| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop klickt von allein - Avast findet Trojaner/Viren (u.a. Win32:Dropper-gen [Drp])Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.06.2014, 19:44
| #1 |
| | ![Laptop klickt von allein - Avast findet Trojaner/Viren (u.a. Win32:Dropper-gen [Drp]) - Standard](images/icons/icon1.gif){kind=icon} Laptop klickt von allein - Avast findet Trojaner/Viren (u.a. Win32:Dropper-gen [Drp]) Hallo Leute, seit vorgestern macht sich mein Laptop selbstständig. Wenn ich mit der Maus über eine Schaltfläche fahre, klickt die Maus (sowohl bei der Externen als auch beim Mousepad) automatisch darauf, obwohl ich selber nicht geklickt habe. Sie springt auch des Öfteren hin und her und klickt auf alles, wo sie drüberkommt, sodass das Arbeiten nicht wirklich möglich ist. Außerdem werden im Browser (ich benutze Chrome) ständig unfreiwillig irgendwelche Websiten geöffnet. Ich habe einen Scan mit Avast durchgeführt, der mir dann verschiedene "Bedrohungen" ausgespuckt hat. Im Virencontainer liegen im Moment drei Funde: Win32:Adware-gen [Adw], Win32:Filcout-A [Adw] und Win32: Dropper-gen [Drp]. Außerdem noch eine vierte Datei, bei der jetzt aber nach erneuter Überprüfung "kein Virus" steht. Da mir Avast keine Reportdatei liefert, hier die Details zu den Funden: Code:
ATTFilter
Ursprünglicher Dateiname: 195A.tmp
Ursprünglicher Ordner: C:\Users\***\AppData\Local\Temp
Dateigröße: 1650080
Kategorie: Infizierte Dateien
Beschreibung: Win32:Adware-gen [Adw]
Ursprünglicher Dateiname: 59F.tmp
Ursprünglicher Ordner: C:\Users\***\AppData\Local\Temp
Dateigröße: 265121
Kategorie: Infizierte Dateien
Beschreibung: Win32:Filcout-A [Adw]
Ursprünglicher Dateiname: 9740.tmp
Ursprünglicher Ordner: C:\Users\***\AppData\Local\Temp
Dateigröße: 259208
Kategorie: Infizierte Dateien
Beschreibung: Win32: Dropper-gen [Drp]
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014 Ran by San (administrator) on SAN-VAIO on 03-06-2014 19:40:25 Running from C:\Users\San\Downloads Platform: Windows 7 Home Premium (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Akamai Technologies, Inc.) C:\Users\San\AppData\Local\Akamai\netsession_win.exe (Spotify Ltd) C:\Users\San\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Akamai Technologies, Inc.) C:\Users\San\AppData\Local\Akamai\netsession_win.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Dropbox, Inc.) C:\Users\San\AppData\Roaming\Dropbox\bin\Dropbox.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\nav.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\nst.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\nav.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\nst.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Sony Corporation) C:\Program Files\Sony\VCM Manager Settings\VcmMgrNotification64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-06-01] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2092400874-2498025718-3353885421-1000\...\Run: [HP Deskjet 3070 B611 series (NET)] => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.) HKU\S-1-5-21-2092400874-2498025718-3353885421-1000\...\Run: [Akamai NetSession Interface] => C:\Users\San\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-2092400874-2498025718-3353885421-1000\...\Run: [Spotify] => C:\Users\San\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-26] (Spotify Ltd) HKU\S-1-5-21-2092400874-2498025718-3353885421-1000\...\Run: [Spotify Web Helper] => C:\Users\San\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-26] (Spotify Ltd) HKU\S-1-5-21-2092400874-2498025718-3353885421-1000\...\MountPoints2: E - E:\SETUP.EXE AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File Not Found AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\San\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\San\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\San\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (No File) Startup: C:\Users\San\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd_ut StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/01/2014&type=hp1000 SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/01/2014&type=hp1000 SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/01/2014&type=hp1000 SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/01/2014&type=hp1000 BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll No File BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll No File BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coIEPlg.dll (Symantec Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll No File Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\San\AppData\Roaming\Mozilla\Firefox\Profiles\57vrcyio.default FF NewTab: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=nt&fr=linkury-tb&installDate=07/01/2014&type=hp1000&q= FF SelectedSearchEngine: Web Search FF Homepage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=hp&fr=linkury-tb&installDate=07/01/2014&type=hp1000 FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=ds&fr=linkury-tb&installDate=07/01/2014&type=hp1000&p= FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.) FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\San\AppData\Roaming\Mozilla\Firefox\Profiles\57vrcyio.default\searchplugins\searchplugins-backup FF SearchPlugin: C:\Users\San\AppData\Roaming\Mozilla\Firefox\Profiles\57vrcyio.default\searchplugins\Web Search.xml FF Extension: No Name - C:\Users\San\AppData\Roaming\Mozilla\Firefox\Profiles\57vrcyio.default\Extensions\staged [2014-01-07] FF Extension: ICQ Toolbar - C:\Users\San\AppData\Roaming\Mozilla\Firefox\Profiles\57vrcyio.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011-06-05] FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\San\AppData\Roaming\Mozilla\Firefox\Profiles\57vrcyio.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-12-30] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-03-15] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2011-05-27] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-11-06] FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2011-10-16] FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-28] FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-18] FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-03-22] FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-28] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-18] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-03-22] FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ [] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-01] Chrome: ======= CHR HomePage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=da262de0-0e99-493d-155f-1c5d157c9196&searchtype=hp&fr=linkury-tb&installDate=07/01/2014&type=hp1000 CHR StartupUrls: "hxxp://www.zeit.de/" CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Freemake np-plugin for google chrome) - C:\Users\San\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll No File CHR Plugin: (AVG Internet Security) - C:\Users\San\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Extension: (Akira Isogawa) - C:\Users\San\AppData\Local\Google\Chrome\User Data\Default\Extensions\igmggajponoffjmhekbonemlgidfgdao [2013-07-08] CHR Extension: (Google Wallet) - C:\Users\San\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09] CHR Extension: (Mehr Leistung und Videoformate fr dein HTML5 video) - C:\Users\San\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-01-19] CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\San\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-24] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-01] CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2011-10-16] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\Exts\Chrome.crx [2014-05-21] ==================== Services (Whitelisted) ================= S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-01] (AVAST Software) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [76288 2012-01-17] (Freemake) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\NAV.exe [262968 2014-05-11] (Symantec Corporation) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe [130104 2014-05-14] (Symantec Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com) ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-01] () S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. ) R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. ) S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. ) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [304720 2011-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-05] (AVG Technologies CZ, s.r.o.) R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation) R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02F\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-21] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-21] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140520.001\IDSvia64.sys [525016 2014-03-27] (Symantec Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140520.022\ENG64.SYS [126040 2014-03-21] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140520.022\EX64.SYS [2099288 2014-03-21] (Symantec Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-11-13] (Duplex Secure Ltd.) S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NAVx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-22] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-03 19:40 - 2014-06-03 19:40 - 00035113 _____ () C:\Users\San\Downloads\FRST.txt 2014-06-03 19:40 - 2014-06-03 19:40 - 00000000 ____D () C:\FRST 2014-06-03 19:27 - 2014-06-03 19:30 - 02068992 _____ (Farbar) C:\Users\San\Downloads\FRST64.exe 2014-06-03 19:13 - 2014-06-03 19:13 - 00000578 _____ () C:\Users\San\Downloads\defogger_disable.log 2014-06-03 19:13 - 2014-06-03 19:13 - 00000020 _____ () C:\Users\San\defogger_reenable 2014-06-03 19:12 - 2014-06-03 19:12 - 00050477 _____ () C:\Users\San\Downloads\Defogger.exe 2014-06-03 18:33 - 2014-06-03 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-06-03 18:33 - 2014-06-03 18:33 - 00000000 ____D () C:\Program Files\7-Zip 2014-06-03 13:24 - 2014-06-03 13:24 - 00160832 _____ () C:\Users\San\Desktop\OTL.Txt 2014-06-03 13:15 - 2014-06-03 13:15 - 00105248 _____ () C:\Users\San\Downloads\Extras.Txt 2014-06-03 13:13 - 2014-06-03 13:13 - 00160832 _____ () C:\Users\San\Downloads\OTL.Txt 2014-06-03 12:54 - 2014-06-03 12:54 - 00602112 _____ (OldTimer Tools) C:\Users\San\Downloads\OTL.exe 2014-06-03 11:25 - 2014-06-03 11:26 - 00000000 ____D () C:\Users\San\AppData\Local\{75734C31-1203-4B5E-B63F-481A77CAFE1B} 2014-06-02 19:03 - 2014-06-03 19:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-02 18:53 - 2014-06-02 18:53 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-02 18:53 - 2014-06-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-02 18:53 - 2014-06-02 18:53 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-02 18:53 - 2014-06-02 18:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-02 18:53 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-02 18:53 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-02 18:53 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-02 18:46 - 2014-06-02 18:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\San\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-01 15:21 - 2014-06-01 15:21 - 00000000 ____D () C:\Users\San\AppData\Roaming\AVAST Software 2014-06-01 15:20 - 2014-06-01 15:20 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-01 15:20 - 2014-06-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-06-01 15:19 - 2014-06-03 19:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-01 15:19 - 2014-06-01 15:19 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-06-01 15:19 - 2014-06-01 15:19 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-01 15:19 - 2014-06-01 15:19 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-01 15:19 - 2014-06-01 15:18 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401628797567 2014-06-01 15:19 - 2014-06-01 15:18 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401628797567 2014-06-01 15:19 - 2014-06-01 15:18 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-01 15:19 - 2014-06-01 15:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-01 15:19 - 2014-06-01 15:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-01 15:19 - 2014-06-01 15:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-01 15:19 - 2014-06-01 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-01 15:18 - 2014-06-01 15:18 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-01 15:18 - 2014-06-01 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-01 15:17 - 2014-06-01 15:17 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-01 15:16 - 2014-06-01 15:16 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-01 15:14 - 2014-06-01 15:15 - 94714880 _____ (AVAST Software) C:\Users\San\Downloads\avast_free_antivirus_setup_21514.exe 2014-06-01 14:47 - 2014-06-02 10:29 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-05-27 10:36 - 2014-05-27 10:36 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus 2014-05-23 13:09 - 2014-05-23 13:09 - 00000000 ____D () C:\Users\San\AppData\Local\{F42613EF-B85A-4B4B-AB83-2E7B7546A3E8} 2014-05-22 22:07 - 2014-05-23 08:43 - 01977700 _____ () C:\Users\San\Documents\The UK & Europe.pptx 2014-05-21 20:21 - 2014-05-21 20:22 - 00000000 ____D () C:\Users\San\AppData\Local\{D453A933-D570-4E2F-91DD-DB02E2B0B0D6} 2014-05-20 20:35 - 2014-05-20 20:37 - 00000000 ____D () C:\Users\San\Desktop\Musik Anne 2014-05-20 10:24 - 2014-05-20 10:24 - 00515375 _____ () C:\Users\San\Desktop\bookmarks_20.05.14.html 2014-05-20 09:49 - 2014-05-20 09:49 - 00000000 ____D () C:\Users\San\Desktop\TAEBO201405 2014-05-19 17:08 - 2014-05-19 17:08 - 00000000 ____D () C:\Users\San\Bachelorarbeit 2014-05-19 17:07 - 2014-05-19 17:08 - 00000000 ____D () C:\Users\San\Papa BDAY 2014-05-19 16:53 - 2014-05-19 16:53 - 00013747 _____ () C:\Users\San\AppData\Local\recently-used.xbel 2014-05-16 15:49 - 2014-06-02 21:43 - 00000000 ____D () C:\Users\San\AppData\Local\CrashDumps 2014-05-15 16:39 - 2014-05-15 16:39 - 00000000 ____D () C:\Users\San\AppData\Local\{E3F50A39-AFEF-4055-BA15-8BA025D83DF0} 2014-05-15 16:11 - 2014-05-15 17:33 - 00000000 ____D () C:\Users\San\Desktop\Papa BDAY 2014-05-11 18:01 - 2014-05-11 18:01 - 00000000 ____D () C:\Users\San\AppData\Local\{01EC4F04-A3DB-417C-B1D0-652B2BE45CA5} 2014-05-06 08:46 - 2014-05-06 08:46 - 00000332 _____ () C:\Users\San\Downloads\bayern3_1 (3).m3u ==================== One Month Modified Files and Folders ======= 2014-06-03 19:40 - 2014-06-03 19:40 - 00035113 _____ () C:\Users\San\Downloads\FRST.txt 2014-06-03 19:40 - 2014-06-03 19:40 - 00000000 ____D () C:\FRST 2014-06-03 19:40 - 2011-03-11 21:53 - 00000000 ____D () C:\Users\San\AppData\Local\Temp 2014-06-03 19:39 - 2011-03-18 17:07 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cbe57e4522dba8.job 2014-06-03 19:30 - 2014-06-03 19:27 - 02068992 _____ (Farbar) C:\Users\San\Downloads\FRST64.exe 2014-06-03 19:29 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-03 19:29 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-03 19:27 - 2014-06-02 19:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-03 19:24 - 2011-03-11 21:53 - 02042421 _____ () C:\Windows\WindowsUpdate.log 2014-06-03 19:23 - 2014-03-24 15:28 - 00000000 ____D () C:\Users\San\AppData\Roaming\Spotify 2014-06-03 19:20 - 2014-05-03 12:30 - 00000000 ____D () C:\Users\San\AppData\Roaming\DropboxMaster 2014-06-03 19:20 - 2013-03-15 13:48 - 00000000 ___RD () C:\Users\San\Dropbox 2014-06-03 19:20 - 2013-03-15 13:46 - 00000000 ____D () C:\Users\San\AppData\Roaming\Dropbox 2014-06-03 19:19 - 2014-06-01 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-03 19:19 - 2014-03-09 18:52 - 00000000 ____D () C:\Users\San\AppData\Roaming\Wise Care 365 2014-06-03 19:17 - 2014-04-23 10:16 - 00000418 _____ () C:\Windows\Tasks\Wise Care 365.job 2014-06-03 19:17 - 2014-03-31 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec79a5cd0a07b.job 2014-06-03 19:17 - 2011-07-12 19:04 - 07192576 ___SH () C:\Users\San\Desktop\Thumbs.db 2014-06-03 19:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-03 19:16 - 2009-07-14 06:51 - 00159975 _____ () C:\Windows\setupact.log 2014-06-03 19:15 - 2010-11-23 11:49 - 00766158 _____ () C:\Windows\PFRO.log 2014-06-03 19:13 - 2014-06-03 19:13 - 00000578 _____ () C:\Users\San\Downloads\defogger_disable.log 2014-06-03 19:13 - 2014-06-03 19:13 - 00000020 _____ () C:\Users\San\defogger_reenable 2014-06-03 19:13 - 2011-03-11 21:53 - 00000000 ____D () C:\Users\San 2014-06-03 19:12 - 2014-06-03 19:12 - 00050477 _____ () C:\Users\San\Downloads\Defogger.exe 2014-06-03 19:07 - 2013-02-27 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-03 19:07 - 2012-03-28 11:23 - 00000252 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job 2014-06-03 18:33 - 2014-06-03 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-06-03 18:33 - 2014-06-03 18:33 - 00000000 ____D () C:\Program Files\7-Zip 2014-06-03 14:48 - 2010-11-23 19:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2014-06-03 14:48 - 2010-11-23 19:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2014-06-03 14:48 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-03 13:24 - 2014-06-03 13:24 - 00160832 _____ () C:\Users\San\Desktop\OTL.Txt 2014-06-03 13:15 - 2014-06-03 13:15 - 00105248 _____ () C:\Users\San\Downloads\Extras.Txt 2014-06-03 13:13 - 2014-06-03 13:13 - 00160832 _____ () C:\Users\San\Downloads\OTL.Txt 2014-06-03 12:54 - 2014-06-03 12:54 - 00602112 _____ (OldTimer Tools) C:\Users\San\Downloads\OTL.exe 2014-06-03 11:26 - 2014-06-03 11:25 - 00000000 ____D () C:\Users\San\AppData\Local\{75734C31-1203-4B5E-B63F-481A77CAFE1B} 2014-06-03 11:21 - 2011-03-12 22:20 - 00000000 ____D () C:\Users\San\AppData\Local\Adobe 2014-06-03 11:12 - 2011-03-11 21:53 - 00197328 _____ () C:\Users\San\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-03 11:08 - 2009-07-14 06:45 - 05349960 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-03 11:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\TAPI 2014-06-03 00:32 - 2010-11-23 11:08 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-06-03 00:27 - 2011-03-11 21:57 - 00000000 ____D () C:\Users\San\AppData\Roaming\Adobe 2014-06-03 00:24 - 2011-03-20 14:25 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-06-03 00:23 - 2011-03-20 14:28 - 00000000 ____D () C:\Program Files\Adobe 2014-06-03 00:10 - 2010-11-23 11:06 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-02 22:04 - 2014-03-31 12:15 - 00000000 ____D () C:\Users\San\Desktop\Bachelorarbeit 2014-06-02 21:43 - 2014-05-16 15:49 - 00000000 ____D () C:\Users\San\AppData\Local\CrashDumps 2014-06-02 18:53 - 2014-06-02 18:53 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-02 18:53 - 2014-06-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-02 18:53 - 2014-06-02 18:53 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-02 18:53 - 2014-06-02 18:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-02 18:51 - 2014-06-02 18:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\San\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-02 12:14 - 2014-03-07 11:30 - 00002082 ____H () C:\Users\San\Documents\Default.rdp 2014-06-02 10:29 - 2014-06-01 14:47 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-06-02 10:27 - 2013-02-01 12:53 - 00000000 ____D () C:\Update 2014-06-01 15:21 - 2014-06-01 15:21 - 00000000 ____D () C:\Users\San\AppData\Roaming\AVAST Software 2014-06-01 15:20 - 2014-06-01 15:20 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-01 15:20 - 2014-06-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-06-01 15:19 - 2014-06-01 15:19 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-06-01 15:19 - 2014-06-01 15:19 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-01 15:19 - 2014-06-01 15:19 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-06-01 15:18 - 2014-06-01 15:19 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401628797567 2014-06-01 15:18 - 2014-06-01 15:19 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401628797567 2014-06-01 15:18 - 2014-06-01 15:19 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-01 15:18 - 2014-06-01 15:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-01 15:18 - 2014-06-01 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-01 15:18 - 2014-06-01 15:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-01 15:18 - 2014-06-01 15:19 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-01 15:18 - 2014-06-01 15:18 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-01 15:18 - 2014-06-01 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-01 15:17 - 2014-06-01 15:17 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-01 15:16 - 2014-06-01 15:16 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-01 15:15 - 2014-06-01 15:14 - 94714880 _____ (AVAST Software) C:\Users\San\Downloads\avast_free_antivirus_setup_21514.exe 2014-06-01 14:53 - 2010-11-23 11:06 - 00000000 ____D () C:\Program Files\Sony 2014-06-01 14:48 - 2011-03-11 22:12 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-01 14:48 - 2010-10-12 19:48 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-01 14:47 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-27 19:41 - 2014-03-24 15:32 - 00000000 ____D () C:\Users\San\AppData\Local\Spotify 2014-05-27 18:07 - 2014-02-26 14:37 - 00000000 ____D () C:\Users\San\Desktop\Praktikum 2014-05-27 10:36 - 2014-05-27 10:36 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus 2014-05-27 10:27 - 2014-03-22 15:18 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-05-27 10:27 - 2014-03-22 15:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus 2014-05-27 10:27 - 2014-03-22 15:16 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64 2014-05-24 17:47 - 2013-03-15 13:47 - 00000000 ____D () C:\Users\San\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-24 17:47 - 2011-03-11 21:55 - 00000000 ___RD () C:\Users\San\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-23 13:09 - 2014-05-23 13:09 - 00000000 ____D () C:\Users\San\AppData\Local\{F42613EF-B85A-4B4B-AB83-2E7B7546A3E8} 2014-05-23 12:06 - 2012-06-01 21:34 - 02091520 ___SH () C:\Users\San\Documents\Thumbs.db 2014-05-23 08:43 - 2014-05-22 22:07 - 01977700 _____ () C:\Users\San\Documents\The UK & Europe.pptx 2014-05-22 14:21 - 2014-03-24 14:37 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe 2014-05-22 09:56 - 2014-03-22 15:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe 2014-05-22 09:56 - 2014-03-22 15:18 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64 2014-05-22 00:01 - 2011-03-11 22:15 - 00000000 ____D () C:\Users\San\AppData\Roaming\Skype 2014-05-21 20:25 - 2012-05-18 11:52 - 02545664 ___SH () C:\Users\San\Downloads\Thumbs.db 2014-05-21 20:22 - 2014-05-21 20:21 - 00000000 ____D () C:\Users\San\AppData\Local\{D453A933-D570-4E2F-91DD-DB02E2B0B0D6} 2014-05-20 20:37 - 2014-05-20 20:35 - 00000000 ____D () C:\Users\San\Desktop\Musik Anne 2014-05-20 11:02 - 2012-01-12 17:43 - 00000000 ____D () C:\Users\San\Downloads\Musik & Video 2014-05-20 10:24 - 2014-05-20 10:24 - 00515375 _____ () C:\Users\San\Desktop\bookmarks_20.05.14.html 2014-05-20 09:49 - 2014-05-20 09:49 - 00000000 ____D () C:\Users\San\Desktop\TAEBO201405 2014-05-19 17:08 - 2014-05-19 17:08 - 00000000 ____D () C:\Users\San\Bachelorarbeit 2014-05-19 17:08 - 2014-05-19 17:07 - 00000000 ____D () C:\Users\San\Papa BDAY 2014-05-19 16:53 - 2014-05-19 16:53 - 00013747 _____ () C:\Users\San\AppData\Local\recently-used.xbel 2014-05-19 16:53 - 2013-12-20 20:27 - 00000000 ____D () C:\Users\San\AppData\Local\gtk-2.0 2014-05-19 16:53 - 2013-12-20 20:21 - 00000000 ____D () C:\Users\San\.gimp-2.8 2014-05-19 16:31 - 2013-03-15 14:59 - 00000000 ____D () C:\Users\San\Desktop\Bewerbungen 2014-05-16 16:00 - 2014-02-18 15:17 - 00000000 ____D () C:\Users\San\Desktop\E-Books 2014-05-16 15:55 - 2014-04-18 20:00 - 00000000 ____D () C:\Users\San\Desktop\Originals 2014-05-15 21:33 - 2013-08-15 19:12 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-15 18:37 - 2011-03-23 21:51 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-15 18:33 - 2011-03-15 20:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-15 17:33 - 2014-05-15 16:11 - 00000000 ____D () C:\Users\San\Desktop\Papa BDAY 2014-05-15 16:39 - 2014-05-15 16:39 - 00000000 ____D () C:\Users\San\AppData\Local\{E3F50A39-AFEF-4055-BA15-8BA025D83DF0} 2014-05-12 07:26 - 2014-06-02 18:53 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-06-02 18:53 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-06-02 18:53 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-11 18:01 - 2014-05-11 18:01 - 00000000 ____D () C:\Users\San\AppData\Local\{01EC4F04-A3DB-417C-B1D0-652B2BE45CA5} 2014-05-08 21:34 - 2014-03-31 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec79a5cd0a07b 2014-05-08 21:34 - 2011-03-18 17:07 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cbe57e4522dba8 2014-05-07 10:00 - 2014-04-23 10:16 - 00000398 _____ () C:\Windows\Tasks\Wise Turbo Checker.job 2014-05-06 08:46 - 2014-05-06 08:46 - 00000332 _____ () C:\Users\San\Downloads\bayern3_1 (3).m3u 2014-05-06 08:05 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT Files to move or delete: ==================== C:\ProgramData\PKP_DLbx.DAT C:\ProgramData\PKP_DLck.DAT C:\Users\San\Soundbooth_3_LS7.exe Some content of TEMP: ==================== C:\Users\San\AppData\Local\Temp\AudibleDM_iTunesSetup.exe C:\Users\San\AppData\Local\Temp\AutoRun.exe C:\Users\San\AppData\Local\Temp\AutoRunGUI.dll C:\Users\San\AppData\Local\Temp\avgnt.exe C:\Users\San\AppData\Local\Temp\Creative Cloud Helper.exe C:\Users\San\AppData\Local\Temp\CreativeCloudSet-Up.exe C:\Users\San\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3lt4fw.dll C:\Users\San\AppData\Local\Temp\First15.exe C:\Users\San\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\San\AppData\Local\Temp\ose00001.exe C:\Users\San\AppData\Local\Temp\SkypeSetup.exe C:\Users\San\AppData\Local\Temp\VP6Install.exe C:\Users\San\AppData\Local\Temp\VP6VFW.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2011-03-16 20:08 ==================== End Of Log ============================ |
| Themen zu Laptop klickt von allein - Avast findet Trojaner/Viren (u.a. Win32:Dropper-gen [Drp]) |
| akamai, antivirus, bonjour, browser, converter, desktop, flash player, google, home, homepage, iexplore.exe, installation, maus, mousepad, mozilla, musik, newtab, realtek, registry, scan, security, services.exe, software, spotify web helper, svchost.exe, symantec, tracker, trojaner, virus, windows, yahoo community smartbar |
![Laptop klickt von allein - Avast findet Trojaner/Viren (u.a. Win32:Dropper-gen [Drp])](iconimages/plagegeister-aller-art-deren-bekaempfung/laptop-klickt-allein-avast-findet-trojaner-viren-u-a-win32-dropper-gen-drp_ltr.gif)
Baum-Darstellung