Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
DHL PDF im Spam Email geöffnet

DHL PDF im Spam Email geöffnet


Log-Analyse und Auswertung: DHL PDF im Spam Email geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 19.05.2015, 19:49   #1
OliverF
 
DHL PDF im Spam Email geöffnet - Standard

DHL PDF im Spam Email geöffnet


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6fae39a46a62344495a4980a5930ab87
# engine=23900
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-19 06:12:34
# local_time=2015-05-19 08:12:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 292639 183690345 0 0
# scanned=515543
# found=109
# cleaned=0
# scan_time=77350
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Oliver\AppData\LocalLow\Ashampoo_DE\ldrtbAsh0.dll.vir"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Oliver\AppData\LocalLow\Ashampoo_DE\ldrtbAsha.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Oliver\AppData\LocalLow\Ashampoo_DE\tbAsh0.dll.vir"
sh=42C28E041EA5F8B06D4857E8E6FCA75ABD4BCF2F ft=1 fh=b55fe72874790c5f vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Oliver\AppData\LocalLow\Ashampoo_DE\tbAsh1.dll.vir"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Oliver\AppData\LocalLow\Ashampoo_DE\tbAsha.dll.vir"
sh=42772F07BC6904244A02C1C3D4936653067CD956 ft=1 fh=a28f72486ce580da vn="Variante von Win32/Adware.Snoozer.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Oliver\AppData\Roaming\SDIV 2.0\Prot\tu\tu.exe.vir"
sh=C789CA20FB9046F4F28BB58D8684C38F217DEAF5 ft=1 fh=c71c001100829487 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Free Videos To DVD\Helper.dll"
sh=EF4D2802FC4981213869E8FF1B9845F5D016563F ft=1 fh=559bad56e0a30c3a vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Free Videos To DVD\Uninstall.exe"
sh=ADF04CE43F39FCA757947B4609B8C16AF0A83983 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppFlood.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\IObit\ManageMyMobile\MobileCare.apk"
sh=CEF8BAE91D4D3EC24FD95E5D614F12E61CD10245 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\user.js"
sh=88DBE5F113DF37C1780ED9B0D8FC144CA20600D8 ft=1 fh=ae439cb8cb701357 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\ashampoo_burning_studio_2012_cbe_11.0.4_sd.exe"
sh=9AAEEE36FF7D7BF9FFDF7FFA28C8AA51B82E1685 ft=1 fh=9ad6d679119793fd vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\ashampoo_burning_studio_6_free_6.81_4312+(1).exe"
sh=873C7BAB0437D0B3A06B30F43BFD035921C232E8 ft=1 fh=fd339984886f2551 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\ashampoo_photo_commander_9_9.4.3_11587.exe"
sh=F07B0D8D95C2C0FFAF182B35A52936684F165EFF ft=1 fh=45f9f39b7cff38f3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\ashampoo_winoptimizer_2012_8.1.4_11293.exe"
sh=A286C0831A97F92D5B02D4B93E86530036A8699D ft=1 fh=541a6d15877510a0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\ashampoo_winoptimizer_6_6.60_7259.exe"
sh=B0540109FE5A48A6D745A1D6C63E5B3114C1B330 ft=1 fh=543fa6740cf59aca vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\Cain Abel - CHIP-Installer.exe"
sh=5A57010EA3C1E61AE84AA45A2551DBBD9649D692 ft=1 fh=86b596c4c976ff4c vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\cbsidlm-cbsi5_4_0_104-Advanced_SystemCare-BP-10407614.exe"
sh=A3EE0D539F0781413EF0CE09FEF4700E8CA966E7 ft=1 fh=71669897b613790b vn="Variante von Win32/InstallCore.SW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\ccsetup501_CB-DL-Manager.exe"
sh=97190A7811348D960B0DAD97AF3BF0FE99ED26FE ft=1 fh=ea6109d47396bc06 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\Oliver\Downloads\die_bestimmer.exe"
sh=3837DCC6FC0D2C7D2CD6765EE18175468E314815 ft=1 fh=404bf2cda126427a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\FreeYouTubeToMP3Converter31126.exe"
sh=EF476640E69604879C540915C4BCBA9CF9F6A332 ft=1 fh=f1da0bf17500491a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\FreeYouTubeToMP3Converter33.exe"
sh=7A7C3EB794BE718DCF4A0174205B63B62321A796 ft=1 fh=c71c00112927adeb vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\FreeYouTubeToMP3Converter_3.12.31.325.exe"
sh=C20CFE6E767EF500FB6040954A731C2ADB7F7963 ft=1 fh=0cda0195842264eb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\Microsoft NET Framework 4 5 2 - CHIP-Installer.exe"
sh=C18FD5821B298270D28948BE01C61C5C7BD46AD8 ft=1 fh=e915d585e272ff86 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
sh=3DC59426191858EFB608133920C27C21E0505FA1 ft=1 fh=2f24179b042dc93a vn="Variante von Win32/DownloadGuide.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\spybot-2.4_CB-DL-Manager.exe"
sh=968039F0A18559EBFD708FF9006E48552EC57416 ft=1 fh=65fff58717781a8d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\T Online Software - CHIP-Installer.exe"
sh=A4DA23AA2476A215E88671C71353BDF2917045BD ft=1 fh=17dc477ef32558a6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\VLC media player 32 Bit - CHIP-Installer.exe"
sh=16281647E4142852245C84C1D79F789EBD1DFE0B ft=1 fh=5865e39aac92b6c9 vn="Variante von Win32/WinloadSDA.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Oliver\Downloads\Windows-Movie-Maker-2012-Setup.exe"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Ashampoo_DE\ldrtbAsh0.dll"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Ashampoo_DE\ldrtbAsh2.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Ashampoo_DE\tbAsh0.dll"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Ashampoo_DE\tbAsh1.dll"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Ashampoo_DE\tbAsh2.dll"
sh=61A8D16A5586134040C587C83F285C978EC432E3 ft=1 fh=550beeaa64c08289 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\tbsoft.dll"
sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\Conduit\Community Alerts\Alert.dll"
sh=535083D61D58BC4975012BC060A7D06DC6012DDE ft=1 fh=0d7c9d1074a9eb70 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\ConduitEngine\ConduitEngine.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\DVDVideoSoftTB\ldrtbDVDV.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\DVDVideoSoftTB\tbDVDV.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\MyAshampoo\ldrtbMyA0.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\MyAshampoo\tbMyA0.dll"
sh=B4267CC9FBAA1133921BBF40835E07DAA481E025 ft=1 fh=39d86043333a1074 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\MyAshampoo\tbMyA1.dll"
sh=535083D61D58BC4975012BC060A7D06DC6012DDE ft=1 fh=0d7c9d1074a9eb70 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\MyAshampoo\tbMyAs.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\softonic-de3\ldrtbsof2.dll"
sh=B4267CC9FBAA1133921BBF40835E07DAA481E025 ft=1 fh=39d86043333a1074 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\softonic-de3\tbsof0.dll"
sh=DB1C8E852F46071B2163E77F88966B7951A2CE59 ft=1 fh=fcd24e9a58665dd2 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\softonic-de3\tbsof1.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\softonic-de3\tbsof2.dll"
sh=61A8D16A5586134040C587C83F285C978EC432E3 ft=1 fh=550beeaa64c08289 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Program Files\softonic-de3\tbsoft.dll"
sh=18A8B55C6CC3AA33FB809DF66BCCE9D5044ABDC8 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\ProgramData\{A37818CF-E0CC-4A13-B685-605AE2F01FD2}\iLividSetupV1.res"
sh=18A8B55C6CC3AA33FB809DF66BCCE9D5044ABDC8 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\All Users\Anwendungsdaten\{A37818CF-E0CC-4A13-B685-605AE2F01FD2}\iLividSetupV1.res"
sh=18A8B55C6CC3AA33FB809DF66BCCE9D5044ABDC8 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\All Users\Application Data\{A37818CF-E0CC-4A13-B685-605AE2F01FD2}\iLividSetupV1.res"
sh=18A8B55C6CC3AA33FB809DF66BCCE9D5044ABDC8 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\All Users\{A37818CF-E0CC-4A13-B685-605AE2F01FD2}\iLividSetupV1.res"
sh=61A8D16A5586134040C587C83F285C978EC432E3 ft=1 fh=550beeaa64c08289 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\AppData\Local\Temp\GLF52C5.tmp.tbsoft.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\AppData\LocalLow\DVDVideoSoftTB\ldrtbDVDV.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\AppData\LocalLow\DVDVideoSoftTB\tbDVDV.dll"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\AppData\LocalLow\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\AppData\LocalLow\MyAshampoo\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\AppData\LocalLow\softonic-de3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=26590FB2BCD90BDE7F3C89B7AE4B684B24F74CD2 ft=1 fh=f46f5e2b9517bece vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Desktop\softonic-Deutsch.exe"
sh=5DB98979ADD38D336948BF2F7C3F0E6522D57653 ft=1 fh=1705691294487aa4 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Documents\FreeYouTubeToMp3Converter36.exe"
sh=6263607BB180464D842C41133E5E924858DEE08A ft=1 fh=96e51c6b5d09d479 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Downloads\agsetup183se.exe"
sh=EAC09F47D553E51104873715F0AFA0EEA7581A3D ft=1 fh=b629d4a88e042e05 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Downloads\FreeAudioCDToMP3Converter.exe"
sh=360EC09373EE0D5AC1C3B9E8936C25210EBA18DD ft=1 fh=697d93dfd60539b8 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Downloads\FreeYouTubeToiPodConverter.exe"
sh=EFE18936F2B5E8A0B5C12EC91AABE61340D0E21F ft=1 fh=5b72a786647d35c4 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Downloads\FreeYouTubeToiPodConverter31014.exe"
sh=BEB2872C5EE9890C656B293C5EFBAD0220B4E538 ft=1 fh=3852d8d68dbe73c3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Downloads\FreeYouTubeToMP3Converter.exe"
sh=5DB98979ADD38D336948BF2F7C3F0E6522D57653 ft=1 fh=1705691294487aa4 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Eigene Dateien\FreeYouTubeToMp3Converter36.exe"
sh=61A8D16A5586134040C587C83F285C978EC432E3 ft=1 fh=550beeaa64c08289 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Oliver\Lokale Einstellungen\Temp\GLF52C5.tmp.tbsoft.dll"
sh=99B7227A5AA4CBE43507266FC2309D52398175A2 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\Installer\37c964f.msi"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\Oliver\AppData\LocalLow\softonic-de3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\DVDVideoSoftTB\ldrtbDVDV.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\DVDVideoSoftTB\tbDVDV.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\MyAshampoo\ldrtbMyA0.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\MyAshampoo\tbMyA0.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\softonic-de3\ldrtbsof2.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\softonic-de3\tbsof2.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Windows\System32\config\systemprofile\AppData\LocalLow\softonic-de3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Programme\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=A286C0831A97F92D5B02D4B93E86530036A8699D ft=1 fh=541a6d15877510a0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Programme\ashampoo_winoptimizer_6_6.60_7259.exe"
sh=5E75350DC93D7AA173A1621F10F8675B0DC33086 ft=1 fh=12b450aedb89d9a7 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Programme\FreeYouTubeToMp3Converter(2).exe"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Alter PC\Programme\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=A286C0831A97F92D5B02D4B93E86530036A8699D ft=1 fh=541a6d15877510a0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Alter PC\Programme\ashampoo_winoptimizer_6_6.60_7259.exe"
sh=5E75350DC93D7AA173A1621F10F8675B0DC33086 ft=1 fh=12b450aedb89d9a7 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Alter PC\Programme\FreeYouTubeToMp3Converter(2).exe"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Maxtor backup\OLIVER-PC\E\Programme\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=A286C0831A97F92D5B02D4B93E86530036A8699D ft=1 fh=541a6d15877510a0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Maxtor backup\OLIVER-PC\E\Programme\ashampoo_winoptimizer_6_6.60_7259.exe"
sh=5E75350DC93D7AA173A1621F10F8675B0DC33086 ft=1 fh=12b450aedb89d9a7 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Maxtor backup\OLIVER-PC\E\Programme\FreeYouTubeToMp3Converter(2).exe"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Maxtor backup\OLIVER-PC\I\Programme\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=A286C0831A97F92D5B02D4B93E86530036A8699D ft=1 fh=541a6d15877510a0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Maxtor backup\OLIVER-PC\I\Programme\ashampoo_winoptimizer_6_6.60_7259.exe"
sh=5E75350DC93D7AA173A1621F10F8675B0DC33086 ft=1 fh=12b450aedb89d9a7 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\Maxtor backup\OLIVER-PC\I\Programme\FreeYouTubeToMp3Converter(2).exe"
sh=F219226D194A0013DED6199DF18E90D6C19FA5D5 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-07-24 094900\Backup Files 2010-07-25 201733\Backup files 1.zip"
sh=DCA88337F1D3A263B781122544F19C279CF8DF36 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-07-24 094900\Backup Files 2010-08-01 190000\Backup files 1.zip"
sh=A0FA27964A139BACEDFA2062C8BF4AECFA7E6594 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-07-24 094900\Backup Files 2010-08-21 212327\Backup files 1.zip"
sh=E7A7BA4027F97C58E9433BF3AE94CADF7C213B7C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-08-22 190000\Backup Files 2010-08-22 190000\Backup files 1.zip"
sh=428745934B6E1D21CCFC2B885709FDD5778381B3 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-08-22 190000\Backup Files 2010-09-20 082458\Backup files 1.zip"
sh=88927F22C0141BEBF9CA424E4F3EB7D0626154BB ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-09-26 202645\Backup Files 2010-09-26 202645\Backup files 1.zip"
sh=3D5F960B5F9C82FC71789A3666008FDAB1C8E50B ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-11-01 082728\Backup Files 2010-11-01 082728\Backup files 1.zip"
sh=3CAC3696BA622632DAB8839012B642B02374F244 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2010-12-06 195443\Backup Files 2010-12-06 195443\Backup files 1.zip"
sh=8E2B1CABD54112E2977C264C8DFC4D0D40048522 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-01-09 190000\Backup Files 2011-01-09 190000\Backup files 1.zip"
sh=C5A301A2924700701DF8CEFABFAFAD5281D0C4F5 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-02-06 190000\Backup Files 2011-02-06 190000\Backup files 1.zip"
sh=76D434651A1206994C29D573F7521232C0945BA2 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-02-13 201758\Backup Files 2011-02-13 201758\Backup files 1.zip"
sh=19FD6FD424DB6315D50C9058A36E1B2D2B68405D ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-03-13 190000\Backup Files 2011-03-13 190000\Backup files 1.zip"
sh=28CE78C678BD37DCE8BCF9AF771FC62A685947AC ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-04-17 190000\Backup Files 2011-04-17 190000\Backup files 1.zip"
sh=7E567E38174B8FE31BD78CEF60AA924B9F2976D1 ft=0 fh=0000000000000000 vn="JS/TrojanDownloader.Iframe.NKE Trojaner" ac=I fn="H:\OLIVER-PC\Backup Set 2011-04-17 190000\Backup Files 2011-05-01 190000\Backup files 4.zip"
sh=D1C92EA8E8001AC8674F39899D582769028FD644 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-04-17 190000\Backup Files 2011-05-01 190000\Backup files 5.zip"
sh=3097DEF4C0CAEE79B60CDE1E0F7DBC1C47999679 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-05-08 205057\Backup Files 2011-05-08 205057\Backup files 1.zip"
sh=337AA5D13DB3A235D03C544E99A008E3056AA8C0 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-05-08 205057\Backup Files 2011-05-08 205057\Backup files 2.zip"
sh=18C7A37DFD6B96E38221A269D934F4FBDED361DD ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-06-27 144808\Backup Files 2011-06-27 144808\Backup files 1.zip"
sh=AA2A311E628925E698BA434F6BCF45611CF46A06 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-06-27 144808\Backup Files 2011-06-27 144808\Backup files 2.zip"
sh=A24444AE121CD0D7F41C71EEEF68DF1B5F64E9D0 ft=0 fh=0000000000000000 vn="JS/TrojanDownloader.Iframe.NKE Trojaner" ac=I fn="H:\OLIVER-PC\Backup Set 2011-06-27 144808\Backup Files 2011-07-31 190001\Backup files 2.zip"
sh=6D2031630D2BB83EA6556EFDA9B4B6480B2C951C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="H:\OLIVER-PC\Backup Set 2011-06-27 144808\Backup Files 2011-07-31 190001\Backup files 3.zip"
Code:
ATTFilter
 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
G Data InternetSecurity CBE   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 AntiBrowserSpy     
 Java 7 Update 71  
 Java version 32-bit out of Date! 
  Adobe Flash Player 	16.0.0.305 Flash Player out of Date!  
 Mozilla Firefox (37.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 G Data InternetSecurity Firewall GDFwSvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-05-2015
Ran by Oliver (administrator) on OLIVER-PC on 19-05-2015 20:47:22
Running from C:\Users\Oliver\Downloads
Loaded Profiles: Oliver (Available profiles: Oliver)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
() C:\Users\Oliver\AppData\LocalLow\ColorZillaStats\IE\ColorZillaStatsUpdater.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(J3S GmbH) C:\Program Files\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(OptionNV) C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Seagate Technology LLC) C:\Program Files\Maxtor\Sync\SyncServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
() C:\Users\Oliver\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2012-12-16] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2012-12-16] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\Run: [COMPUTER BILD Account-Alarm] => C:\Program Files\COMPUTER BILD Account-Alarm\COMPUTER BILD Account-Alarm.exe [2059264 2014-09-09] (J3S GmbH)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2012-12-16] (Microsoft Corporation) <==== ATTENTION 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2014-07-16] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-718057176-2926429940-2907879898-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-718057176-2926429940-2907879898-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-718057176-2926429940-2907879898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-718057176-2926429940-2907879898-1001 -> {762EBE14-9072-4023-AA94-CEFD06BF3C89} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-30] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Toolbar: HKU\S-1-5-21-718057176-2926429940-2907879898-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\qq5xyiez.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-15] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-11-30] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems)
FF SearchPlugin: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\qq5xyiez.default\searchplugins\google-images.xml [2014-12-07]
FF SearchPlugin: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\qq5xyiez.default\searchplugins\google-maps.xml [2014-12-07]
FF Extension: No Name - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-07-01]
FF Extension: Movie2kDownloader - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF Extension: Bitdefender QuickScan - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\qq5xyiez.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-14]
FF Extension: No Name - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\qq5xyiez.default\Extensions\cliqz@cliqz.com.xpi [2014-12-07]
FF HKU\S-1-5-21-718057176-2926429940-2907879898-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-08-03]

Chrome: 
=======
CHR Profile: C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [cgfambohdeocadlemmdceabhlgccijal] - C:\Users\Oliver\AppData\LocalLow\ColorZillaStats\CHROME\ColorZillaStats.crx [2012-06-18]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 ColorZillaStatsUpdater; C:\Users\Oliver\AppData\LocalLow\ColorZillaStats\IE\ColorZillaStatsUpdater.exe [18432 2012-06-18] () [File not signed]
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GtDetectSc; C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [545792 2009-05-04] (OptionNV) [File not signed]
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 Maxtor Sync Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [156976 2007-09-28] (Seagate Technology LLC)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-07-31] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-07-31] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [44544 2014-11-30] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [101504 2014-11-30] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [56832 2014-11-30] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [53248 2014-11-30] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [29528 2015-05-13] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [50176 2014-11-30] (G Data Software AG)
S3 HPFXBULKLEDM; C:\Windows\System32\drivers\hppcbulkio.sys [20504 2010-10-03] (Hewlett Packard)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvdo.sys [189392 2014-05-12] (Miray)
R3 MXOPSWD; C:\Windows\System32\DRIVERS\mxopswd.sys [22152 2007-05-03] (Maxtor Corp.)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2014-03-29] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [428088 2012-11-04] () [File not signed]
S3 swivsp; C:\Windows\System32\DRIVERS\swivspnt.sys [20352 2007-03-26] (Sierra Wireless Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Oliver\AppData\Local\Temp\catchme.sys [X]
U3 DfSdkS; No ImagePath
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S0 KL1; system32\DRIVERS\kl1.sys [X]
S1 kl2; system32\DRIVERS\kl2.sys [X]
S1 KLIF; system32\DRIVERS\klif.sys [X]
S1 KLIM6; system32\DRIVERS\klim6.sys [X]
S3 klmouflt; system32\DRIVERS\klmouflt.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S3 RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [X]
S3 UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 20:18 - 2015-05-19 20:18 - 00852630 _____ () C:\Users\Oliver\Downloads\SecurityCheck.exe
2015-05-18 22:41 - 2015-05-19 20:18 - 00000000 ____D () C:\Program Files\ESET
2015-05-18 22:40 - 2015-05-18 22:40 - 02347384 _____ (ESET) C:\Users\Oliver\Downloads\esetsmartinstaller_deu.exe
2015-05-17 15:23 - 2015-05-18 22:37 - 00001075 _____ () C:\Windows\setupact.log
2015-05-17 15:23 - 2015-05-17 15:23 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-17 15:18 - 2015-05-19 20:47 - 00000000 ____D () C:\Users\Oliver\Downloads\FRST-OlderVersion
2015-05-17 14:39 - 2015-05-17 14:39 - 00001917 _____ () C:\Users\Oliver\Desktop\JRT.txt
2015-05-17 14:38 - 2015-05-17 14:38 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OLIVER-PC-Windows-7-Home-Premium-(32-bit).dat
2015-05-17 14:38 - 2015-05-17 14:38 - 00000000 ____D () C:\RegBackup
2015-05-17 14:36 - 2015-05-16 02:11 - 02719698 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT_NEW.exe
2015-05-17 14:27 - 2015-05-17 14:27 - 00001868 _____ () C:\Users\Oliver\Desktop\MBAM 170515.txt
2015-05-17 14:25 - 2015-05-17 14:25 - 00001103 _____ () C:\Users\Oliver\Desktop\MBAM.txt
2015-05-16 10:54 - 2015-05-16 10:54 - 00018489 _____ () C:\Users\Oliver\Desktop\Combofix.txt
2015-05-16 10:23 - 2015-05-16 10:23 - 00018489 _____ () C:\ComboFix.txt
2015-05-16 09:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-16 09:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-16 09:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-16 09:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-16 09:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-16 09:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-16 09:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-16 09:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-16 09:33 - 2015-05-16 09:05 - 05623645 ____R (Swearware) C:\Users\Oliver\Desktop\ComboFix.exe
2015-05-16 09:27 - 2015-05-16 09:27 - 01574204 _____ () C:\Users\Oliver\Downloads\Charts for KPI Board.xlsx
2015-05-16 09:07 - 2015-05-16 10:23 - 00000000 ____D () C:\Qoobox
2015-05-16 09:06 - 2015-05-16 10:22 - 00000000 ____D () C:\Windows\erdnt
2015-05-16 09:05 - 2015-05-16 09:05 - 05623645 ____R (Swearware) C:\Users\Oliver\Downloads\ComboFix.exe
2015-05-16 08:15 - 2015-05-16 08:15 - 00151854 _____ () C:\Users\Oliver\Downloads\5S Walks Scorecard.xlsx
2015-05-16 08:15 - 2015-05-16 08:15 - 00034164 _____ () C:\Users\Oliver\Downloads\5S Punchlist.xlsx
2015-05-16 08:12 - 2015-05-16 08:12 - 01334865 _____ () C:\Users\Oliver\Downloads\WKW MBO Matrix Review 2015 Updated.xlsx
2015-05-16 07:48 - 2015-05-16 07:48 - 01389909 _____ () C:\Users\Oliver\Downloads\Rework daily Report by Vincent.xlsx
2015-05-16 07:48 - 2015-05-16 07:48 - 00604095 _____ () C:\Users\Oliver\Downloads\Scrap Management Tracker (3).xlsx
2015-05-16 07:39 - 2015-05-16 07:39 - 00080093 _____ () C:\Users\Oliver\Downloads\Summary 5-14(2).xlsx
2015-05-16 07:38 - 2015-05-16 07:38 - 00080093 _____ () C:\Users\Oliver\Downloads\Summary 5-14(1).xlsx
2015-05-16 07:37 - 2015-05-16 07:37 - 00080093 _____ () C:\Users\Oliver\Downloads\Summary 5-14.xlsx
2015-05-15 08:58 - 2015-05-15 08:58 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Oliver\Downloads\tdsskiller.exe
2015-05-14 17:53 - 2015-05-14 17:53 - 02721175 _____ (Thisisu) C:\Users\Oliver\Downloads\JRT.exe
2015-05-14 17:44 - 2015-05-17 14:30 - 00000000 ____D () C:\AdwCleaner
2015-05-14 17:43 - 2015-05-14 17:43 - 02209792 _____ () C:\Users\Oliver\Downloads\AdwCleaner_4.204.exe
2015-05-14 10:48 - 2015-05-14 10:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-14 10:47 - 2015-05-14 10:52 - 00000000 ____D () C:\Users\Oliver\Desktop\mbar
2015-05-14 10:47 - 2015-05-14 10:47 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Oliver\Downloads\mbar-1.09.1.1004.exe
2015-05-14 10:41 - 2015-05-14 10:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Oliver\Downloads\revosetup95.exe
2015-05-14 10:20 - 2015-05-19 20:47 - 00014666 _____ () C:\Users\Oliver\Downloads\FRST.txt
2015-05-14 10:17 - 2015-05-17 15:19 - 00025385 _____ () C:\Users\Oliver\Downloads\Addition.txt
2015-05-14 10:15 - 2015-05-15 10:18 - 00035870 _____ () C:\Users\Oliver\Downloads\FRST.txt.txt
2015-05-14 10:13 - 2015-05-19 20:47 - 00000000 ____D () C:\FRST
2015-05-14 10:13 - 2015-05-14 10:13 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-14 10:13 - 2015-05-14 10:13 - 00002029 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-14 10:10 - 2015-05-14 17:39 - 00000000 ____D () C:\Program Files\WinSysClean X5
2015-05-14 10:10 - 2015-05-14 10:10 - 00000946 _____ () C:\Users\Public\Desktop\WinSysClean X5.lnk
2015-05-14 10:10 - 2015-05-14 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Systems
2015-05-14 00:18 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 00:15 - 2015-05-14 00:16 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\QuickScan
2015-05-14 00:12 - 2015-05-14 00:12 - 50811104 _____ (Microsoft Corporation) C:\Users\Oliver\Downloads\Windows-KB890830-V5.24.exe
2015-05-14 00:09 - 2015-05-14 00:09 - 01203488 _____ () C:\Users\Oliver\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-05-14 00:03 - 2015-05-14 00:03 - 00079470 _____ () C:\Maleware.txt
2015-05-13 23:43 - 2015-05-13 23:43 - 50629792 _____ (Adobe Systems Incorporated) C:\Users\Oliver\Downloads\AcroRdrDC1500720033_de_DE.exe
2015-05-13 23:39 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 23:39 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 23:39 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 23:39 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 23:39 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 23:39 - 2015-04-04 05:10 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 23:39 - 2015-04-04 05:10 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 23:39 - 2015-04-04 05:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 23:39 - 2015-04-04 05:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 23:39 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 23:39 - 2015-04-04 05:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 23:39 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 23:39 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 23:39 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 23:38 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 23:38 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 23:38 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 23:38 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 23:38 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 23:38 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 23:38 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 23:38 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 23:38 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 23:38 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 23:38 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 23:38 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 23:38 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 23:38 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 23:38 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 23:38 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 23:38 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 23:38 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 23:38 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 23:38 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 23:38 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 23:38 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 23:38 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 23:38 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 23:38 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 23:38 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 23:38 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 23:38 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 23:38 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 23:38 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 23:38 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 23:38 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 23:38 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 23:33 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 23:33 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 23:33 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 23:28 - 2015-05-13 23:28 - 00015192 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-05-13 23:27 - 2015-05-13 23:27 - 00029528 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-05-13 23:25 - 2015-05-17 14:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 23:24 - 2015-05-14 10:47 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-13 23:24 - 2015-05-13 23:24 - 00387960 _____ () C:\Users\Oliver\Downloads\spybot-2.4_CB-DL-Manager.exe
2015-05-13 23:24 - 2015-05-13 23:24 - 00001080 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-13 23:24 - 2015-05-13 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-13 23:24 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-13 23:24 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-13 23:22 - 2015-05-13 23:23 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Oliver\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-03 12:14 - 2015-05-03 12:14 - 64660408 _____ (DVDVideoSoft Ltd. ) C:\Users\Oliver\Downloads\FreeStudio(1).exe
2015-05-03 12:08 - 2015-05-03 12:08 - 00001283 _____ () C:\Users\Oliver\Desktop\Free YouTube to MP3 Converter Installation fortsetzen.lnk
2015-05-03 11:53 - 2015-05-03 11:53 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-03 11:53 - 2015-05-03 11:53 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 20:47 - 2014-10-04 21:29 - 01146880 _____ (Farbar) C:\Users\Oliver\Downloads\FRST.exe
2015-05-19 18:37 - 2015-03-01 11:36 - 01660342 _____ () C:\Windows\WindowsUpdate.log
2015-05-19 17:44 - 2012-06-24 00:24 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-19 17:41 - 2009-07-14 06:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-19 17:41 - 2009-07-14 06:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-18 22:37 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-18 20:57 - 2012-06-24 11:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-17 15:22 - 2014-03-25 10:08 - 00000000 ____D () C:\Windows\Minidump
2015-05-16 10:23 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2015-05-16 10:23 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-16 10:21 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2015-05-16 09:46 - 2012-06-24 00:20 - 00000000 ____D () C:\Users\Oliver
2015-05-16 09:04 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-05-15 09:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-14 17:39 - 2013-05-25 18:42 - 00000000 ____D () C:\Users\Oliver\AppData\Local\CrashDumps
2015-05-14 11:16 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 10:45 - 2014-11-30 12:25 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Adobe
2015-05-14 10:45 - 2012-06-24 16:16 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Adobe
2015-05-14 10:41 - 2013-08-14 16:00 - 00001244 _____ () C:\Users\Oliver\Desktop\Revo Uninstaller.lnk
2015-05-14 10:13 - 2012-11-25 22:15 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-05-14 10:13 - 2012-11-25 22:15 - 00000000 ____D () C:\Program Files\Adobe
2015-05-14 10:12 - 2012-06-24 08:01 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-14 00:32 - 2014-12-21 14:39 - 03917872 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 00:30 - 2012-07-28 17:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 00:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-05-13 23:24 - 2014-11-30 11:35 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-05-13 22:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-13 22:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2015-05-13 22:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-13 09:02 - 2014-12-10 21:59 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-08 06:55 - 2015-03-27 10:51 - 270438553 _____ () C:\Windows\MEMORY.DMP
2015-05-04 15:59 - 2014-08-17 18:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-03 12:39 - 2012-10-28 19:49 - 00742912 ___SH () C:\Users\Oliver\Downloads\Thumbs.db
2015-05-03 12:16 - 2014-11-30 12:34 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\DVDVideoSoft
2015-05-03 12:16 - 2014-08-03 16:07 - 00001213 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-05-03 12:16 - 2014-08-03 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-05-03 12:16 - 2014-08-03 16:06 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2015-05-03 12:16 - 2013-06-30 12:35 - 00002316 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-05-03 12:15 - 2014-08-03 16:06 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-05-03 11:53 - 2015-02-15 14:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-03 11:37 - 2013-08-04 10:59 - 00000000 ____D () C:\Program Files\AntiBrowserSpy
2015-05-03 11:36 - 2015-02-15 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiBrowserSpy
2015-05-03 11:36 - 2012-06-24 08:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Abelssoft
2015-05-03 11:36 - 2012-06-24 00:29 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Mozilla
2015-04-30 10:07 - 2012-06-24 08:23 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2013-05-29 15:04 - 2013-06-16 14:30 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2012-01-05 18:39 - 2013-06-16 14:30 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2014-11-30 13:12 - 2014-11-30 13:12 - 0000000 _____ () C:\Users\Oliver\AppData\Roaming\gdfw.log
2014-11-30 13:12 - 2014-11-30 13:12 - 0000779 _____ () C:\Users\Oliver\AppData\Roaming\gdscan.log
2012-09-30 21:24 - 2012-10-28 15:08 - 0010752 _____ () C:\Users\Oliver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-08 09:40 - 2013-03-08 09:40 - 0000017 _____ () C:\Users\Oliver\AppData\Local\resmon.resmoncfg
2012-06-24 07:54 - 2012-06-24 07:54 - 0017408 _____ () C:\Users\Oliver\AppData\Local\WebpageIcons.db
2012-09-23 10:48 - 2012-09-23 10:48 - 0000045 _____ () C:\ProgramData\.SimImages
2014-03-29 11:01 - 2014-03-29 11:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Oliver\ashampoo_burning_studio_2013_11.0.6_12630.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-17 16:42

==================== End Of Log ============================
--- --- ---


Der PC macht keine Probleme.

Antwort

Themen zu DHL PDF im Spam Email geöffnet
adware, converter, defender, desktop, dhl email geöffnet, driver booster, email, entfernen, error, explorer, externes laufwerk, firefox, flash player, helper, iexplore.exe, installation, internet explorer, logfile, mp3, refresh, scan, security, software, spam, spam email, tcp, temp, udp, windows, wlan


« web.de Mailadresse verschickt Spam | Symantec-Meldung "NTOSKRNL.EXE", System bootet auch deutlich langsamer »


Ähnliche Themen: DHL PDF im Spam Email geöffnet


  1. Link in DHL EMail geöffnet
    Log-Analyse und Auswertung - 27.06.2015 (21)
  2. Win 8.1 - DHL Email - link geöffnet
    Log-Analyse und Auswertung - 30.05.2015 (12)
  3. DHL-Email-Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.03.2015 (23)
  4. Email (Spam) geöffnet und auch den Link
    Überwachung, Datenschutz und Spam - 03.08.2014 (3)
  5. Windows Vista Spam-Email Anhang geöffnet
    Log-Analyse und Auswertung - 23.07.2014 (11)
  6. Telekom Juni virus (Spam email link geöffnet)
    Log-Analyse und Auswertung - 23.06.2014 (9)
  7. email zip datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.05.2014 (9)
  8. Windows 8.1: Spam Email mit anhang geöffnet !
    Log-Analyse und Auswertung - 22.01.2014 (5)
  9. Anhang geöffnet Red-Tube-Spam-Abmahn-Email
    Log-Analyse und Auswertung - 19.12.2013 (13)
  10. Spam-Email-Anhang (Zip) geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (9)
  11. Spam Email mit Mahnung, Zip geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (9)
  12. Email-Anhang (ZIP) geöffnet
    Log-Analyse und Auswertung - 18.04.2013 (1)
  13. Groupon Email-Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 17.03.2013 (7)
  14. Email Rechnung Zip geöffnet und gespeichert
    Plagegeister aller Art und deren Bekämpfung - 15.03.2013 (8)
  15. Email Anhang geöffnet!
    Log-Analyse und Auswertung - 11.03.2013 (44)
  16. Email-Anhang (.zip Datei) geöffnet; Gefälschte Email über Mahngebühren
    Log-Analyse und Auswertung - 25.02.2013 (19)
  17. Phishing/Spam email geöffnet und angeklickt
    Überwachung, Datenschutz und Spam - 05.10.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema DHL PDF im Spam Email geöffnet - Code: Alles auswählen Aufklappen ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=6fae39a46a62344495a4980a5930ab87 # engine=23900 # end=stopped # remove_checked=false # - DHL PDF im Spam Email geöffnet...
Archiv
Du betrachtest: DHL PDF im Spam Email geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131