Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
A variant of Win32/DownloadSponsor.A

A variant of Win32/DownloadSponsor.A


Log-Analyse und Auswertung: A variant of Win32/DownloadSponsor.A

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.07.2014, 15:01   #1
Winters91
 
A variant of Win32/DownloadSponsor.A - Standard

A variant of Win32/DownloadSponsor.A


OK zuerst die AdwCleaner[S0]txt.
Code:
ATTFilter
# AdwCleaner v3.215 - Bericht erstellt am 11/07/2014 um 15:41:25
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : SV - SV-PC
# Gestartet von : C:\Users\SV\Desktop\adwcleaner_3.215.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\SV\AppData\Local\Temp\OCS

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\SV\AppData\Roaming\Mozilla\Firefox\Profiles\qtjrbfr1.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1120 octets] - [11/07/2014 15:40:04]
AdwCleaner[S0].txt - [945 octets] - [11/07/2014 15:41:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1004 octets] ##########
Dann die JRT.txt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by SV on 11.07.2014 at 15:50:59,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\SV\AppData\Roaming\mozilla\firefox\profiles\qtjrbfr1.default\minidumps [326 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.07.2014 at 15:56:15,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und zu guter letzt die neue FRST.txt
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by SV (administrator) on SV-PC on 11-07-2014 15:56:49
Running from C:\Users\SV\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-09-25] (NEC Electronics Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-16] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-57908637-326857351-3643092451-1000\...\MountPoints2: {2265e422-7dfe-11e2-a26d-806e6f6e6963} - D:\Run.exe
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9F7C63E2172ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\SV\AppData\Roaming\Mozilla\Firefox\Profiles\qtjrbfr1.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: about:home
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\SV\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyProxy Standard - C:\Users\SV\AppData\Roaming\Mozilla\Firefox\Profiles\qtjrbfr1.default\Extensions\foxyproxy@eric.h.jung [2014-02-04]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013-06-21]

==================== Services (Whitelisted) =================

S2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-16] (Kaspersky Lab ZAO)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-02-24] (Creative Labs) [File not signed]
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

S3 AF9035BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [513600 2009-11-05] (ITETech                  )
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2012-11-06] (Advanced Micro Devices) [File not signed]
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-02] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-06-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-04-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-16] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-15] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-07-15] (Kaspersky Lab ZAO)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-11 15:56 - 2014-07-11 15:56 - 00011431 _____ () C:\Users\SV\Desktop\FRST.txt
2014-07-11 15:56 - 2014-07-11 15:56 - 00000886 _____ () C:\Users\SV\Desktop\JRT.txt
2014-07-11 15:44 - 2014-07-11 15:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 15:41 - 2014-07-11 15:41 - 00001084 _____ () C:\Users\SV\Desktop\AdwCleaner[S0].txt
2014-07-11 15:40 - 2014-07-11 15:56 - 00000000 ____D () C:\AdwCleaner
2014-07-11 15:37 - 2014-07-11 15:37 - 01016261 _____ (Thisisu) C:\Users\SV\Desktop\JRT.exe
2014-07-11 13:00 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\SV\Neuer Ordner
2014-07-10 20:14 - 2014-07-11 15:56 - 00000000 ____D () C:\FRST
2014-07-10 20:13 - 2014-07-10 20:13 - 02084352 _____ (Farbar) C:\Users\SV\Desktop\FRST64.exe
2014-07-10 19:19 - 2014-07-10 19:19 - 01348263 _____ () C:\Users\SV\Desktop\adwcleaner_3.215.exe
2014-07-09 13:28 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 13:28 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 13:28 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:28 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:28 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:28 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:28 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 13:28 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 13:28 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 13:28 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:28 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 13:28 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 13:28 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 13:28 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 13:28 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 13:28 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 13:28 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 13:28 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 13:28 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 13:28 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 13:28 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:28 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 13:28 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:28 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:28 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 13:28 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 13:27 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:27 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 13:27 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 13:27 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 13:27 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-04 22:54 - 2014-07-08 11:02 - 00000000 ____D () C:\Users\SV\GBA
2014-07-04 00:18 - 2014-07-04 00:18 - 00290736 _____ () C:\Windows\Minidump\070414-20482-01.dmp
2014-06-28 17:59 - 2014-06-28 17:59 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\Users\SV\AppData\Local\Skype
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 11:08 - 2014-06-25 11:08 - 00000000 ____D () C:\Users\SV\Documents\Umzug
2014-06-25 11:02 - 2014-06-25 11:08 - 00000000 ____D () C:\Users\SV\Documents\O2
2014-06-24 22:50 - 2014-06-24 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-24 16:53 - 2014-06-24 16:53 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-06-24 16:03 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\SV\Documents\Netmonitor
2014-06-24 16:02 - 2014-06-24 16:02 - 00000000 ____D () C:\Users\SV\AppData\Roaming\NetSpeedMonitor
2014-06-24 16:00 - 2014-06-24 16:00 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-06-24 15:56 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-24 15:56 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-24 15:56 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-24 15:56 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-24 15:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-24 15:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-24 15:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-24 15:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-24 15:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-24 15:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-24 15:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-24 15:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-24 15:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-24 15:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-24 15:50 - 2014-06-24 15:50 - 03336192 _____ () C:\Users\SV\Downloads\netspeedmonitor_2_5_4_0_x86_setup.msi
2014-06-12 11:52 - 2014-06-12 11:53 - 00000023 _____ () C:\Users\SV\Kasp.txt

==================== One Month Modified Files and Folders =======

2014-07-11 15:57 - 2014-07-11 15:56 - 00011431 _____ () C:\Users\SV\Desktop\FRST.txt
2014-07-11 15:56 - 2014-07-11 15:56 - 00000886 _____ () C:\Users\SV\Desktop\JRT.txt
2014-07-11 15:56 - 2014-07-11 15:40 - 00000000 ____D () C:\AdwCleaner
2014-07-11 15:56 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\SV\Neuer Ordner
2014-07-11 15:56 - 2014-07-10 20:14 - 00000000 ____D () C:\FRST
2014-07-11 15:56 - 2014-06-24 16:03 - 00000000 ____D () C:\Users\SV\Documents\Netmonitor
2014-07-11 15:56 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-11 15:56 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 15:50 - 2013-02-24 15:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-11 15:49 - 2013-06-15 11:24 - 00059750 _____ () C:\Windows\setupact.log
2014-07-11 15:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-11 15:48 - 2013-02-23 23:18 - 01055238 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 15:44 - 2014-07-11 15:44 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 15:42 - 2013-02-24 14:54 - 00148214 _____ () C:\Windows\PFRO.log
2014-07-11 15:41 - 2014-07-11 15:41 - 00001084 _____ () C:\Users\SV\Desktop\AdwCleaner[S0].txt
2014-07-11 15:37 - 2014-07-11 15:37 - 01016261 _____ (Thisisu) C:\Users\SV\Desktop\JRT.exe
2014-07-11 13:00 - 2013-02-23 23:29 - 00000000 ____D () C:\Users\SV
2014-07-11 12:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 11:08 - 2013-02-24 20:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-10 20:13 - 2014-07-10 20:13 - 02084352 _____ (Farbar) C:\Users\SV\Desktop\FRST64.exe
2014-07-10 19:19 - 2014-07-10 19:19 - 01348263 _____ () C:\Users\SV\Desktop\adwcleaner_3.215.exe
2014-07-09 16:20 - 2013-02-24 18:59 - 00000000 ____D () C:\Users\SV\Desktop\Studium
2014-07-09 15:51 - 2009-07-14 06:45 - 00336312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 15:49 - 2014-05-06 12:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 15:49 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 15:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 15:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 14:05 - 2013-07-24 15:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 14:04 - 2013-02-24 17:28 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-08 11:02 - 2014-07-04 22:54 - 00000000 ____D () C:\Users\SV\GBA
2014-07-04 00:18 - 2014-07-04 00:18 - 00290736 _____ () C:\Windows\Minidump\070414-20482-01.dmp
2014-07-04 00:18 - 2013-10-09 18:41 - 537038895 _____ () C:\Windows\MEMORY.DMP
2014-07-04 00:18 - 2013-10-09 18:41 - 00000000 ____D () C:\Windows\Minidump
2014-06-30 04:09 - 2014-07-09 13:28 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 13:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 23:41 - 2013-02-25 00:28 - 00000000 ____D () C:\Users\SV\AppData\Roaming\Skype
2014-06-28 17:59 - 2014-06-28 17:59 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\Users\SV\AppData\Local\Skype
2014-06-28 17:59 - 2014-06-28 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-28 17:59 - 2013-02-25 00:28 - 00000000 ____D () C:\ProgramData\Skype
2014-06-25 11:08 - 2014-06-25 11:08 - 00000000 ____D () C:\Users\SV\Documents\Umzug
2014-06-25 11:08 - 2014-06-25 11:02 - 00000000 ____D () C:\Users\SV\Documents\O2
2014-06-25 10:47 - 2013-09-20 13:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-24 22:50 - 2014-06-24 22:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-24 16:53 - 2014-06-24 16:53 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-06-24 16:38 - 2013-06-07 19:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-24 16:02 - 2014-06-24 16:02 - 00000000 ____D () C:\Users\SV\AppData\Roaming\NetSpeedMonitor
2014-06-24 16:00 - 2014-06-24 16:00 - 00000000 ____D () C:\Program Files\NetSpeedMonitor
2014-06-24 15:50 - 2014-06-24 15:50 - 03336192 _____ () C:\Users\SV\Downloads\netspeedmonitor_2_5_4_0_x86_setup.msi
2014-06-24 11:38 - 2012-11-02 15:48 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-24 11:38 - 2012-11-02 15:48 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-19 04:12 - 2014-07-09 13:28 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 04:12 - 2014-07-09 13:28 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-09 13:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-09 13:28 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-09 13:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 04:11 - 2014-07-09 13:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-09 13:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-09 13:28 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 02:53 - 2014-07-09 13:28 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-09 13:28 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-09 13:28 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-09 13:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-09 13:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-09 13:28 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-09 13:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-09 13:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-09 13:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-09 13:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-18 04:18 - 2014-07-09 13:28 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 13:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 13:28 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-15 14:26 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-06-15 14:26 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-06-15 14:26 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 00:12 - 2013-02-25 00:33 - 00000000 ____D () C:\Users\SV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-13 00:02 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-12 11:53 - 2014-06-12 11:52 - 00000023 _____ () C:\Users\SV\Kasp.txt

Some content of TEMP:
====================
C:\Users\SV\AppData\Local\Temp\CTPBSeq.exe
C:\Users\SV\AppData\Local\Temp\Quarantine.exe
C:\Users\SV\AppData\Local\Temp\_isFA5A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 16:02

==================== End Of Log ============================
--- --- ---
Antwort

Themen zu A variant of Win32/DownloadSponsor.A
anwendung, appdata, b.exe, code, downloader, entdeck, escan, eset, found, gelöscht, gen, kaspersky, log, online, onlinescan, quarantäne, scan, scanner, service, sommerzeit, temp, variant, variante, version, win


« Windows 8 - Internet wird abends sehr langsam | Windows Vista / Firefox / chrome://quick_start/content/index.html »


Ähnliche Themen: A variant of Win32/DownloadSponsor.A


  1. Windows 7; langsames Hochfahren // Win32/Toolbar.Visicom.A, Win32/DownloadSponsor.C, Win32/Toolbar.Visicom.E
    Log-Analyse und Auswertung - 01.08.2015 (9)
  2. WIN 7: Virusfunde Win32.Application.SubTab.A / Win32.Application.DownloadSponsor.D
    Plagegeister aller Art und deren Bekämpfung - 10.05.2014 (15)
  3. win32 downloadsponsor.a
    Log-Analyse und Auswertung - 18.09.2013 (4)
  4. trojan-downloader.win32.agent variant
    Mülltonne - 22.11.2008 (1)
  5. Trojan-Download.Win32.Agent variant
    Log-Analyse und Auswertung - 17.11.2008 (3)
  6. Trojaner Downloader.Win32.Agent variant.
    Mülltonne - 09.11.2008 (0)
  7. Trojan-Downloader.Win32.Agent variant
    Mülltonne - 08.11.2008 (1)
  8. Download Trojaner Win32 Agent Variant
    Log-Analyse und Auswertung - 01.11.2008 (7)
  9. Trojan-Downloader.win32.agent variant
    Plagegeister aller Art und deren Bekämpfung - 30.10.2008 (2)
  10. Trojan-Downloader.Win32.Agent variant
    Mülltonne - 29.10.2008 (0)
  11. Trojaner-downloader.win32.agent variant
    Plagegeister aller Art und deren Bekämpfung - 01.07.2008 (1)
  12. Win32.agent variant
    Mülltonne - 30.06.2008 (0)
  13. Trojan-Downloader.Win32.Agent variant
    Mülltonne - 01.03.2008 (0)
  14. trojan-Downloader.Win32.Agent variant
    Plagegeister aller Art und deren Bekämpfung - 22.12.2007 (10)
  15. Trojan-Downloader.Win32.Agent variant
    Log-Analyse und Auswertung - 24.08.2007 (6)
  16. TrojanDownloader.Win32.Agent variant
    Plagegeister aller Art und deren Bekämpfung - 23.06.2007 (1)
  17. TrojanDownloader.Win32.Agent variant
    Plagegeister aller Art und deren Bekämpfung - 08.04.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema A variant of Win32/DownloadSponsor.A - OK zuerst die AdwCleaner[S0]txt. Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 11/07/2014 um 15:41:25 # Aktualisiert 09/07/2014 von Xplode # Betriebssystem : Windows 7 Home - A variant of Win32/DownloadSponsor.A...
Archiv
Du betrachtest: A variant of Win32/DownloadSponsor.A auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19