : C:\Program Files (x86)\RegClean Pro
Folder Usunięto : C:\Program Files (x86)\SupTab
Folder Usunięto : C:\Program Files (x86)\System Speedup
Folder Usunięto : C:\Program Files (x86)\Uniblue
Folder Usunięto : C:\Program Files (x86)\Uninstaller
Folder Usunięto : C:\Program Files (x86)\Common Files\Umbrella
Folder Usunięto : C:\Program Files\003
Folder Usunięto : C:\Users\Monica\AppData\Local\BonanzaDealsLive
Folder Usunięto : C:\Users\Monica\AppData\Local\lollipop
Folder Usunięto : C:\Users\Monica\AppData\Local\LPT
Folder Usunięto : C:\Users\Monica\AppData\Local\Mobogenie
Folder Usunięto : C:\Users\Monica\AppData\Local\SearchProtect
Folder Usunięto : C:\Users\Monica\AppData\Local\Smartbar
Folder Usunięto : C:\Users\Monica\AppData\Local\Tuguu_SL
Folder Usunięto : C:\Users\Monica\AppData\Local\Temp\Smartbar
Folder Usunięto : C:\Users\Monica\AppData\LocalLow\Smartbar
Folder Usunięto : C:\Users\Monica\AppData\Roaming\0D0S1L2Z1P1B
Folder Usunięto : C:\Users\Monica\AppData\Roaming\Activeris
Folder Usunięto : C:\Users\Monica\AppData\Roaming\BabSolution
Folder Usunięto : C:\Users\Monica\AppData\Roaming\Babylon
Folder Usunięto : C:\Users\Monica\AppData\Roaming\digitalsite
Folder Usunięto : C:\Users\Monica\AppData\Roaming\DigitalSites
Folder Usunięto : C:\Users\Monica\AppData\Roaming\MetaCrawler
Folder Usunięto : C:\Users\Monica\AppData\Roaming\Optimizer Elite Max
Folder Usunięto : C:\Users\Monica\AppData\Roaming\Optimizer Pro
Folder Usunięto : C:\Users\Monica\AppData\Roaming\SupTab
Folder Usunięto : C:\Users\Monica\AppData\Roaming\System Speedup
Folder Usunięto : C:\Users\Monica\AppData\Roaming\Systweak
Folder Usunięto : C:\Users\Monica\AppData\Roaming\Uniblue
Folder Usunięto : C:\Users\Monica\Documents\Mobogenie
Folder Usunięto : C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Folder Usunięto : C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Plik Usunięto : C:\END
Plik Usunięto : C:\windows\SysWOW64\SecureAssist.dll
Plik Usunięto : C:\windows\System32\roboot64.exe
Plik Usunięto : C:\windows\System32\SecureAssist64.dll
Plik Usunięto : C:\Users\Monica\daemonprocess.txt
Plik Usunięto : C:\Users\Monica\AppData\Local\AnyProtectScannerSetup.exe
Plik Usunięto : C:\Users\Monica\AppData\Roaming\aps.scan.results
Plik Usunięto : C:\Users\Monica\Desktop\AnyProtect.lnk
Plik Usunięto : C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Plik Usunięto : C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
Plik Usunięto : C:\windows\Tasks\Digital Sites.job
Plik Usunięto : C:\windows\System32\Tasks\Digital Sites
Plik Usunięto : C:\windows\Tasks\MetaCrawler.job
Plik Usunięto : C:\windows\System32\Tasks\MetaCrawler
Plik Usunięto : C:\windows\Tasks\PCHelpers_period.job
Plik Usunięto : C:\windows\System32\Tasks\PCHelpers_period
Plik Usunięto : C:\windows\Tasks\PCHelpers1st.job
Plik Usunięto : C:\windows\System32\Tasks\PCHelpers1st
Plik Usunięto : C:\windows\System32\Tasks\RegClean Pro
Plik Usunięto : C:\windows\Tasks\SpeedUpMyPC Maintenance.job
Plik Usunięto : C:\windows\System32\Tasks\SpeedUpMyPC Maintenance
Plik Usunięto : C:\windows\Tasks\SpeedUpMyPC Startup.job
Plik Usunięto : C:\windows\System32\Tasks\SpeedUpMyPC Startup
Plik Usunięto : C:\windows\Tasks\System Speedup_DEFAULT.job
Plik Usunięto : C:\windows\System32\Tasks\System Speedup_DEFAULT
Plik Usunięto : C:\windows\Tasks\System Speedup_UPDATES.job
Plik Usunięto : C:\windows\System32\Tasks\System Speedup_UPDATES
Plik Usunięto : C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1.job
Plik Usunięto : C:\windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-1
Plik Usunięto : C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2.job
Plik Usunięto : C:\windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-2
Plik Usunięto : C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3.job
Plik Usunięto : C:\windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-3
Plik Usunięto : C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4.job
Plik Usunięto : C:\windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-4
Plik Usunięto : C:\windows\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5.job
Plik Usunięto : C:\windows\System32\Tasks\b8e2dbf6-f651-4529-84b2-6113f5365cc5-5
***** [ Skróty ] *****
Skrót Wyleczono : C:\Users\Public\Desktop\Google Chrome.lnk
Skrót Wyleczono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Skrót Wyleczono : C:\Users\Monica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Skrót Wyleczono : C:\Users\Monica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Skrót Wyleczono : C:\Users\Monica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Skrót Wyleczono : C:\Users\Monica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Rejestr ] *****
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\pialekdjmfmckiccfkgbbgphficjdekh
Klucz Usunięto : HKCU\Software\Classes\Applications\lollipop.exe
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wartość Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wartość Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.bho
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Klucz Usunięto : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Klucz Usunięto : HKLM\SOFTWARE\Classes\Iminent
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klucz Usunięto : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\speedupmypc
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Klucz Usunięto : HKCU\Software\5253dad0e63abe47
Klucz Usunięto : HKLM\SOFTWARE\5253dad0e63abe47
Klucz Usunięto : HKLM\SOFTWARE\Classes\CrossriderApp0054246.BHO
Klucz Usunięto : HKLM\SOFTWARE\Classes\CrossriderApp0054246.BHO.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\CrossriderApp0054246.Sandbox
Klucz Usunięto : HKLM\SOFTWARE\Classes\CrossriderApp0054246.Sandbox.1
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_free-pdf-reader_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_free-pdf-reader_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{33CB14BC-58BB-4B3A-9877-7946A3F41BAE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511421146}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{03F38765-173F-4344-B4D6-78500A46CACE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544424446}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511421146}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511421146}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}
Wartość Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Klucz Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klucz Usunięto : HKCU\Software\AnyProtect
Klucz Usunięto : HKCU\Software\BonanzaDealsLive
Klucz Usunięto : HKCU\Software\DataMngr
[#] Klucz Usunięto : HKCU\Software\DataMngr_Toolbar
Klucz Usunięto : HKCU\Software\dsiteproducts
Klucz Usunięto : HKCU\Software\Iminent
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\installedbrowserextensions
Klucz Usunięto : HKCU\Software\lollipop
Klucz Usunięto : HKCU\Software\Optimizer Pro
Klucz Usunięto : HKCU\Software\powerpack
Klucz Usunięto : HKCU\Software\SmartBar
Klucz Usunięto : HKCU\Software\smartbarbackup
Klucz Usunięto : HKCU\Software\smartbarlog
Klucz Usunięto : HKCU\Software\Softonic
Klucz Usunięto : HKCU\Software\System Speedup
Klucz Usunięto : HKCU\Software\systweak
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Crossrider
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Lyrmix
Klucz Usunięto : HKCU\Software\AppDataLow\Software\MediaPlayerplus
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Rr Savings
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Supra Savings
Klucz Usunięto : HKLM\Software\BonanzaDealsLive
Klucz Usunięto : HKLM\Software\DataMngr
Klucz Usunięto : HKLM\Software\IePlugin
Klucz Usunięto : HKLM\Software\Iminent
Klucz Usunięto : HKLM\Software\installedbrowserextensions
Klucz Usunięto : HKLM\Software\MediaPlayerplus
Klucz Usunięto : HKLM\Software\qone8Software
Klucz Usunięto : HKLM\Software\suprasavings
Klucz Usunięto : HKLM\Software\supTab
Klucz Usunięto : HKLM\Software\supWPM
Klucz Usunięto : HKLM\Software\sweet-pageSoftware
Klucz Usunięto : HKLM\Software\System Speedup
Klucz Usunięto : HKLM\Software\systweak
Klucz Usunięto : HKLM\Software\Umbrella
Klucz Usunięto : HKLM\Software\Uniblue
Klucz Usunięto : HKLM\Software\Wpm
Klucz Usunięto : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Klucz Usunięto : [x64] HKLM\SOFTWARE\installedbrowserextensions
Klucz Usunięto : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Klucz Usunięto : [x64] HKLM\SOFTWARE\suprasavings
Dane Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Dane Usunięto : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
***** [ Przeglądarki internetowe ] *****
-\\ Internet Explorer v11.0.9600.17041
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Ustawienie Przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Ustawienie Przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Ustawienie Przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Ustawienie Przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v34.0.1847.131
[ Plik : C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Usunięto [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&publisher=outbrowse&country=us&feedid=infospace&st=an&dpid=us&lan=pl&start=1
Usunięto [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Usunięto [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
*************************
AdwCleaner[R0].txt - [26788 octets] - [30/04/2014 16:06:26]
AdwCleaner[R1].txt - [27016 octets] - [08/05/2014 22:30:43]
AdwCleaner[S0].txt - [20803 octets] - [08/05/2014 22:39:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20864 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Monica on 08.05.2014 at 22:49:27,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2104657585-1371390912-4140370265-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511311166}
~~~ Files
Successfully deleted: [File] "C:\Users\Monica\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Monica\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Monica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
Successfully deleted: [File] C:\windows\syswow64\shoDF86.tmp
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Monica\appdata\local\{4CAADB8D-8B96-4A17-BB68-204C5CFA4599}
Successfully deleted: [Empty Folder] C:\Users\Monica\appdata\local\{9B43C5C0-746B-4110-9F52-550415EF6E58}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.05.2014 at 23:06:39,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
...und zuletzt die von FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-05-2014 02
Ran by Monica (administrator) on MONICA-KOMPUTER on 08-05-2014 23:10:55
Running from C:\Users\Monica\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Cyfrowy Polsat\MF669\AssistantServices.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\Cyfrowy Polsat\MF669\CancelAutoPlay.exe
() C:\Program Files (x86)\Cyfrowy Polsat\MF669\UIExec.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Monica\Desktop\FRST64 (1).exe
(Farbar) C:\Users\Monica\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12460136 2012-04-25] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020064 2012-02-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-13] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2012-01-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AnyProtect] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
HKLM-x32\...\Run: [CancelAutoPlay] => C:\Program Files (x86)\Cyfrowy Polsat\MF669\CancelAutoPlay.exe [414544 2011-12-27] ()
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Cyfrowy Polsat\MF669\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2499584 2010-03-25] (Vodafone)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1001\...\MountPoints2: {196fd54b-8521-11e1-8475-806e6f6e6963} - D:\SecSWMgrGuide.exe
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [GoogleChromeAutoLaunch_DF1279495D2E2A9E6F7652FD6CA5A9CD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-10-16] (Google Inc.)
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\MountPoints2: {0dfe2ea7-439b-11e3-a25f-e8039afae5b6} - E:\Windows/Autorun.exe
HKU\S-1-5-21-2104657585-1371390912-4140370265-1002\...\MountPoints2: {2bc035dd-b332-11e3-bd1c-e8039afae5b6} - E:\setup_vmc_lite.exe /checkApplicationPresence
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-02-25] (NVIDIA Corporation)
AppInit_DLLs-x32: 0 => "0" File Not Found
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ []
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Norton Identity Protection) - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-20]
CHR Extension: (Google Wallet) - C:\Users\Monica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\Extensions\Chrome.crx [2012-04-13]
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 UI Assistant Service; C:\Program Files (x86)\Cyfrowy Polsat\MF669\AssistantServices.exe [274720 2012-05-11] ()
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2010-03-25] (Vodafone)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-13] (Atheros)
S2 WinkHandler; C:\Program Files (x86)\Iminent\WinkHandler.exe [X]
==================== Drivers (Whitelisted) ====================
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [1151096 2011-08-18] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [488568 2011-07-20] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\ENG64.SYS [117880 2012-01-08] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120109.002\EX64.SYS [2048632 2012-01-08] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [729720 2011-08-02] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [37496 2011-08-02] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [1084536 2011-07-28] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-04-13] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [189560 2011-07-25] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [401016 2011-07-25] (Symantec Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-18] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-08 23:10 - 2014-05-08 23:10 - 00016710 _____ () C:\Users\Monica\Desktop\FRST.txt
2014-05-08 23:09 - 2014-05-08 23:09 - 02063872 _____ (Farbar) C:\Users\Monica\Desktop\FRST64 (1).exe
2014-05-08 23:06 - 2014-05-08 23:06 - 00001664 _____ () C:\Users\Monica\Desktop\JRT.txt
2014-05-08 22:49 - 2014-05-08 22:49 - 00000000 ____D () C:\windows\ERUNT
2014-05-08 22:46 - 2014-05-08 22:46 - 00000000 ___RD () C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-08 21:29 - 2014-05-08 21:30 - 00000000 ____D () C:\Users\Monica\Desktop\Nowy folder (3)
2014-05-08 21:15 - 2014-05-08 22:20 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-08 21:13 - 2014-05-08 21:13 - 00994176 _____ () C:\Users\Monica\Downloads\Niepotwierdzony 762544.crdownload
2014-05-08 21:13 - 2014-05-08 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-08 21:13 - 2014-05-08 21:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-08 21:13 - 2014-05-08 21:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-08 21:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-08 21:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-08 21:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-08 21:07 - 2014-05-08 21:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Monica\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-08 20:25 - 2014-05-08 20:26 - 00994176 _____ () C:\Users\Monica\Downloads\setup (13).exe
2014-05-08 20:22 - 2014-05-08 20:22 - 00994176 _____ () C:\Users\Monica\Downloads\setup (12).exe
2014-05-08 10:33 - 2014-05-08 10:33 - 00614528 _____ () C:\Users\Monica\Downloads\Setup (11).exe
2014-05-08 10:27 - 2014-05-08 10:27 - 00614528 _____ () C:\Users\Monica\Downloads\Setup (10).exe
2014-05-08 10:17 - 2014-05-08 10:17 - 00994160 _____ () C:\Users\Monica\Downloads\setup (9).exe
2014-05-08 10:17 - 2014-05-08 10:17 - 00994160 _____ () C:\Users\Monica\Downloads\setup (8).exe
2014-05-08 07:52 - 2014-05-08 07:52 - 00614536 _____ () C:\Users\Monica\Downloads\Player Setup (1).exe
2014-05-07 12:12 - 2014-05-07 12:12 - 00614536 _____ () C:\Users\Monica\Downloads\Player Setup.exe
2014-05-07 10:28 - 2014-05-07 10:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-06 14:08 - 2014-05-06 14:08 - 00821376 _____ () C:\Users\Monica\Downloads\Setup (7).exe
2014-05-06 14:05 - 2014-05-06 14:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-06 14:03 - 2014-05-06 14:03 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Monica\Downloads\revosetup95.exe
2014-05-06 13:59 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-06 13:59 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-05 19:54 - 2014-05-05 19:54 - 00991848 _____ () C:\Users\Monica\Downloads\setup (6).exe
2014-05-05 19:51 - 2014-05-05 19:51 - 00821376 _____ () C:\Users\Monica\Downloads\Setup (5).exe
2014-05-05 00:55 - 2014-05-08 23:10 - 00000000 ____D () C:\Users\Monica\Desktop\Virus
2014-05-05 00:50 - 2014-05-05 00:51 - 00038498 _____ () C:\Users\Monica\Downloads\Addition.txt
2014-05-05 00:48 - 2014-05-08 23:10 - 00000000 ____D () C:\FRST
2014-05-05 00:48 - 2014-05-05 00:51 - 00048339 _____ () C:\Users\Monica\Downloads\FRST.txt
2014-05-05 00:47 - 2014-05-05 00:47 - 02062336 _____ (Farbar) C:\Users\Monica\Downloads\FRST64.exe
2014-05-04 01:15 - 2014-05-04 01:15 - 00499200 _____ () C:\Users\Monica\Downloads\Player_Setup.exe
2014-05-04 01:06 - 2014-05-04 01:06 - 00499184 _____ () C:\Users\Monica\Downloads\Java (1).exe
2014-05-03 09:41 - 2014-05-03 09:41 - 00001368 _____ () C:\Users\Monica\Desktop\Wyczyść rejestr za darmo!.lnk
2014-05-03 08:40 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-03 08:39 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-03 08:39 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-03 08:39 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-30 16:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-04-30 16:07 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll
2014-04-30 16:07 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll
2014-04-30 16:07 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2014-04-30 16:07 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2014-04-30 16:06 - 2014-05-08 22:44 - 00000000 ____D () C:\AdwCleaner
2014-04-30 16:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2014-04-30 16:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2014-04-30 16:04 - 2014-04-30 16:06 - 00000000 ____D () C:\Users\Monica\Desktop\Nowy folder (2)
2014-04-30 09:54 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-30 09:54 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-30 09:54 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-30 09:54 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-30 09:54 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-30 09:54 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-30 09:54 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-30 09:54 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-30 09:54 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-30 09:54 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-30 09:54 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-30 09:54 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-30 09:54 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 09:54 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-30 09:54 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-30 09:54 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-30 09:54 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-30 09:54 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-30 09:54 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-30 09:54 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-30 09:54 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-30 09:54 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-30 09:54 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-30 09:54 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-30 09:54 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-30 09:53 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-30 09:53 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-30 09:53 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-30 09:53 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-30 09:53 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-30 09:53 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-30 09:53 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-30 09:53 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-30 09:53 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-30 09:53 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-30 09:53 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-30 09:53 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-30 09:53 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-30 09:53 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-30 09:53 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-30 09:53 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-30 09:53 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-30 09:53 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-30 09:53 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-15 22:19 - 2014-04-15 22:19 - 00425617 _____ () C:\Users\Monica\Downloads\Outlook.com.zip
2014-04-15 22:15 - 2014-04-15 22:16 - 06572185 _____ () C:\Users\Monica\Downloads\KONJUNKTIV II.zip
2014-04-13 18:26 - 2014-04-13 18:26 - 02478919 _____ () C:\Users\Monica\Downloads\IMG_3310.MOV
2014-04-13 18:24 - 2014-04-13 18:24 - 01793253 _____ () C:\Users\Monica\Downloads\IMG_3317.MOV
2014-04-13 18:15 - 2014-04-13 18:15 - 00565547 _____ () C:\Users\Monica\Downloads\zalaczniki (5).zip
2014-04-13 18:13 - 2014-04-13 18:13 - 00676402 _____ () C:\Users\Monica\Downloads\zalaczniki (4).zip
2014-04-13 18:11 - 2014-04-13 18:11 - 00634585 _____ () C:\Users\Monica\Downloads\zalaczniki (3).zip
2014-04-13 18:10 - 2014-04-13 18:10 - 00398330 _____ () C:\Users\Monica\Downloads\zalaczniki (2).zip
2014-04-13 18:09 - 2014-04-13 18:09 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki (1).zip
2014-04-13 18:07 - 2014-04-13 18:07 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki.zip
2014-04-10 15:18 - 2014-04-10 15:18 - 00000000 _____ () C:\Users\Monica\Downloads\pictures (1).zip
2014-04-10 15:17 - 2014-04-10 15:17 - 00000000 _____ () C:\Users\Monica\Downloads\pictures.zip
2014-04-09 23:40 - 2014-04-09 23:40 - 00993712 _____ () C:\Users\Monica\Downloads\setup (4).exe
2014-04-09 23:08 - 2014-04-09 23:08 - 00441744 _____ () C:\Users\Monica\Downloads\Java.exe
2014-04-09 22:49 - 2014-04-09 22:50 - 00993712 _____ () C:\Users\Monica\Downloads\setup (3).exe
2014-04-09 17:27 - 2014-04-09 17:27 - 00993712 _____ () C:\Users\Monica\Downloads\setup (2).exe
2014-04-09 00:33 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 00:33 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 00:33 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 00:33 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 00:33 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 00:33 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 00:33 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 00:33 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 00:33 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 00:33 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 00:33 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 00:33 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 00:33 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 00:33 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-08 23:11 - 2014-05-08 23:10 - 00016710 _____ () C:\Users\Monica\Desktop\FRST.txt
2014-05-08 23:10 - 2014-05-05 00:55 - 00000000 ____D () C:\Users\Monica\Desktop\Virus
2014-05-08 23:10 - 2014-05-05 00:48 - 00000000 ____D () C:\FRST
2014-05-08 23:09 - 2014-05-08 23:09 - 02063872 _____ (Farbar) C:\Users\Monica\Desktop\FRST64 (1).exe
2014-05-08 23:06 - 2014-05-08 23:06 - 00001664 _____ () C:\Users\Monica\Desktop\JRT.txt
2014-05-08 22:54 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 22:54 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 22:49 - 2014-05-08 22:49 - 00000000 ____D () C:\windows\ERUNT
2014-05-08 22:46 - 2014-05-08 22:46 - 00000000 ___RD () C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-08 22:46 - 2013-10-16 14:50 - 00001044 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-08 22:46 - 2012-04-13 05:49 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-08 22:45 - 2012-04-13 21:44 - 01119776 _____ () C:\windows\WindowsUpdate.log
2014-05-08 22:45 - 2010-11-21 05:47 - 00126516 _____ () C:\windows\PFRO.log
2014-05-08 22:45 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-08 22:45 - 2009-07-14 06:51 - 00057162 _____ () C:\windows\setupact.log
2014-05-08 22:44 - 2014-04-30 16:06 - 00000000 ____D () C:\AdwCleaner
2014-05-08 22:41 - 2013-10-16 14:50 - 00001048 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-08 22:40 - 2013-10-16 14:51 - 00001296 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-08 22:40 - 2013-10-16 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-08 22:40 - 2012-12-31 04:06 - 00000000 ____D () C:\Users\Monica
2014-05-08 22:30 - 2013-10-20 22:00 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Skype
2014-05-08 22:20 - 2014-05-08 21:15 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-08 22:16 - 2013-11-04 23:20 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 21:30 - 2014-05-08 21:29 - 00000000 ____D () C:\Users\Monica\Desktop\Nowy folder (3)
2014-05-08 21:13 - 2014-05-08 21:13 - 00994176 _____ () C:\Users\Monica\Downloads\Niepotwierdzony 762544.crdownload
2014-05-08 21:13 - 2014-05-08 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-08 21:13 - 2014-05-08 21:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-08 21:13 - 2014-05-08 21:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-08 21:07 - 2014-05-08 21:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Monica\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-08 20:26 - 2014-05-08 20:25 - 00994176 _____ () C:\Users\Monica\Downloads\setup (13).exe
2014-05-08 20:22 - 2014-05-08 20:22 - 00994176 _____ () C:\Users\Monica\Downloads\setup (12).exe
2014-05-08 20:19 - 2012-04-13 05:49 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-05-08 15:12 - 2014-03-29 15:52 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-05-08 10:33 - 2014-05-08 10:33 - 00614528 _____ () C:\Users\Monica\Downloads\Setup (11).exe
2014-05-08 10:27 - 2014-05-08 10:27 - 00614528 _____ () C:\Users\Monica\Downloads\Setup (10).exe
2014-05-08 10:17 - 2014-05-08 10:17 - 00994160 _____ () C:\Users\Monica\Downloads\setup (9).exe
2014-05-08 10:17 - 2014-05-08 10:17 - 00994160 _____ () C:\Users\Monica\Downloads\setup (8).exe
2014-05-08 09:37 - 2013-10-21 00:03 - 00000066 _____ () C:\Users\Monica\AppData\Roaming\WB.CFG
2014-05-08 08:41 - 2014-02-04 22:44 - 00000000 ____D () C:\Users\Monica\Documents\Youcam
2014-05-08 07:52 - 2014-05-08 07:52 - 00614536 _____ () C:\Users\Monica\Downloads\Player Setup (1).exe
2014-05-07 22:36 - 2013-10-16 14:50 - 00004044 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 22:36 - 2013-10-16 14:50 - 00003792 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 12:12 - 2014-05-07 12:12 - 00614536 _____ () C:\Users\Monica\Downloads\Player Setup.exe
2014-05-07 10:28 - 2014-05-07 10:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-06 14:08 - 2014-05-06 14:08 - 00821376 _____ () C:\Users\Monica\Downloads\Setup (7).exe
2014-05-06 14:05 - 2014-05-06 14:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-06 14:03 - 2014-05-06 14:03 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Monica\Downloads\revosetup95.exe
2014-05-06 11:11 - 2012-12-31 04:07 - 00000000 ____D () C:\Users\Monica\Documents\Bluetooth Folder
2014-05-05 19:54 - 2014-05-05 19:54 - 00991848 _____ () C:\Users\Monica\Downloads\setup (6).exe
2014-05-05 19:51 - 2014-05-05 19:51 - 00821376 _____ () C:\Users\Monica\Downloads\Setup (5).exe
2014-05-05 00:51 - 2014-05-05 00:50 - 00038498 _____ () C:\Users\Monica\Downloads\Addition.txt
2014-05-05 00:51 - 2014-05-05 00:48 - 00048339 _____ () C:\Users\Monica\Downloads\FRST.txt
2014-05-05 00:47 - 2014-05-05 00:47 - 02062336 _____ (Farbar) C:\Users\Monica\Downloads\FRST64.exe
2014-05-04 01:15 - 2014-05-04 01:15 - 00499200 _____ () C:\Users\Monica\Downloads\Player_Setup.exe
2014-05-04 01:06 - 2014-05-04 01:06 - 00499184 _____ () C:\Users\Monica\Downloads\Java (1).exe
2014-05-03 09:41 - 2014-05-03 09:41 - 00001368 _____ () C:\Users\Monica\Desktop\Wyczyść rejestr za darmo!.lnk
2014-05-02 11:22 - 2012-12-31 04:06 - 00000000 ____D () C:\Users\Monica\AppData\Local\VirtualStore
2014-04-30 16:08 - 2012-04-13 06:43 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-30 16:06 - 2014-04-30 16:04 - 00000000 ____D () C:\Users\Monica\Desktop\Nowy folder (2)
2014-04-30 16:06 - 2012-04-13 06:40 - 00000909 _____ () C:\windows\DirectX.log
2014-04-30 10:14 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-30 10:12 - 2013-10-07 21:15 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\SoftGrid Client
2014-04-29 16:01 - 2014-05-03 08:40 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-03 08:39 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 08:39 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 08:39 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-15 22:19 - 2014-04-15 22:19 - 00425617 _____ () C:\Users\Monica\Downloads\Outlook.com.zip
2014-04-15 22:16 - 2014-04-15 22:15 - 06572185 _____ () C:\Users\Monica\Downloads\KONJUNKTIV II.zip
2014-04-14 04:24 - 2014-05-06 13:59 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 13:59 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-04-13 18:26 - 2014-04-13 18:26 - 02478919 _____ () C:\Users\Monica\Downloads\IMG_3310.MOV
2014-04-13 18:24 - 2014-04-13 18:24 - 01793253 _____ () C:\Users\Monica\Downloads\IMG_3317.MOV
2014-04-13 18:15 - 2014-04-13 18:15 - 00565547 _____ () C:\Users\Monica\Downloads\zalaczniki (5).zip
2014-04-13 18:13 - 2014-04-13 18:13 - 00676402 _____ () C:\Users\Monica\Downloads\zalaczniki (4).zip
2014-04-13 18:11 - 2014-04-13 18:11 - 00634585 _____ () C:\Users\Monica\Downloads\zalaczniki (3).zip
2014-04-13 18:10 - 2014-04-13 18:10 - 00398330 _____ () C:\Users\Monica\Downloads\zalaczniki (2).zip
2014-04-13 18:09 - 2014-04-13 18:09 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki (1).zip
2014-04-13 18:07 - 2014-04-13 18:07 - 00905543 _____ () C:\Users\Monica\Downloads\zalaczniki.zip
2014-04-12 23:18 - 2014-03-20 21:44 - 00000000 ____D () C:\Users\Monica\AppData\Local\CrashDumps
2014-04-10 15:18 - 2014-04-10 15:18 - 00000000 _____ () C:\Users\Monica\Downloads\pictures (1).zip
2014-04-10 15:17 - 2014-04-10 15:17 - 00000000 _____ () C:\Users\Monica\Downloads\pictures.zip
2014-04-10 09:06 - 2013-10-26 07:41 - 00000000 ____D () C:\Users\Monica\Desktop\Dokumenty
2014-04-10 08:58 - 2012-12-31 04:13 - 00000000 ____D () C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-09 23:40 - 2014-04-09 23:40 - 00993712 _____ () C:\Users\Monica\Downloads\setup (4).exe
2014-04-09 23:08 - 2014-04-09 23:08 - 00441744 _____ () C:\Users\Monica\Downloads\Java.exe
2014-04-09 22:50 - 2014-04-09 22:49 - 00993712 _____ () C:\Users\Monica\Downloads\setup (3).exe
2014-04-09 17:27 - 2014-04-09 17:27 - 00993712 _____ () C:\Users\Monica\Downloads\setup (2).exe
2014-04-09 03:31 - 2012-04-13 05:48 - 00000000 ____D () C:\Program Files (x86)\Intel
Some content of TEMP:
====================
C:\Users\Monica\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-22 21:07
==================== End Of Log ============================
--- --- --- Hoffe es ist ein erster Schritt in die richtige Richtung. Vielen Dank fuer den Support. Gruesse Olkusz |
|
09.05.2014, 16:16
| #8 |
| /// the machine /// TB-Ausbilder | Browserprobleme (snapdo\sweetdreams) und unbekannte ProgrammeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.05.2014, 19:01
| #9 |
| | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Hier die Logdatei von ESET Online Scanner: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d454f6f07b460e49bfe9b2261de8e679
# engine=18228
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-12 01:57:34
# local_time=2014-05-12 03:57:34 )
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 96 17597615 162528438 0 0
# compatibility_mode=5893 16776574 100 94 17597835 151532904 0 0
# scanned=43911
# found=2
# cleaned=0
# scan_time=2677
sh=C871F2F22BE62631F3C01F91378419D32AFFA8E8 ft=1 fh=1495b2591e0e47a0 vn="Variante von Win32/SpeedingUpMyPC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=4FAB3A74998DB9D6724EA1E66505244ABE0F18CF ft=1 fh=310ddac3797b6da7 vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d454f6f07b460e49bfe9b2261de8e679
# engine=18231
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-12 05:30:50
# local_time=2014-05-12 07:30:50 )
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 96 17610411 162541234 0 0
# compatibility_mode=5893 16776574 100 94 17610631 151545700 0 0
# scanned=211967
# found=3
# cleaned=0
# scan_time=12663
sh=C871F2F22BE62631F3C01F91378419D32AFFA8E8 ft=1 fh=1495b2591e0e47a0 vn="Variante von Win32/SpeedingUpMyPC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=4FAB3A74998DB9D6724EA1E66505244ABE0F18CF ft=1 fh=310ddac3797b6da7 vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=5BF501DE9A8C9F9E3B44B2687658FC28B8BB59C9 ft=1 fh=c71c0011838c52cf vn="Variante von Win32/Injected.F Trojaner" ac=I fn="C:\Users\Monica\Downloads\pdf-download.exe"
Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
Olkusz123 |
|
13.05.2014, 15:23
| #10 |
| /// the machine /// TB-Ausbilder | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AppInit_DLLs-x32: 0 => "0" File Not Found
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.05.2014, 11:30
| #11 |
| | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme Hier die Textlog von FRST: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Monica at 2014-05-18 12:26:58 Run:1
Running from C:\Users\Monica\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
AppInit_DLLs-x32: 0 => "0" File Not Found
*****************
"0" => Value Data removed successfully.
==== End of Fixlog ====
|
|
19.05.2014, 08:36
| #12 |
| /// the machine /// TB-Ausbilder | Browserprobleme (snapdo\sweetdreams) und unbekannte Programme fertig
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Browserprobleme (snapdo\sweetdreams) und unbekannte Programme |
| andere, aufgetaucht, bekannte, browser, folgende, folgenden, mobogenie, mobogenie entfernen, nicht mehr, probleme, programm, programme, rechts, start von windows, startseite, sweet-page, sweet-page entfernen, unbekannte, wechselt, win32/adware.speedingupmypc.c, win32/injected.f, windows |
Linear-Darstellung
