Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
DropperGen/Malware/Spyware - das volle Programm

DropperGen/Malware/Spyware - das volle Programm


Log-Analyse und Auswertung: DropperGen/Malware/Spyware - das volle Programm

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.04.2015, 10:23   #1
Phiyahless
 
DropperGen/Malware/Spyware - das volle Programm - Standard

DropperGen/Malware/Spyware - das volle Programm


Hallöchen,

mein Name ist Yasmin und ich habe hier einen verseuchten Laptop.

Als ich gestern bei meiner Freundin war hat sie ihn angemacht und wir wollte mir zeigen wie langsam, träge, schlecht der läuft..chrome stürzt ab. Schlecht einfach.

Erster Schock: Kein Antivirus Programm, bzw Lizenz abgelaufen. Dann eröffnete sie mir das das erstens schon lange (2,3,4? Wochen) so ist, und das sie so, auch ein oder zwei tage vorher auf Streamingseiten unterwegs war

Chrome wurde in der Zeit heruntergeladen und nach erster durchsicht seit gestern ist das auch eine Quelle des übels. Dieser download hat total viel Adware und mist mitinstalliert (Browser Good, iStartSurf, Zombi Invasion )

Eigentlich wäre dieses Verhalten fast ein Grund ihr nicht zu helfen, aber ehrlich gesagt tut der Laptop mir leid

Was ich bis jetzt gemacht habe:

-software deinstalliert (Chrome + einiger mist)
-Avast virus scan: 4 infizierte Objekte, ua. DropperGen,Adware,Malware) finde keinen Logfile dazu leider
- Eure Anleitung befolgt
-Gmer hat nicht funktioniert (Fehler: Programm würde von etwas anderem ausgeführt oder ähnlich)
und jetzt gerade für ein paar Zusatzinfos läuft Malwarebytes. 411 gefundene Objekte .. ich glaub ich krieg nen Herzinfarkt

Hat jemand von euch erbarmen und würde mir helfen diesen Totalschaden wieder hinzukriegen?

Name etc.. dürfen ruhig ersichtlich bleiben

1) Defogger= Hab ich gemacht
2) FRST Logfiles.. da gibts mehrere.

FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Lena (administrator) on LENA on 05-04-2015 10:13:32
Running from C:\Users\Lena\Desktop
Loaded Profiles: Lena (Available profiles: Lena)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7535832 2014-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [gmsd_de_370] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-04] (Avast Software s.r.o.)
Startup: C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{9bb832fb-83cc-0e4c-9bb8-832fb83ccbee}\hqghumeaylnlf.exe (PC Utilities Software Limited)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1428084012&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1428083957&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428084012&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428083957&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3163897636-2943637359-1939516349-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3163897636-2943637359-1939516349-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3163897636-2943637359-1939516349-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428083957&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428083957&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&q={searchTerms}
SearchScopes: HKLM -> {EE60B551-6ECC-4D1A-900A-974375B39DDC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428083957&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {EE60B551-6ECC-4D1A-900A-974375B39DDC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&ts=1428084035&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&ts=1428084035&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428084012&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&ts=1428084035&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3163897636-2943637359-1939516349-1002 -> {EE60B551-6ECC-4D1A-900A-974375B39DDC} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX&ts=1428084035&type=default&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-04] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-04] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1428083957&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-03] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-04]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8m
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hppp&ts=1428084012&from=tugs&uid=HGSTXHTS541010A9E680_JA100C103U7YKV3U7YKVX"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Google Docs) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (YouTube) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Adblock Plus) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-05]
CHR Extension: (Google Search) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Google Sheets) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Browser Good) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdlnhhdbgjcpikdcdnllgdmlonnggaab [2015-04-04]
CHR Extension: (Avast Online Security) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR Extension: (Gmail) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-17] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-04] (Avast Software s.r.o.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-16] (XTab system)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Advanced Micro Devices, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-04-03] (SysTool PasSame LIMITED)
S2 AtherosSvc; "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. )
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-04] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-04] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 10:13 - 2015-04-05 10:14 - 00017596 _____ () C:\Users\Lena\Desktop\FRST.txt
2015-04-05 10:13 - 2015-04-05 10:13 - 00000000 ____D () C:\FRST
2015-04-05 10:11 - 2015-04-05 10:11 - 02095616 _____ (Farbar) C:\Users\Lena\Desktop\FRST64.exe
2015-04-05 10:09 - 2015-04-05 10:09 - 00000470 _____ () C:\Users\Lena\Downloads\defogger_disable.log
2015-04-05 10:09 - 2015-04-05 10:09 - 00000000 _____ () C:\Users\Lena\defogger_reenable
2015-04-05 10:07 - 2015-04-05 10:07 - 00050477 _____ () C:\Users\Lena\Downloads\Defogger.exe
2015-04-05 09:58 - 2015-04-05 09:58 - 00002278 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-05 09:58 - 2015-04-05 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-04 20:28 - 2015-04-04 20:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-04-04 17:53 - 2015-04-04 17:53 - 00001945 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-04 17:53 - 2015-04-04 17:53 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\AVAST Software
2015-04-04 17:53 - 2015-04-04 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-04 17:52 - 2015-04-04 17:52 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-04 17:52 - 2015-04-04 17:52 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-04 17:52 - 2015-04-04 17:52 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-04 17:52 - 2015-04-04 17:52 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-04 17:52 - 2015-04-04 17:51 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-04 17:51 - 2015-04-04 17:51 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-04 17:50 - 2015-04-04 17:50 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\rddcvtpk.sys
2015-04-04 17:50 - 2015-04-04 17:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-04 17:41 - 2015-04-04 17:42 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-04-04 17:41 - 2015-04-04 17:41 - 00000000 ____D () C:\Windows\Options
2015-04-04 17:41 - 2013-10-17 02:46 - 03858944 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athwbx.sys
2015-04-04 17:25 - 2015-04-04 17:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-04-04 17:22 - 2015-04-04 17:22 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\WinRAR
2015-04-04 17:22 - 2015-04-04 17:22 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-04 17:22 - 2015-04-04 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-04 17:21 - 2015-04-04 17:22 - 00000000 ____D () C:\Program Files\WinRAR
2015-04-04 17:16 - 2015-04-04 17:18 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2015-04-04 17:16 - 2015-04-04 17:16 - 00000000 ____D () C:\Users\Lena\AppData\Local\DriverToolkit
2015-04-04 17:06 - 2015-04-04 20:34 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 17:06 - 2015-04-04 17:06 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 16:51 - 2015-04-04 17:07 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-04 16:12 - 2015-04-04 16:12 - 00000000 ____D () C:\ProgramData\8bdda2ae000015df
2015-04-04 16:07 - 2015-04-04 16:07 - 00003136 _____ () C:\Windows\System32\Tasks\{64880DBA-0167-4B94-A9F5-94125B8E03E8}
2015-04-04 15:52 - 2015-04-04 19:30 - 00000000 ____D () C:\Program Files (x86)\Browser Good
2015-04-04 15:48 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-04 15:48 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-04 15:48 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-04 15:48 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-04 15:48 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-04 15:48 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-04 15:48 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-04 15:41 - 2015-04-04 16:04 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-03 20:10 - 2015-04-03 20:10 - 00000452 _____ () C:\Windows\Tasks\SpeedChecker Update.job
2015-04-03 20:10 - 2015-04-03 20:10 - 00000000 ____D () C:\Users\Lena\Documents\Optimizer Pro
2015-04-03 20:08 - 2015-04-04 15:42 - 00000000 ____D () C:\ProgramData\{9bb832fb-83cc-0e4c-9bb8-832fb83ccbee}
2015-04-03 20:03 - 2015-04-04 16:41 - 00000000 ___HD () C:\Users\Public\Temp
2015-04-03 20:02 - 2015-04-03 20:02 - 00000000 ____D () C:\Users\Lena\AppData\Local\Crossbrowse
2015-04-03 20:01 - 2015-04-03 20:01 - 00003152 _____ () C:\Windows\System32\Tasks\Run_Browser
2015-04-03 20:00 - 2015-04-05 09:53 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-04-03 20:00 - 2015-04-04 19:32 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-03 20:00 - 2015-04-03 20:10 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-04-03 20:00 - 2015-04-03 20:05 - 00003894 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-04-03 20:00 - 2015-04-03 20:05 - 00003658 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-04-03 20:00 - 2015-04-03 20:00 - 00000000 ____D () C:\Users\Lena\AppData\Local\globalUpdate
2015-04-03 20:00 - 2015-04-03 20:00 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-04-03 20:00 - 2015-04-03 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-04-03 20:00 - 2015-04-03 20:00 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-04-03 19:59 - 2015-04-03 20:04 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-03 19:59 - 2015-04-03 20:04 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-03 19:59 - 2015-04-03 20:04 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-03 19:59 - 2015-04-03 20:04 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 19:59 - 2015-04-03 19:59 - 00003546 _____ () C:\Windows\System32\Tasks\VZZXGN
2015-04-03 19:58 - 2015-04-04 16:07 - 00000000 ____D () C:\ProgramData\LolliScan
2015-04-03 19:58 - 2015-04-03 20:02 - 00000000 ____D () C:\Users\Lena\AppData\Local\Google
2015-04-03 19:58 - 2015-04-03 20:02 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-03 19:58 - 2015-04-03 19:58 - 00000000 ____D () C:\ProgramData\7b2a98c5c3a9485689cfb0f9c7e387ba
2015-04-03 19:58 - 2015-04-03 19:58 - 00000000 ____D () C:\ProgramData\4d0801eee76440b5aa8e9e9bd8f25f47
2015-04-03 19:43 - 2015-04-03 19:43 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieBrowserModeList
2015-03-26 21:14 - 2015-04-04 19:43 - 00000385 _____ () C:\Users\Lena\AppData\Roaming\XQZHZAT
2015-03-13 18:32 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-13 18:32 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-13 18:32 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-13 18:32 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-13 18:32 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-13 18:32 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-13 18:32 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-13 18:31 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 18:31 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-13 18:31 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 18:31 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 18:31 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 18:31 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-13 18:31 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-13 18:31 - 2015-02-07 01:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-13 18:31 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-13 18:31 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-13 18:31 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-13 18:31 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-13 18:31 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-13 18:31 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-13 18:31 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-13 18:31 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-13 18:31 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-13 18:31 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-13 18:31 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-13 18:31 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-13 18:31 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-13 18:31 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-13 18:31 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-13 18:31 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-13 18:31 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-13 18:31 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-13 18:31 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-13 18:31 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-13 18:31 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-13 18:31 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 18:31 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-13 18:31 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-13 18:31 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-13 18:31 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 18:31 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 18:31 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-13 18:31 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-13 18:31 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-13 18:31 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-13 18:31 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-13 18:31 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-13 18:31 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-13 18:31 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-13 18:31 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-13 18:31 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-13 18:31 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-13 18:31 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-13 18:31 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-13 18:31 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-13 18:31 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-13 18:31 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-13 18:31 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-13 18:31 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-13 18:31 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-13 18:30 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 18:30 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-13 18:30 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-13 18:30 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-13 18:30 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-13 18:30 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 18:30 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-13 18:30 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 18:30 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 18:30 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 18:30 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-13 18:30 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 18:30 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 18:30 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-13 18:30 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-13 18:30 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-13 18:30 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 18:30 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-13 18:30 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-13 18:30 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-13 18:30 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-13 18:30 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 18:30 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 18:30 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 18:30 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 18:30 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-13 18:30 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-13 18:30 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-13 18:30 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 18:30 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-13 18:30 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-13 18:30 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-13 18:30 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 18:30 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 18:30 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-13 18:30 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-13 18:30 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-13 18:30 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 18:30 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-13 18:30 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 18:30 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-13 18:30 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-13 18:30 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-13 18:30 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-13 18:30 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-13 18:30 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-13 18:30 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-13 18:30 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-13 18:30 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 18:30 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-13 18:30 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-13 18:30 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-13 18:30 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-13 18:30 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-13 18:30 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-13 18:30 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 18:30 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-13 18:30 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-13 18:30 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-13 18:30 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-13 18:30 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-13 18:30 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-13 18:30 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-13 18:30 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-13 18:30 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-13 18:30 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-13 18:30 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-13 18:30 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-13 18:30 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-13 18:30 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-13 18:30 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-13 18:29 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-13 18:29 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-13 18:29 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 18:29 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-13 18:29 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-13 18:29 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-13 18:29 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 18:29 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-09 21:00 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-06 16:08 - 2015-03-06 16:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 10:12 - 2014-12-04 20:31 - 01124839 _____ () C:\Windows\WindowsUpdate.log
2015-04-05 10:09 - 2014-12-04 20:41 - 00000000 ____D () C:\Users\Lena
2015-04-05 10:03 - 2014-12-04 20:47 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3163897636-2943637359-1939516349-1002
2015-04-05 10:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-05 09:56 - 2014-12-04 20:46 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DA146DF6-84F2-44EC-AE01-834C2EFCE954}
2015-04-05 09:53 - 2014-12-04 20:45 - 00000000 __RDO () C:\Users\Lena\OneDrive
2015-04-04 20:32 - 2014-05-07 04:46 - 00800954 _____ () C:\Windows\system32\perfh007.dat
2015-04-04 20:32 - 2014-05-07 04:46 - 00174458 _____ () C:\Windows\system32\perfc007.dat
2015-04-04 20:32 - 2014-03-18 11:53 - 01921090 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-04 20:29 - 2014-09-10 02:45 - 00667834 _____ () C:\Windows\SysWOW64\rootpa.e2e
2015-04-04 20:28 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-04 20:27 - 2013-08-22 16:46 - 00029592 _____ () C:\Windows\setupact.log
2015-04-04 19:14 - 2014-09-10 02:36 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-04-04 19:14 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-04 18:44 - 2013-08-22 15:25 - 00000226 _____ () C:\Windows\win.ini
2015-04-04 17:46 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-04-04 17:41 - 2014-05-06 19:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-04 17:40 - 2014-04-01 03:07 - 00000000 ____D () C:\SWSetup
2015-04-04 17:26 - 2014-09-10 02:38 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-04-04 17:25 - 2014-03-18 11:44 - 00015490 _____ () C:\Windows\PFRO.log
2015-04-04 17:07 - 2014-12-27 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-04 17:07 - 2014-12-27 17:52 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-04 17:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-04 16:41 - 2013-10-02 23:14 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-04-04 16:39 - 2014-09-10 02:45 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-04 16:39 - 2014-09-10 02:45 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-04 16:38 - 2013-08-22 16:44 - 00338016 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-04 16:28 - 2014-05-06 19:47 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-04-04 16:28 - 2014-05-06 19:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-04-04 16:27 - 2014-05-06 20:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-04-04 16:26 - 2014-12-06 09:53 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\hpqlog
2015-04-04 16:23 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-04-04 16:19 - 2014-09-10 02:35 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-04-04 16:18 - 2014-12-04 20:41 - 00001461 _____ () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-04 16:02 - 2014-09-10 02:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-04-04 16:01 - 2014-09-10 02:50 - 00000000 ____D () C:\ProgramData\CyberLink
2015-04-04 16:00 - 2014-05-06 19:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-04-04 15:43 - 2014-12-04 20:43 - 00000000 ____D () C:\Users\Lena\Documents\Youcam
2015-03-20 18:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-13 19:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-13 18:45 - 2014-12-27 17:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 18:43 - 2014-12-27 17:28 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-03-26 21:14 - 2015-04-04 19:43 - 0000385 _____ () C:\Users\Lena\AppData\Roaming\XQZHZAT

Some content of TEMP:
====================
C:\Users\Lena\AppData\Local\Temp\81A289CB-919E-62E2-27CC-59E542698677.dll
C:\Users\Lena\AppData\Local\Temp\optprosetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 16:50

==================== End Of Log ============================
Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Lena at 2015-04-05 10:14:55
Running from C:\Users\Lena\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{7536C341-2F7D-EFE6-F521-DEBE68B025C5}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0033 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-03-2015 18:33:15 Windows Update
04-04-2015 15:50:25 Removed Bonjour

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08E6DAD9-A9E4-4038-B4FC-BD53D8CB5719} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {0E72D7A4-B9F8-45FD-98E0-A1F36A1A7A08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {0FDAE9A2-92E2-4570-A1BB-18EFDFAD84EF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-04] (Avast Software s.r.o.)
Task: {1DEC50FB-2955-42BC-9D6A-0E3BF5C4C9AA} - System32\Tasks\Run_Browser => C:\Users\Lena\AppData\Local\UnicoBrowser\Application\unicobrowser.exe
Task: {2EE637B7-D7B4-45EB-8B6E-3B7374FC167D} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {46C58825-2772-4A0E-8884-7F3D09A62E14} - System32\Tasks\VZZXGN => C:\ProgramData\4d0801eee76440b5aa8e9e9bd8f25f47\4d0801eee76440b5aa8e9e9bd8f25f47.exe [2015-04-02] ()
Task: {54C95428-DC2A-4849-BFD0-8207330992A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {6A02997A-7A0E-4CFF-9441-30302A1BD392} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {6F52EA07-5F07-447D-B4FF-8E993B32ECDD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-13] (Microsoft Corporation)
Task: {90F7F862-9086-4FB5-BB72-257F3FC33904} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {A3C0A0C6-790F-467A-8620-52CCA4E6867F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AF19EF05-DFB3-4015-ABD2-CAEA45303F4F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D81196DE-41D0-4C4D-889B-5510AA787960} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {EE3680BB-A3D8-4FDA-93D0-E97956E362C4} - System32\Tasks\{64880DBA-0167-4B94-A9F5-94125B8E03E8} => pcalua.exe -a C:\Users\Lena\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=tugs
Task: {F086472C-AF6C-4833-B376-429F23FBB337} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLena.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\SpeedChecker Update.job => C:\Program Files (x86)\version91SpeedChecker\x2SpeedCheckerU19.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-04-17 15:38 - 2014-04-17 15:38 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-04-17 15:37 - 2014-04-17 15:37 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-04-05 09:58 - 2015-03-30 22:38 - 01530184 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-05 09:58 - 2015-03-30 22:38 - 00091976 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-05 09:58 - 2015-03-30 22:39 - 11266376 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-05 09:58 - 2015-03-30 22:39 - 26792264 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
2015-04-04 17:52 - 2015-04-04 17:52 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-04 17:52 - 2015-04-04 17:52 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-04 17:54 - 2015-04-04 17:54 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040400\algo.dll
2015-04-04 20:28 - 2015-04-04 20:28 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040401\algo.dll
2015-04-05 10:01 - 2015-04-05 10:01 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040500\algo.dll
2015-04-04 17:52 - 2015-04-04 17:52 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Lena\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3163897636-2943637359-1939516349-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lena\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3163897636-2943637359-1939516349-1002\...\StartupApproved\StartupFolder: => "hqghumeaylnlf.lnk"

==================== Accounts: =============================

Administrator (S-1-5-21-3163897636-2943637359-1939516349-500 - Administrator - Disabled)
Gast (S-1-5-21-3163897636-2943637359-1939516349-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3163897636-2943637359-1939516349-1004 - Limited - Enabled)
Lena (S-1-5-21-3163897636-2943637359-1939516349-1002 - Administrator - Enabled) => C:\Users\Lena

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2015 06:50:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 638

Startzeit: 01d06eeb9c1aba09

Endzeit: 0

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 9e3f20f2-daea-11e4-826d-3464a97da0d4

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/04/2015 03:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: unicobrowser.exe, Version: 39.0.2132.8, Zeitstempel: 0x55097d22
Name des fehlerhaften Moduls: chrome.dll, Version: 39.0.2132.8, Zeitstempel: 0x550978fb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000733e9
ID des fehlerhaften Prozesses: 0x1158
Startzeit der fehlerhaften Anwendung: 0xunicobrowser.exe0
Pfad der fehlerhaften Anwendung: unicobrowser.exe1
Pfad des fehlerhaften Moduls: unicobrowser.exe2
Berichtskennung: unicobrowser.exe3
Vollständiger Name des fehlerhaften Pakets: unicobrowser.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: unicobrowser.exe5

Error: (04/03/2015 08:11:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13093

Error: (04/03/2015 08:11:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13093

Error: (04/03/2015 08:11:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2015 08:05:06 PM) (Source: MsiInstaller) (EventID: 11309) (User: LENA)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (04/03/2015 08:00:31 PM) (Source: MsiInstaller) (EventID: 11309) (User: LENA)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (03/21/2015 02:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4b4

Startzeit: 01d063c493b1e429

Endzeit: 15

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: d4865b98-cfc6-11e4-826b-3010b35a4920

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/21/2015 00:49:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opbhobroker.exe, Version: 8.0.1.11, Zeitstempel: 0x5335c281
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1408
Startzeit der fehlerhaften Anwendung: 0xopbhobroker.exe0
Pfad der fehlerhaften Anwendung: opbhobroker.exe1
Pfad des fehlerhaften Moduls: opbhobroker.exe2
Berichtskennung: opbhobroker.exe3
Vollständiger Name des fehlerhaften Pakets: opbhobroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: opbhobroker.exe5

Error: (03/21/2015 00:42:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19e0

Startzeit: 01d063bc53091d17

Endzeit: 15

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: eb7dacf2-cfb6-11e4-826b-3010b35a4920

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (04/04/2015 08:30:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/04/2015 08:26:44 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (04/04/2015 06:27:36 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (04/04/2015 05:48:41 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (04/04/2015 05:48:41 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (04/04/2015 05:27:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/04/2015 05:24:37 PM) (Source: DCOM) (EventID: 10010) (User: LENA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/04/2015 05:07:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Microsoft.BingFoodAndDrink

Error: (04/04/2015 04:52:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240055 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3035583)

Error: (04/04/2015 04:41:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/04/2015 06:50:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766763801d06eeb9c1aba090C:\Windows\Explorer.EXE9e3f20f2-daea-11e4-826d-3464a97da0d4

Error: (04/04/2015 03:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: unicobrowser.exe39.0.2132.855097d22chrome.dll39.0.2132.8550978fbc0000005000733e9115801d06edd22e163bbC:\Users\Lena\AppData\Local\UnicoBrowser\Application\unicobrowser.exeC:\Users\Lena\AppData\Local\UnicoBrowser\Application\39.0.2132.8\chrome.dllc5e1ae04-dad0-11e4-826b-3010b35a4920

Error: (04/03/2015 08:11:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13093

Error: (04/03/2015 08:11:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13093

Error: (04/03/2015 08:11:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2015 08:05:06 PM) (Source: MsiInstaller) (EventID: 11309) (User: LENA)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/03/2015 08:00:31 PM) (Source: MsiInstaller) (EventID: 11309) (User: LENA)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/21/2015 02:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.174164b401d063c493b1e42915C:\Program Files\Internet Explorer\iexplore.exed4865b98-cfc6-11e4-826b-3010b35a4920

Error: (03/21/2015 00:49:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opbhobroker.exe8.0.1.115335c281unknown0.0.0.000000000c00000050000000000000000140801d063bc571177bcC:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exeunknownf5c6405f-cfb7-11e4-826b-3010b35a4920

Error: (03/21/2015 00:42:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.1741619e001d063bc53091d1715C:\Program Files\Internet Explorer\iexplore.exeeb7dacf2-cfb6-11e4-826b-3010b35a4920


==================== Memory info =========================== 

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 49%
Total physical RAM: 3528.98 MB
Available physical RAM: 1796.65 MB
Total Pagefile: 4168.98 MB
Available Pagefile: 2008.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:913.81 GB) (Free:878.68 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.68 GB) (Free:1.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EAD2A2F5)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Themen zu DropperGen/Malware/Spyware - das volle Programm
adobe, adware, antivirus, bonjour, browser, defender, device driver, fehler, google, homepage, installation, installmanager.exe, langsam, launch, logfile, malware, programm, realtek, registry, scan, security, services.exe, svchost.exe, system, system error, updates, warnung, windows


« Plötzlich Software "picexa.exe" installiert, "delta-homes.com" als Startseite in sämtlichen Browsern | Trojaner gefunden PUP.Optimizer und MYSTARTWEBSEARCH »


Ähnliche Themen: DropperGen/Malware/Spyware - das volle Programm


  1. SUPER Anti SPYWARE Programm Log
    Log-Analyse und Auswertung - 24.10.2013 (5)
  2. Malware Yontoo // Malwarebytes-Anti-Malware-Programm keine identifizierte Datei gefunden
    Plagegeister aller Art und deren Bekämpfung - 23.03.2013 (14)
  3. TR/Crypt.XPACK.Gen3, Desktop schwarz, Icons weg, System Neustart, Redirects, das volle Programm
    Log-Analyse und Auswertung - 17.07.2011 (15)
  4. Malware Spyware.passwords.xgen durch Malwarebyte Anti-Malware erkannt.
    Plagegeister aller Art und deren Bekämpfung - 19.12.2010 (50)
  5. Wahrscheinlich TR/DropperGen
    Plagegeister aller Art und deren Bekämpfung - 16.07.2009 (0)
  6. Trojaner.DropperGen; twext.exe
    Log-Analyse und Auswertung - 16.05.2009 (12)
  7. ROUGE.Mediawebplayer /TR/DropperGen
    Log-Analyse und Auswertung - 18.02.2009 (4)
  8. TR/DropperGen
    Plagegeister aller Art und deren Bekämpfung - 15.02.2009 (12)
  9. trojaner angriff, das volle programm, SPR/Fake.XPAntiSp.1, TR/Crypt.XPACK.Gen,TR/ ...
    Mülltonne - 24.10.2008 (0)
  10. Programm: Super Anti Spyware
    Antiviren-, Firewall- und andere Schutzprogramme - 09.03.2008 (7)
  11. Spyware Programm
    Log-Analyse und Auswertung - 18.11.2007 (1)
  12. Zuverlässiges Anti Spyware Programm (Onguard!)
    Antiviren-, Firewall- und andere Schutzprogramme - 06.12.2006 (1)
  13. Anti spyware programm
    Antiviren-, Firewall- und andere Schutzprogramme - 29.04.2006 (5)
  14. Das volle Programm....
    Log-Analyse und Auswertung - 23.04.2006 (7)
  15. Welches Anti Spyware Programm
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2006 (10)
  16. Ich mache ein Anti Spyware programm
    Mülltonne - 11.09.2005 (7)
  17. das volle programm
    Plagegeister aller Art und deren Bekämpfung - 20.01.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema DropperGen/Malware/Spyware - das volle Programm - Hallöchen, mein Name ist Yasmin und ich habe hier einen verseuchten Laptop. Als ich gestern bei meiner Freundin war hat sie ihn angemacht und wir wollte mir zeigen wie langsam, - DropperGen/Malware/Spyware - das volle Programm...
Archiv
Du betrachtest: DropperGen/Malware/Spyware - das volle Programm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131