Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"

Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"


Plagegeister aller Art und deren Bekämpfung: Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.07.2015, 14:41   #1
Alfredoh
 
Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*" - Standard

Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"


Hallo Ihr Lieben,

heute morgen habe ich mit Schrecken gesehen, dass an sämtliche Kontakte in meinem Skype Account eine Nachricht verschickt wurde mit dem Inhalt "Hi! hxxp://goo.gl/*****". Die letzten Ziffern variieren dabei. Selbstverständlich habe ich den Link nicht angeklickt und auch sämtliche Kontakte gewarnt.
Die Nachrichten wurden verschickt, als mein Rechner aus war. (jedenfalls hat sonst niemand Zugang zum Rechner). Aber mein N900 war bei Skype eingeloggt, dort findet sich allerdings diese Nachricht nicht in den Chats.


Hier sind meine Logs:


defogger_disable.log:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:47 on 02/07/2015 (Alfredó)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST.txt:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Alfredó (administrator) on ALFREDO on 02-07-2015 12:23:31
Running from C:\Users\Alfredó\Desktop
Loaded Profiles: Alfredó (Available Profiles: Alfredó)
Platform: Windows 8.1 Pro N (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(PortableApps.com) D:\PortableApps\SkypePortable 2\SkypePortable.exe
(Skype Technologies S.A.) D:\PortableApps\SkypePortable 2\App\Skype\Phone\Skype.exe
(PortableApps.com) D:\PortableApps\ThunderbirdPortable\ThunderbirdPortable.exe
(Mozilla Corporation) D:\PortableApps\ThunderbirdPortable\App\Thunderbird\thunderbird.exe
(Dropbox, Inc.) C:\Users\Alfredó\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(PortableApps.com) D:\PortableApps\SumatraPDFPortable\SumatraPDFPortable.exe
(Krzysztof Kowalczyk) D:\PortableApps\SumatraPDFPortable\App\SumatraPDF\SumatraPDF.exe
() C:\Users\Alfredó\Desktop\HtmlÜbungen\SublimeText3\sublime_text.exe
() C:\Users\Alfredó\Desktop\HtmlÜbungen\SublimeText3\plugin_host.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Sysinternals - www.sysinternals.com) D:\PortableApps\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Alfredó\AppData\Local\Temp\procexp64.exe
(PortableApps.com) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\FirefoxPortable.exe
(Mozilla Corporation) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\App\Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\App\Firefox\plugin-container.exe
(Mozilla Corporation) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\App\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [*LABAL*] => [X]
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [Dropbox Update] => C:\Users\Alfredó\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_190_Plugin.exe -update plugin
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Policies\Explorer: [TaskbarNoThumbnail] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk [2015-01-10]
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-27] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B3FF0C7F-5BBE-44D5-BE3B-39FE4494DBB6}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alfredó\AppData\Roaming\Mozilla\Firefox\Profiles\sr4gw804.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-02] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-02] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-14] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3321035957-3161831317-2522146191-1002: vsee.com/VSeeDetection -> C:\Users\Alfredó\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2015-03-26] (VSee Lab)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-27] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-01-10] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-27] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-27] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-27] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-27] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-27] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
R3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 12:23 - 2015-07-02 12:23 - 00012876 _____ C:\Users\Alfredó\Desktop\FRST.txt
2015-07-02 12:22 - 2015-07-02 12:23 - 00000000 ____D C:\FRST
2015-07-02 11:49 - 2015-07-02 11:49 - 02112512 _____ (Farbar) C:\Users\Alfredó\Desktop\FRST64.exe
2015-07-02 11:47 - 2015-07-02 11:47 - 00000476 _____ C:\Users\Alfredó\Desktop\defogger_disable.log
2015-07-02 11:47 - 2015-07-02 11:47 - 00000000 _____ C:\Users\Alfredó\defogger_reenable
2015-07-02 11:45 - 2015-07-02 11:45 - 00050477 _____ C:\Users\Alfredó\Desktop\Defogger.exe
2015-07-01 16:00 - 2015-07-01 16:00 - 01247536 _____ (PortableApps.com) C:\Users\Alfredó\Downloads\GoogleChromePortable_43.0.2357.130_online.paf.exe
2015-06-30 02:02 - 2015-06-30 02:02 - 00000000 ____D C:\Users\Alfredó\Documents\OneNote Notebooks
2015-06-26 23:48 - 2015-06-26 23:48 - 00096379 _____ C:\Users\Alfredó\Downloads\Search-Replace-DB-master.zip
2015-06-26 23:48 - 2015-06-26 23:48 - 00000000 ____D C:\Users\Alfredó\Downloads\Search-Replace-DB-master
2015-06-25 00:56 - 2015-06-25 00:56 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-24 11:32 - 2015-06-24 11:32 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-24 11:32 - 2015-06-24 11:32 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-23 17:38 - 2015-07-02 11:43 - 00000942 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002UA.job
2015-06-23 17:38 - 2015-07-01 17:43 - 00000890 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002Core.job
2015-06-23 17:38 - 2015-06-23 17:38 - 00003892 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002UA
2015-06-23 17:38 - 2015-06-23 17:38 - 00003512 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002Core
2015-06-23 17:38 - 2015-06-23 17:38 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Dropbox
2015-06-23 17:38 - 2015-06-23 17:38 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-23 13:38 - 2015-06-23 13:38 - 00000448 __RSH C:\ProgramData\ntuser.pol
2015-06-23 12:21 - 2015-06-23 12:21 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\TeamViewer
2015-06-23 12:20 - 2015-06-23 12:21 - 09240080 _____ (PortableApps.com) C:\Users\Alfredó\Downloads\TeamViewerPortable_10.0.43879.paf.exe
2015-06-22 23:44 - 2015-06-22 23:44 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\SkypePM
2015-06-22 23:40 - 2015-06-23 16:38 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Thunderbird
2015-06-21 12:21 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-21 12:21 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-16 19:14 - 2015-06-16 19:15 - 19770752 _____ (Microsoft Corporation) C:\Users\Alfredó\Downloads\proofingtools_de-de-x86.exe
2015-06-16 19:10 - 2015-06-16 19:10 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-16 19:10 - 2015-06-16 19:10 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-06-16 19:09 - 2015-06-16 19:10 - 19998504 _____ (Microsoft Corporation) C:\Users\Alfredó\Downloads\proofingtools_de-de-x64.exe
2015-06-16 01:19 - 2015-06-16 01:19 - 00106323 _____ C:\Users\Alfredó\Downloads\l10n_update-7.x-2.0.zip
2015-06-14 19:01 - 2015-06-14 19:02 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\LiveReload
2015-06-14 19:01 - 2015-06-14 19:01 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LiveReload
2015-06-14 19:01 - 2015-06-14 19:01 - 00000000 ____D C:\Users\Alfredó\AppData\Local\LiveReload
2015-06-14 18:56 - 2015-06-14 19:10 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Deployment
2015-06-14 01:13 - 2015-06-14 01:13 - 00000000 ____D C:\Users\Alfredó\.gem
2015-06-14 01:09 - 2015-06-14 01:09 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.2-p95-x64
2015-06-14 01:09 - 2015-06-14 01:09 - 00000000 ____D C:\Ruby22-x64
2015-06-14 00:53 - 2015-06-14 00:54 - 00000000 ____D C:\Users\Alfredó\Downloads\rubygems-2.4.8
2015-06-10 11:54 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 11:54 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 11:54 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-10 11:54 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-10 11:54 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-10 11:54 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-10 11:54 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-10 11:54 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-10 11:54 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-10 11:54 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-10 11:54 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-10 11:54 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-10 11:53 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 11:53 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 11:53 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 11:53 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 11:53 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 11:53 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 11:53 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 11:53 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 11:53 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 11:53 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 11:53 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-10 11:53 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-10 11:53 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 11:53 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 11:53 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 11:53 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 11:53 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-10 11:53 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 11:53 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 11:53 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 11:53 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 11:53 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 11:53 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 11:53 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 11:53 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 11:53 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 11:53 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 11:53 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 11:53 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-10 11:53 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 11:53 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-10 11:53 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-10 11:53 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 11:53 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 11:53 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 11:53 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 11:53 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 11:53 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-10 11:53 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 11:53 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 11:53 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 11:53 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 11:53 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 11:53 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-10 11:53 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-10 11:53 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-10 11:53 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-10 11:53 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-10 11:53 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-10 11:53 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-10 11:53 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-10 11:53 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-10 11:53 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-10 11:53 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-10 11:53 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-10 11:53 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-10 11:53 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-10 11:53 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-10 11:53 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-10 11:53 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-10 11:53 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-03 17:31 - 2015-06-03 17:57 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\npm-cache
2015-06-03 17:31 - 2015-06-03 17:32 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\npm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 12:08 - 2015-01-10 07:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-02 11:47 - 2015-01-10 04:44 - 00000000 ____D C:\Users\Alfredó
2015-07-02 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-02 10:38 - 2015-01-10 04:39 - 01869947 _____ C:\Windows\WindowsUpdate.log
2015-07-02 10:18 - 2015-05-11 21:37 - 00039541 _____ C:\Windows\system32\lvcoinst.log
2015-07-02 03:14 - 2015-01-10 04:56 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3321035957-3161831317-2522146191-1002
2015-07-02 02:01 - 2015-01-10 01:54 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Mozilla
2015-07-02 01:59 - 2015-01-10 07:14 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-01 19:49 - 2015-01-10 06:16 - 00000000 __SHD C:\Users\Alfredó\AppData\Local\EmieUserList
2015-07-01 19:49 - 2015-01-10 06:16 - 00000000 __SHD C:\Users\Alfredó\AppData\Local\EmieSiteList
2015-06-29 15:56 - 2014-03-18 17:30 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-27 00:09 - 2015-01-10 05:05 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 00:56 - 2015-01-18 04:34 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Dropbox
2015-06-24 21:59 - 2015-01-10 05:06 - 00000773 _____ C:\Users\Alfredó\Desktop\New Text Document.txt
2015-06-24 11:32 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-23 17:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-23 13:48 - 2013-08-22 16:45 - 00018255 _____ C:\Windows\setupact.log
2015-06-23 13:48 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-23 13:48 - 2013-08-22 16:44 - 05142232 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-23 13:47 - 2015-04-18 01:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-23 13:47 - 2015-04-18 01:32 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-23 13:47 - 2014-03-18 10:19 - 00127498 _____ C:\Windows\PFRO.log
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-23 13:47 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-22 23:44 - 2015-01-11 22:00 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Skype
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-16 19:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-14 18:56 - 2015-01-12 04:14 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Apps\2.0
2015-06-14 01:14 - 2015-01-10 05:00 - 00000000 ____D C:\Users\Alfredó\Desktop\HtmlÜbungen
2015-06-10 12:06 - 2015-01-11 23:59 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 12:05 - 2015-01-11 23:59 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-01-15 02:28 - 2015-04-21 15:46 - 0000600 _____ () C:\Users\Alfredó\AppData\Local\PUTTY.RND
2015-05-14 23:21 - 2015-05-14 23:21 - 0007605 _____ () C:\Users\Alfredó\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Alfredó\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgnrh2d.dll
C:\Users\Alfredó\AppData\Local\Temp\procexp64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-01 12:00

==================== End of log ============================

Addition.txt:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Alfredó (administrator) on ALFREDO on 02-07-2015 12:23:31
Running from C:\Users\Alfredó\Desktop
Loaded Profiles: Alfredó (Available Profiles: Alfredó)
Platform: Windows 8.1 Pro N (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(PortableApps.com) D:\PortableApps\SkypePortable 2\SkypePortable.exe
(Skype Technologies S.A.) D:\PortableApps\SkypePortable 2\App\Skype\Phone\Skype.exe
(PortableApps.com) D:\PortableApps\ThunderbirdPortable\ThunderbirdPortable.exe
(Mozilla Corporation) D:\PortableApps\ThunderbirdPortable\App\Thunderbird\thunderbird.exe
(Dropbox, Inc.) C:\Users\Alfredó\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(PortableApps.com) D:\PortableApps\SumatraPDFPortable\SumatraPDFPortable.exe
(Krzysztof Kowalczyk) D:\PortableApps\SumatraPDFPortable\App\SumatraPDF\SumatraPDF.exe
() C:\Users\Alfredó\Desktop\HtmlÜbungen\SublimeText3\sublime_text.exe
() C:\Users\Alfredó\Desktop\HtmlÜbungen\SublimeText3\plugin_host.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Sysinternals - www.sysinternals.com) D:\PortableApps\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Alfredó\AppData\Local\Temp\procexp64.exe
(PortableApps.com) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\FirefoxPortable.exe
(Mozilla Corporation) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\App\Firefox\firefox.exe
(Mozilla Corporation) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\App\Firefox\plugin-container.exe
(Mozilla Corporation) C:\Users\Alfredó\Desktop\HtmlÜbungen\FirefoxPortableDeveloper\App\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [*LABAL*] => [X]
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Run: [Dropbox Update] => C:\Users\Alfredó\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_190_Plugin.exe -update plugin
HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\...\Policies\Explorer: [TaskbarNoThumbnail] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk [2015-01-10]
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-27] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3321035957-3161831317-2522146191-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B3FF0C7F-5BBE-44D5-BE3B-39FE4494DBB6}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alfredó\AppData\Roaming\Mozilla\Firefox\Profiles\sr4gw804.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-02] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-02] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-14] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3321035957-3161831317-2522146191-1002: vsee.com/VSeeDetection -> C:\Users\Alfredó\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2015-03-26] (VSee Lab)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-27] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-01-10] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-27] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-27] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-27] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-27] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-27] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
R3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 12:23 - 2015-07-02 12:23 - 00012876 _____ C:\Users\Alfredó\Desktop\FRST.txt
2015-07-02 12:22 - 2015-07-02 12:23 - 00000000 ____D C:\FRST
2015-07-02 11:49 - 2015-07-02 11:49 - 02112512 _____ (Farbar) C:\Users\Alfredó\Desktop\FRST64.exe
2015-07-02 11:47 - 2015-07-02 11:47 - 00000476 _____ C:\Users\Alfredó\Desktop\defogger_disable.log
2015-07-02 11:47 - 2015-07-02 11:47 - 00000000 _____ C:\Users\Alfredó\defogger_reenable
2015-07-02 11:45 - 2015-07-02 11:45 - 00050477 _____ C:\Users\Alfredó\Desktop\Defogger.exe
2015-07-01 16:00 - 2015-07-01 16:00 - 01247536 _____ (PortableApps.com) C:\Users\Alfredó\Downloads\GoogleChromePortable_43.0.2357.130_online.paf.exe
2015-06-30 02:02 - 2015-06-30 02:02 - 00000000 ____D C:\Users\Alfredó\Documents\OneNote Notebooks
2015-06-26 23:48 - 2015-06-26 23:48 - 00096379 _____ C:\Users\Alfredó\Downloads\Search-Replace-DB-master.zip
2015-06-26 23:48 - 2015-06-26 23:48 - 00000000 ____D C:\Users\Alfredó\Downloads\Search-Replace-DB-master
2015-06-25 00:56 - 2015-06-25 00:56 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-24 11:32 - 2015-06-24 11:32 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-24 11:32 - 2015-06-24 11:32 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-23 17:38 - 2015-07-02 11:43 - 00000942 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002UA.job
2015-06-23 17:38 - 2015-07-01 17:43 - 00000890 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002Core.job
2015-06-23 17:38 - 2015-06-23 17:38 - 00003892 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002UA
2015-06-23 17:38 - 2015-06-23 17:38 - 00003512 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3321035957-3161831317-2522146191-1002Core
2015-06-23 17:38 - 2015-06-23 17:38 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Dropbox
2015-06-23 17:38 - 2015-06-23 17:38 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-23 13:38 - 2015-06-23 13:38 - 00000448 __RSH C:\ProgramData\ntuser.pol
2015-06-23 12:21 - 2015-06-23 12:21 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\TeamViewer
2015-06-23 12:20 - 2015-06-23 12:21 - 09240080 _____ (PortableApps.com) C:\Users\Alfredó\Downloads\TeamViewerPortable_10.0.43879.paf.exe
2015-06-22 23:44 - 2015-06-22 23:44 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\SkypePM
2015-06-22 23:40 - 2015-06-23 16:38 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Thunderbird
2015-06-21 12:21 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-21 12:21 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-21 12:21 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-20 21:31 - 2015-06-20 21:31 - 212588673 _____ C:\Users\Alfredó\AppData\Local\ACCCx3_1_1_110.zip.aamdownload
2015-06-20 21:31 - 2015-06-20 21:31 - 00002489 _____ C:\Users\Alfredó\AppData\Local\ACCCx3_1_1_110.zip.aamdownload.aamd
2015-06-18 09:21 - 2015-06-18 13:30 - 00000268 _____ C:\Users\Alfredó\Desktop\Shabnam Amininejad
2015-06-16 19:14 - 2015-06-16 19:15 - 19770752 _____ (Microsoft Corporation) C:\Users\Alfredó\Downloads\proofingtools_de-de-x86.exe
2015-06-16 19:10 - 2015-06-16 19:10 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-16 19:10 - 2015-06-16 19:10 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-06-16 19:09 - 2015-06-16 19:10 - 19998504 _____ (Microsoft Corporation) C:\Users\Alfredó\Downloads\proofingtools_de-de-x64.exe
2015-06-16 01:19 - 2015-06-16 01:19 - 00106323 _____ C:\Users\Alfredó\Downloads\l10n_update-7.x-2.0.zip
2015-06-14 19:01 - 2015-06-14 19:02 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\LiveReload
2015-06-14 19:01 - 2015-06-14 19:01 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LiveReload
2015-06-14 19:01 - 2015-06-14 19:01 - 00000000 ____D C:\Users\Alfredó\AppData\Local\LiveReload
2015-06-14 18:56 - 2015-06-14 19:10 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Deployment
2015-06-14 01:13 - 2015-06-14 01:13 - 00000000 ____D C:\Users\Alfredó\.gem
2015-06-14 01:09 - 2015-06-14 01:09 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.2-p95-x64
2015-06-14 01:09 - 2015-06-14 01:09 - 00000000 ____D C:\Ruby22-x64
2015-06-14 00:53 - 2015-06-14 00:54 - 00000000 ____D C:\Users\Alfredó\Downloads\rubygems-2.4.8
2015-06-10 11:54 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 11:54 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 11:54 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-10 11:54 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-10 11:54 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-10 11:54 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-10 11:54 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-10 11:54 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-10 11:54 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-10 11:54 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-10 11:54 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-10 11:54 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-10 11:53 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 11:53 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 11:53 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 11:53 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 11:53 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 11:53 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 11:53 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 11:53 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 11:53 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 11:53 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 11:53 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-10 11:53 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-10 11:53 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 11:53 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 11:53 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 11:53 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 11:53 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-10 11:53 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 11:53 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 11:53 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 11:53 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 11:53 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 11:53 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 11:53 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 11:53 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 11:53 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 11:53 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 11:53 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 11:53 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-10 11:53 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 11:53 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-10 11:53 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-10 11:53 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 11:53 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 11:53 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 11:53 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 11:53 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 11:53 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-10 11:53 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 11:53 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 11:53 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 11:53 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 11:53 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 11:53 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-10 11:53 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-10 11:53 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-10 11:53 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-10 11:53 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-10 11:53 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-10 11:53 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-10 11:53 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-10 11:53 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-10 11:53 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-10 11:53 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-10 11:53 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-10 11:53 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-10 11:53 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-10 11:53 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-10 11:53 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-10 11:53 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-10 11:53 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-03 17:31 - 2015-06-03 17:57 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\npm-cache
2015-06-03 17:31 - 2015-06-03 17:32 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\npm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 12:08 - 2015-01-10 07:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-02 11:47 - 2015-01-10 04:44 - 00000000 ____D C:\Users\Alfredó
2015-07-02 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-02 10:38 - 2015-01-10 04:39 - 01869947 _____ C:\Windows\WindowsUpdate.log
2015-07-02 10:18 - 2015-05-11 21:37 - 00039541 _____ C:\Windows\system32\lvcoinst.log
2015-07-02 03:14 - 2015-01-10 04:56 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3321035957-3161831317-2522146191-1002
2015-07-02 02:01 - 2015-01-10 01:54 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Mozilla
2015-07-02 01:59 - 2015-01-10 07:14 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-01 19:49 - 2015-01-10 06:16 - 00000000 __SHD C:\Users\Alfredó\AppData\Local\EmieUserList
2015-07-01 19:49 - 2015-01-10 06:16 - 00000000 __SHD C:\Users\Alfredó\AppData\Local\EmieSiteList
2015-06-29 15:56 - 2014-03-18 17:30 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-27 00:09 - 2015-01-10 05:05 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 00:56 - 2015-01-18 04:34 - 00000000 ____D C:\Users\Alfredó\AppData\Roaming\Dropbox
2015-06-24 21:59 - 2015-01-10 05:06 - 00000773 _____ C:\Users\Alfredó\Desktop\New Text Document.txt
2015-06-24 11:32 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-23 17:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-23 13:48 - 2013-08-22 16:45 - 00018255 _____ C:\Windows\setupact.log
2015-06-23 13:48 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-23 13:48 - 2013-08-22 16:44 - 05142232 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-23 13:47 - 2015-04-18 01:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-23 13:47 - 2015-04-18 01:32 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-23 13:47 - 2014-03-18 10:19 - 00127498 _____ C:\Windows\PFRO.log
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-06-23 13:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-23 13:47 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-22 23:44 - 2015-01-11 22:00 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Skype
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-17 01:50 - 2015-01-10 04:59 - 00000000 ____D C:\Users\Alfredó\Desktop\For Shabnam
2015-06-16 19:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-14 18:56 - 2015-01-12 04:14 - 00000000 ____D C:\Users\Alfredó\AppData\Local\Apps\2.0
2015-06-14 01:14 - 2015-01-10 05:00 - 00000000 ____D C:\Users\Alfredó\Desktop\HtmlÜbungen
2015-06-10 12:06 - 2015-01-11 23:59 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 12:05 - 2015-01-11 23:59 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-06-20 21:31 - 2015-06-20 21:31 - 212588673 _____ () C:\Users\Alfredó\AppData\Local\ACCCx3_1_1_110.zip.aamdownload
2015-06-20 21:31 - 2015-06-20 21:31 - 0002489 _____ () C:\Users\Alfredó\AppData\Local\ACCCx3_1_1_110.zip.aamdownload.aamd
2015-01-15 02:28 - 2015-04-21 15:46 - 0000600 _____ () C:\Users\Alfredó\AppData\Local\PUTTY.RND
2015-05-14 23:21 - 2015-05-14 23:21 - 0007605 _____ () C:\Users\Alfredó\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Alfredó\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgnrh2d.dll
C:\Users\Alfredó\AppData\Local\Temp\procexp64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-01 12:00

==================== End of log ============================

gmer.log:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-02 12:48:28
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000034 Samsung_SSD_840_EVO_500GB rev.EXT0CB6Q 465.76GB
Running: 4ex2hb09.exe; Driver: C:\Users\ALFRED~1\AppData\Local\Temp\uwldrpob.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                  fffff96000202d00 15 bytes [00, A9, F3, 01, 80, 64, 6D, ...]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                             fffff96000202d10 11 bytes [00, 91, FC, FF, 00, BF, CA, ...]

---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePort      00007ffbcec21270 5 bytes JMP 00007ffc4ed50460
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtQueryObject               00007ffbcec212c0 1 byte JMP 00007ffc4ed50450
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtQueryObject + 2           00007ffbcec212c2 3 bytes {JMP 0xffffffff8012f190}
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess               00007ffbcec21420 5 bytes JMP 00007ffc4ed50370
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePortEx    00007ffbcec21470 5 bytes JMP 00007ffc4ed50470
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess          00007ffbcec21480 5 bytes JMP 00007ffc4ed503e0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection               00007ffbcec21530 5 bytes JMP 00007ffc4ed50320
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory        00007ffbcec21560 5 bytes JMP 00007ffc4ed503b0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtDuplicateObject           00007ffbcec21580 5 bytes JMP 00007ffc4ed50390
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEvent                 00007ffbcec215c0 5 bytes JMP 00007ffc4ed502e0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent               00007ffbcec21640 1 byte JMP 00007ffc4ed502d0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent + 2           00007ffbcec21642 3 bytes {JMP 0xffffffff8012ec90}
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection             00007ffbcec21660 5 bytes JMP 00007ffc4ed50310
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread              00007ffbcec216a0 5 bytes JMP 00007ffc4ed503c0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread           00007ffbcec216f0 5 bytes JMP 00007ffc4ed503f0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtAddBootEntry              00007ffbcec21850 5 bytes JMP 00007ffc4ed50230
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort   00007ffbcec21a40 5 bytes JMP 00007ffc4ed50480
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtAssignProcessToJobObject  00007ffbcec21a70 5 bytes JMP 00007ffc4ed503a0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEventPair           00007ffbcec21b90 5 bytes JMP 00007ffc4ed502f0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateIoCompletion        00007ffbcec21bb0 5 bytes JMP 00007ffc4ed50350
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant              00007ffbcec21c20 5 bytes JMP 00007ffc4ed50290
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore           00007ffbcec21cb0 5 bytes JMP 00007ffc4ed502b0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx            00007ffbcec21cd0 5 bytes JMP 00007ffc4ed503d0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateTimer               00007ffbcec21ce0 5 bytes JMP 00007ffc4ed50330
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtDebugActiveProcess        00007ffbcec21d90 5 bytes JMP 00007ffc4ed50410
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteBootEntry           00007ffbcec21dc0 5 bytes JMP 00007ffc4ed50240
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver                00007ffbcec220e0 5 bytes JMP 00007ffc4ed501e0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtModifyBootEntry           00007ffbcec221a0 5 bytes JMP 00007ffc4ed50250
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeKey           00007ffbcec221d0 5 bytes JMP 00007ffc4ed50490
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeMultipleKeys  00007ffbcec221e0 5 bytes JMP 00007ffc4ed504a0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEventPair             00007ffbcec22210 5 bytes JMP 00007ffc4ed50300
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenIoCompletion          00007ffbcec22220 5 bytes JMP 00007ffc4ed50360
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenMutant                00007ffbcec22280 5 bytes JMP 00007ffc4ed502a0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSemaphore             00007ffbcec222d0 5 bytes JMP 00007ffc4ed502c0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                00007ffbcec22300 5 bytes JMP 00007ffc4ed50380
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenTimer                 00007ffbcec22310 5 bytes JMP 00007ffc4ed50340
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThreadEx          00007ffbcec22620 5 bytes JMP 00007ffc4ed50440
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootEntryOrder         00007ffbcec22820 5 bytes JMP 00007ffc4ed50260
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootOptions            00007ffbcec22830 5 bytes JMP 00007ffc4ed50270
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread          00007ffbcec22850 5 bytes JMP 00007ffc4ed50400
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation      00007ffbcec22a30 5 bytes JMP 00007ffc4ed501f0
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemPowerState       00007ffbcec22a40 5 bytes JMP 00007ffc4ed50210
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem            00007ffbcec22ad0 5 bytes JMP 00007ffc4ed50200
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendProcess            00007ffbcec22b40 5 bytes JMP 00007ffc4ed50420
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendThread             00007ffbcec22b50 5 bytes JMP 00007ffc4ed50430
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl        00007ffbcec22b60 5 bytes JMP 00007ffc4ed50220
.text   C:\Windows\system32\AUDIODG.EXE[32764] C:\Windows\SYSTEM32\ntdll.dll!NtVdmControl                00007ffbcec22c70 5 bytes JMP 00007ffc4ed50280

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [544:568]                                                          fffff960009062d0
Thread  C:\Windows\system32\csrss.exe [544:572]                                                          fffff960009062d0

---- EOF - GMER 2.1 ----

 

Themen zu Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"
.dll, 500gb, administrator, adobe, adobe flash player, antivirus, askbar, asus, avast, browser, defender, explorer, flash player, gmer.log, helper, microsoft, mozilla, nvidia, registry, scan, services.exe, software, svchost.exe, system, temp, windows, windowsapps, winlogon.exe


« Sicheres Backup ! | DHL Virus oder Trojaner warscheinlich eingefangen »


Ähnliche Themen: Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt
    Plagegeister aller Art und deren Bekämpfung - 13.11.2014 (11)
  3. Skype Virus "Your skype does not support extended icons"
    Log-Analyse und Auswertung - 10.10.2014 (15)
  4. Windows 7: Spam-Mails von meinem Yahoo Account verschickt
    Log-Analyse und Auswertung - 28.04.2014 (7)
  5. E-Mail Account gehackt - unauthorisierte Mails von meinem Account werden verschickt
    Log-Analyse und Auswertung - 19.04.2014 (5)
  6. Unauthorisierte Mails von meinem Account werden verschickt
    Mülltonne - 13.04.2014 (1)
  7. "Skype" und "Minianwendungen" werden nicht mehr ausgeführt (Windows 7)
    Log-Analyse und Auswertung - 21.05.2013 (3)
  8. Avira Meldet "C:\WINDOWS\system32\Skype.scr\Skype.exe" und kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (11)
  9. Spammails werden von meinem Hotmail account verschickt
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (2)
  10. Trojaner verschickt Spam-Mails aus meinem yahoo-Account
    Plagegeister aller Art und deren Bekämpfung - 24.06.2012 (3)
  11. GMX Account verschickt Spam-Mails -- keine Listung unter "Gesendet"
    Plagegeister aller Art und deren Bekämpfung - 26.05.2012 (21)
  12. von meinem WEB.DE Account werden Spam-Mails verschickt
    Plagegeister aller Art und deren Bekämpfung - 16.02.2012 (23)
  13. unbekannte Mails werden von meinem web.de account verschickt
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (40)
  14. Spam-Mails mit meinem E-Mail-Account verschickt.
    Plagegeister aller Art und deren Bekämpfung - 20.12.2011 (17)
  15. Spam-Email von meinem Account verschickt
    Log-Analyse und Auswertung - 19.11.2011 (1)
  16. "Jemand" hat E-Mail mit meinem Absender an meine Kontakte verschickt
    Log-Analyse und Auswertung - 03.11.2011 (8)
  17. ICQ verschickt von meinem Account aus russische Nachrichten
    Log-Analyse und Auswertung - 14.03.2010 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*" - Hallo Ihr Lieben, heute morgen habe ich mit Schrecken gesehen, dass an sämtliche Kontakte in meinem Skype Account eine Nachricht verschickt wurde mit dem Inhalt "Hi! hxxp://goo.gl/*****". Die letzten Ziffern - Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*"...
Archiv
Du betrachtest: Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19