| |
| |||||||
Log-Analyse und Auswertung: Win 7 Es gehen bei Browser ständig Werbefenster selbständig aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.06.2014, 12:58
| #1 |
| |  Win 7 Es gehen bei Browser ständig Werbefenster selbständig auf Hallo, auf meinem Laptop mit Win7 gehen seit Tagen Seiten von selbst auf. Ich habe es schon mit verschiedenen "Aktionen" versucht, aber alle ohne Erfolg: 1.)Virenscanner Kaspersky mehrfach laufen lassen und aktualisiert. 2) Ich habe hier nun 2 Daten, vielleicht kann mir hier jemand helfen... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by fivonne (administrator) on IVONNE-PC on 20-06-2014 12:59:08
Running from C:\Users\fivonne\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PSIService.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\fivonne\AppData\Local\ysdxbcha.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\fivonne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860040 2010-12-10] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iWareV3] => C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2744363527-3643634278-3182256267-1000\...\Run: [Search Protection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Facebook Update] => "C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [EPSON PX720WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [ysdxbcha] => c:\users\fivonne\appdata\local\ysdxbcha.exe [2854912 2014-06-09] ()
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {1aece30b-07b6-11e1-8e1f-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {1b4e31f0-ce8b-11e0-b8a8-b870f47dc548} - E:\iStudio.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {28ebbe75-c03a-11e1-827e-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {5844ab32-ab0b-11e0-b286-c0f8da46fad8} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {96c06cff-a017-11e0-a750-c0f8da46fad8} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {96c06d30-a017-11e0-a750-001e101f8ed0} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {9869b7a2-1879-11e1-b9eb-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {cd5ab2f0-bc7e-11e1-a155-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {cd5ab313-bc7e-11e1-a155-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {e8336138-d4f9-11e1-8175-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {f68f907d-c03c-11e1-8014-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {fe11b9ec-92c2-11e0-a8c7-c0f8da46fad8} - E:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\fivonne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401557336&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WX61A313097230972&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401557336&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WX61A313097230972&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401557336&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WX61A313097230972&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files (x86)\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\fivonne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\fivonne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\fivonne\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: Speed Analysis 3 - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-09-20]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-09]
FF HKCU\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: Speed Analysis 3 - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-09-20]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]
CHR Extension: (Google Drive) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]
CHR Extension: (YouTube) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]
CHR Extension: (Google-Suche) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-17]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-17]
CHR Extension: (Virtual Keyboard) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]
CHR Extension: (Google Mail) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-06-17]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
==================== Services (Whitelisted) =================
S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868224 2010-12-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-28] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [48128 2012-01-31] (FS) [File not signed]
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
==================== Drivers (Whitelisted) ====================
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-09] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-09] (Kaspersky Lab ZAO)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [135168 2011-07-11] (ZTE Corporation) [File not signed]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEWMSD_637; C:\Windows\System32\Drivers\ZTEWMSD_637.sys [19968 2011-07-11] (ZTE Corporation) [File not signed]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-20 12:59 - 2014-06-20 13:00 - 00028446 _____ () C:\Users\fivonne\Downloads\FRST.txt
2014-06-20 12:58 - 2014-06-20 12:59 - 00000000 ____D () C:\FRST
2014-06-20 12:57 - 2014-06-20 12:57 - 02082304 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64.exe
2014-06-20 12:35 - 2014-06-20 12:39 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-20 12:35 - 2014-06-20 12:35 - 00002612 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-06-20 12:35 - 2014-06-20 12:35 - 00001042 _____ () C:\Users\fivonne\Desktop\Glary Utilities.lnk
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-06-20 12:33 - 2014-06-20 12:34 - 06685392 _____ (Glarysoft Ltd ) C:\Users\fivonne\Downloads\gusetup_slim_2.56.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-18 14:52 - 2014-06-18 15:03 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.technic
2014-06-18 14:51 - 2014-06-18 14:52 - 02346942 _____ () C:\Users\fivonne\Downloads\TechnicLauncher.exe
2014-06-17 16:07 - 2014-06-17 16:07 - 00002223 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 16:07 - 2014-06-17 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-15 15:05 - 2014-06-15 18:04 - 07098161 _____ () C:\Users\fivonne\Documents\Religions Projekt.odp
2014-06-11 18:59 - 2014-06-11 18:59 - 570540083 _____ () C:\Windows\MEMORY.DMP
2014-06-11 18:59 - 2014-06-11 18:59 - 00274544 _____ () C:\Windows\Minidump\061114-22417-01.dmp
2014-06-11 17:55 - 2014-06-11 17:55 - 00000000 _____ () C:\Users\fivonne\Desktop\server.log.lck
2014-06-10 13:52 - 2014-06-10 13:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\java
2014-06-09 19:09 - 2014-06-13 23:08 - 00000000 ____D () C:\Users\fivonne\Desktop\tadeos welt
2014-06-09 14:25 - 2014-06-09 15:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 14:25 - 2014-06-09 14:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2014-06-09 14:25 - 00001367 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00001355 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-09 14:13 - 2014-06-09 14:13 - 00000000 ____D () C:\Program Files\Java
2014-06-09 12:29 - 2014-06-09 12:29 - 00001061 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-06-09 12:29 - 2014-06-09 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-06-09 12:29 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-06-09 12:28 - 2014-06-09 12:38 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-09 12:28 - 2014-06-09 12:38 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-09 12:09 - 2014-06-09 12:09 - 00000227 _____ () C:\ProgramData\DelBackupManager.REG
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\system32\NV
2014-06-09 11:03 - 2014-06-09 11:04 - 00001365 _____ () C:\Windows\IE9_main.log
2014-06-09 10:59 - 2014-06-09 10:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2014-06-09 08:58 - 2014-06-20 13:00 - 01042171 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gss
2014-06-09 08:58 - 2014-06-20 12:57 - 00075776 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gdb
2014-06-09 08:58 - 2014-06-09 08:58 - 02854912 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.exe
2014-06-06 16:14 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-06 16:14 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-06 16:14 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-06 16:14 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-06 16:13 - 2014-06-06 16:14 - 00004638 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-06 15:06 - 2014-06-06 15:19 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\GlarySoft
2014-06-06 15:06 - 2014-06-06 15:06 - 00001082 _____ () C:\Users\fivonne\Desktop\Absolute Uninstaller.lnk
2014-06-06 13:55 - 2014-06-06 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 13:52 - 2014-06-06 13:52 - 00005296 _____ () C:\sc-cleaner.txt
2014-06-06 13:21 - 2014-06-06 13:21 - 00045795 _____ () C:\Users\fivonne\Desktop\JRT.txt
2014-06-06 13:13 - 2014-06-06 13:13 - 00000000 ____D () C:\Windows\ERUNT
2014-06-06 13:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-06 12:54 - 2014-06-20 12:37 - 00000000 ____D () C:\Users\fivonne\Desktop\sicherheit
2014-06-06 11:04 - 2014-06-09 12:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-04 20:55 - 2014-06-20 12:39 - 00075286 _____ () C:\Windows\PFRO.log
2014-06-04 20:55 - 2014-06-20 12:39 - 00001810 _____ () C:\Windows\setupact.log
2014-06-04 20:55 - 2014-06-04 20:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 20:18 - 2014-06-04 20:18 - 00003182 _____ () C:\Windows\System32\Tasks\{54B705C5-8594-45D6-9604-7D177BB6803F}
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-03 14:02 - 2014-06-03 14:02 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Fuze Zip
2014-05-31 19:41 - 2014-05-31 19:40 - 00830792 _____ (Click Me In Limited) C:\Users\fivonne\AppData\Local\nstA8C4.tmp
2014-05-31 19:31 - 2014-06-12 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Users\fivonne\AppData\Local\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Program Files (x86)\JFileManager
2014-05-31 19:29 - 2014-06-09 08:58 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Genesis_05311729
2014-05-31 19:28 - 2014-06-20 12:39 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-28 19:10 - 2014-05-28 19:11 - 00000000 ____D () C:\Users\fivonne\Desktop\Tech_World
==================== One Month Modified Files and Folders =======
2014-06-20 13:00 - 2014-06-20 12:59 - 00028446 _____ () C:\Users\fivonne\Downloads\FRST.txt
2014-06-20 13:00 - 2014-06-09 08:58 - 01042171 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gss
2014-06-20 12:59 - 2014-06-20 12:58 - 00000000 ____D () C:\FRST
2014-06-20 12:57 - 2014-06-20 12:57 - 02082304 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64.exe
2014-06-20 12:57 - 2014-06-09 08:58 - 00075776 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gdb
2014-06-20 12:55 - 2011-05-23 16:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-20 12:46 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-20 12:46 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-20 12:43 - 2011-04-29 20:38 - 01066264 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:41 - 2013-01-05 14:11 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 12:41 - 2013-01-05 14:11 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 12:40 - 2014-05-15 18:51 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\DropboxMaster
2014-06-20 12:40 - 2013-11-07 19:00 - 00000000 ___RD () C:\Users\fivonne\Dropbox
2014-06-20 12:40 - 2013-11-07 18:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Dropbox
2014-06-20 12:39 - 2014-06-20 12:35 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-20 12:39 - 2014-06-04 20:55 - 00075286 _____ () C:\Windows\PFRO.log
2014-06-20 12:39 - 2014-06-04 20:55 - 00001810 _____ () C:\Windows\setupact.log
2014-06-20 12:39 - 2014-05-31 19:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 12:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 12:37 - 2014-06-06 12:54 - 00000000 ____D () C:\Users\fivonne\Desktop\sicherheit
2014-06-20 12:37 - 2014-02-05 22:50 - 00000000 ____D () C:\Users\fivonne\Desktop\programme
2014-06-20 12:37 - 2013-10-11 13:03 - 00000000 ___RD () C:\Users\fivonne\Desktop\Minecraft
2014-06-20 12:37 - 2012-03-16 20:28 - 00000000 ___RD () C:\Users\fivonne\Desktop\Tadeos Ordner
2014-06-20 12:36 - 2013-01-05 14:11 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:36 - 2013-01-05 14:11 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 12:35 - 2014-06-20 12:35 - 00002612 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-06-20 12:35 - 2014-06-20 12:35 - 00001042 _____ () C:\Users\fivonne\Desktop\Glary Utilities.lnk
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-06-20 12:34 - 2014-06-20 12:33 - 06685392 _____ (Glarysoft Ltd ) C:\Users\fivonne\Downloads\gusetup_slim_2.56.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-20 12:15 - 2011-06-18 21:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 12:14 - 2011-07-14 23:01 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core.job
2014-06-18 17:30 - 2011-07-14 23:01 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA.job
2014-06-18 15:45 - 2013-09-17 16:57 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.minecraft
2014-06-18 15:03 - 2014-06-18 14:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.technic
2014-06-18 14:52 - 2014-06-18 14:51 - 02346942 _____ () C:\Users\fivonne\Downloads\TechnicLauncher.exe
2014-06-18 14:45 - 2011-05-21 07:24 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Google
2014-06-17 16:07 - 2014-06-17 16:07 - 00002223 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 16:07 - 2014-06-17 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-17 16:07 - 2012-06-03 22:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-17 15:48 - 2012-10-31 21:30 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Mozilla
2014-06-17 15:28 - 2011-05-20 22:30 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Skype
2014-06-15 20:00 - 2011-06-07 15:49 - 00000000 ____D () C:\Users\fivonne\AppData\Local\CrashDumps
2014-06-15 18:04 - 2014-06-15 15:05 - 07098161 _____ () C:\Users\fivonne\Documents\Religions Projekt.odp
2014-06-13 23:08 - 2014-06-09 19:09 - 00000000 ____D () C:\Users\fivonne\Desktop\tadeos welt
2014-06-12 21:08 - 2014-05-31 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 21:05 - 2011-05-29 21:11 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 13:17 - 2011-07-21 22:02 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\NVIDIA
2014-06-11 18:59 - 2014-06-11 18:59 - 570540083 _____ () C:\Windows\MEMORY.DMP
2014-06-11 18:59 - 2014-06-11 18:59 - 00274544 _____ () C:\Windows\Minidump\061114-22417-01.dmp
2014-06-11 18:59 - 2011-08-02 00:19 - 00000000 ____D () C:\Windows\Minidump
2014-06-11 18:58 - 2014-04-14 14:07 - 00059566 _____ () C:\Users\fivonne\Desktop\server.log
2014-06-11 17:55 - 2014-06-11 17:55 - 00000000 _____ () C:\Users\fivonne\Desktop\server.log.lck
2014-06-11 17:53 - 2014-04-11 18:55 - 00000000 ____D () C:\Users\fivonne\Desktop\authlib
2014-06-10 13:52 - 2014-06-10 13:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\java
2014-06-09 15:17 - 2011-09-08 22:50 - 00002502 _____ () C:\Windows\wininit.ini
2014-06-09 15:16 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 14:26 - 2014-06-09 14:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2014-06-09 14:25 - 00001367 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00001355 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-09 14:13 - 2014-06-09 14:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-09 14:13 - 2014-06-09 14:13 - 00000000 ____D () C:\Program Files\Java
2014-06-09 14:13 - 2014-02-01 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 12:38 - 2014-06-09 12:28 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-09 12:38 - 2014-06-09 12:28 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-09 12:38 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-06-09 12:38 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-06-09 12:38 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-06-09 12:29 - 2014-06-09 12:29 - 00001061 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-06-09 12:29 - 2014-06-09 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-09 12:18 - 2014-06-06 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 12:17 - 2011-02-25 08:11 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-09 12:17 - 2011-02-25 08:11 - 00000000 ____D () C:\Program Files (x86)\Packard Bell Games
2014-06-09 12:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-09 12:09 - 2014-06-09 12:09 - 00000227 _____ () C:\ProgramData\DelBackupManager.REG
2014-06-09 12:09 - 2011-02-25 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-06-09 12:08 - 2011-02-25 08:18 - 00000000 ____D () C:\ProgramData\BackupManager
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\system32\NV
2014-06-09 11:23 - 2011-04-29 20:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-09 11:04 - 2014-06-09 11:03 - 00001365 _____ () C:\Windows\IE9_main.log
2014-06-09 11:03 - 2011-04-29 20:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-09 11:03 - 2011-04-29 20:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-09 10:59 - 2014-06-09 10:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2014-06-09 08:58 - 2014-06-09 08:58 - 02854912 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.exe
2014-06-09 08:58 - 2014-05-31 19:29 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Genesis_05311729
2014-06-09 08:54 - 2014-03-18 10:25 - 00000000 ____D () C:\Users\TEMP
2014-06-09 08:51 - 2011-04-30 06:25 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 08:51 - 2011-04-30 06:25 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 08:51 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 16:15 - 2014-02-01 12:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-06 16:14 - 2014-06-06 16:13 - 00004638 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-06 16:14 - 2011-09-06 21:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-06 15:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\xxx
2014-06-06 15:19 - 2014-06-06 15:06 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\GlarySoft
2014-06-06 15:13 - 2011-11-28 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive
2014-06-06 15:13 - 2011-11-28 17:27 - 00002506 _____ () C:\Windows\disney.ini
2014-06-06 15:13 - 2011-11-05 16:00 - 00000000 ____D () C:\ProgramData\DatacardService
2014-06-06 15:13 - 2011-02-25 07:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-06 15:06 - 2014-06-06 15:06 - 00001082 _____ () C:\Users\fivonne\Desktop\Absolute Uninstaller.lnk
2014-06-06 13:55 - 2014-06-06 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 13:52 - 2014-06-06 13:52 - 00005296 _____ () C:\sc-cleaner.txt
2014-06-06 13:52 - 2011-05-20 18:17 - 00001321 _____ () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-06 13:52 - 2011-05-20 18:16 - 00001202 _____ () C:\Users\fivonne\Desktop\Internet Explorer (No Add-ons).lnk
2014-06-06 13:52 - 2011-05-20 18:16 - 00001146 _____ () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-06 13:21 - 2014-06-06 13:21 - 00045795 _____ () C:\Users\fivonne\Desktop\JRT.txt
2014-06-06 13:13 - 2014-06-06 13:13 - 00000000 ____D () C:\Windows\ERUNT
2014-06-06 13:06 - 2013-11-03 20:58 - 00000000 ____D () C:\AdwCleaner
2014-06-05 05:41 - 2014-04-26 12:31 - 00000000 ____D () C:\Users\le_bus
2014-06-05 05:41 - 2011-06-09 20:06 - 00000000 ____D () C:\Users\Gast
2014-06-05 05:41 - 2011-05-20 18:15 - 00000000 ____D () C:\Users\fivonne
2014-06-05 05:40 - 2014-04-26 12:31 - 00000000 ____D () C:\Users\le_bus\AppData\Local\Google
2014-06-05 05:40 - 2014-01-29 16:15 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-06-05 05:40 - 2014-01-29 16:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-06-05 05:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-05 05:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-04 20:55 - 2014-06-04 20:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 20:45 - 2013-10-17 16:15 - 00262144 _____ () C:\Windows\system32\config\elam
2014-06-04 20:18 - 2014-06-04 20:18 - 00003182 _____ () C:\Windows\System32\Tasks\{54B705C5-8594-45D6-9604-7D177BB6803F}
2014-06-04 17:25 - 2011-09-21 23:38 - 00000000 ____D () C:\Users\fivonne\Documents\Vegas Movie Studio HD Platinum 11.0 Proyectos
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-03 14:02 - 2014-06-03 14:02 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Fuze Zip
2014-05-31 19:40 - 2014-05-31 19:41 - 00830792 _____ (Click Me In Limited) C:\Users\fivonne\AppData\Local\nstA8C4.tmp
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Users\fivonne\AppData\Local\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Program Files (x86)\JFileManager
2014-05-31 19:28 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-31 19:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-28 19:11 - 2014-05-28 19:10 - 00000000 ____D () C:\Users\fivonne\Desktop\Tech_World
2014-05-28 19:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 18:36 - 2013-11-07 18:53 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Files to move or delete:
====================
C:\ProgramData\DelBackupManager.REG
Some content of TEMP:
====================
C:\Users\fivonne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgw52ks.dll
C:\Users\Gast\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Gast\AppData\Local\Temp\ResetDevice.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-18 18:26
==================== End Of Log ============================
Geändert von carlos69 (20.06.2014 um 13:10 Uhr) |
| Themen zu Win 7 Es gehen bei Browser ständig Werbefenster selbständig auf |
| ebanking, genesis, launch, packard bell, pup.optional.dynconie.a, pup.optional.iminent.a, pup.optional.quickstart.a, pup.optional.savesense.a, pup.optional.speedanalysis.a, pup.optional.superfish.a, pup.optional.websteroids.a, safer networking, wscript.exe |
Baum-Darstellung