Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.08.2013, 21:39   #1
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Hallo,

Wir sind mit ihavenet.com Virus infiziert.
Wir haben im Internet gelesen, dass man es nur mit IT-Hilfe vom PC entfernen können.

Über unser PC:
Windows Vista Business, Service Pack 2, Inter Core Duo CPU, E7300, 2,66 GHz, 2 GB RAM, 32-BIT Operating System.

Kann uns jemand bitte helfen?

Vielen Dank und schönes Wochenende!
Valeria

Alt 24.08.2013, 22:26   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 24.08.2013, 23:03   #3
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Addition.txt:FRST Additions Logfile:
[CODE]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-08-2013 01
Ran by FUJI-PC at 2013-08-24 23:59:02
Running from C:\Users\FUJI-PC\Desktop\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advanced SystemCare 4 (Version: 4.2.0)
Advertising Center (Version: 0.0.0.1)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk DWF Viewer (Version: 6.5)
Avira Free Antivirus (Version: 13.0.0.3885)
CCleaner (Version: 4.03)
ClipGrab 3.2.1.0
D3DX10 (Version: 15.4.2368.0902)
DivX-Setup (Version: 2.6.1.44)
dm FOTO Paradies + CEWE FOTOBUCH (Version: 5.0.1)
EasyBits GO
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
Farming Simulator 2011 (Version: 1.0)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Google Video Player
HNS SPCea
HNSKY 2.3.0N
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2555)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 26 (Version: 6.0.260)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LG United Mobile Drivers (Version: 3.6.0.0)
Malwarebytes Anti-Malware 1.75.0.1300 verzió (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kísérő (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help-frissítés (KB963678)
Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)
Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help-frissítés (KB963665)
Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MOTORM4X (Version: 1.0.821.1)
Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
neroxml (Version: 1.0.0)
NexStar Observer List
Nokia Connectivity Cable Driver (Version: 7.1.101.0)
Nokia PC Suite (Version: 7.1.62.1)
OLYMPUS Digital Camera Updater (Version: 1.0.1)
Olympus ib (Version: 1.3.2207)
OLYMPUS Viewer 2 (Version: 1.1.1)
OpenAL
PC Connectivity Solution (Version: 12.0.76.0)
PDFCreator (Version: 1.7.0)
Realtek High Definition Audio Driver
RegCure Pro (Version: 3.1.6.0)
RescuePRO 3.5
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.3 (Version: 6.3.107)
swMSM (Version: 12.0.0.1)
SystemDiagnostics (Version: 2.01.0004)
Uninstall 1.0.0.1
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 9.0 ATL (x86) WinSXS MSM (Version: 9.0)
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.0.5 (Version: 1.0.5)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)


==================== Restore Points =========================

12-07-2013 13:01:39 Windows Update
14-07-2013 21:34:33 Installed LG United Mobile Drivers.
21-07-2013 08:59:05 Eltávolítva: AutoCAD 2007 - Magyar
06-08-2013 17:37:42 Windows Update
14-08-2013 14:49:00 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0A430ED2-218A-4391-AF4E-F7F3A80F9DBA} - System32\Tasks\SBWUpdateTask_Logon_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {13DF6A5E-DE96-4DF7-9F88-18C3EDD2D0EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {1C3C8F8C-FA3F-4375-90E3-F37E420E604A} - System32\Tasks\{875C5C39-9E6B-4421-BA43-AA3775BC6D08} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {27387C70-D7FB-4FC3-873A-05FDFCE0416F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated)
Task: {2BC608CA-C7DB-4129-8C18-0EBFF54BB5F8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E509CDE-6129-4AFD-B247-0CADCFDBD5C5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {40271557-01FC-46CE-BE01-5E223CCEB45E} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {586AEBE5-CC1C-42C7-A615-A17EB2E321C1} - System32\Tasks\HP Photo Creations HPIX DigiPont Messager => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe No File
Task: {5ABB2304-5D3F-4087-A934-CF2402557701} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {75AFF32E-D18B-4A33-B370-6680875E94FC} - System32\Tasks\Microsoft\Windows\RestartManager\{480C4FDE-8403-485c-8458-01A5E6FDA060} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {9C207FA1-7195-4D2C-9586-6B74DD9D80C4} - System32\Tasks\VRRIOXEI => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AA59AA4F-EB9E-4511-9449-39A316036422} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {B108F19D-30C3-448D-9622-48A688E29BC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {D6AC5649-6CF6-4477-9F3B-022FF74D8A12} - System32\Tasks\Microsoft\Windows\RestartManager\{44CAB43A-C2CA-4b9e-BFEF-C7931531D5C0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {DA2A2822-DB26-472F-88BE-CCB3F49F0344} - System32\Tasks\User_Feed_Synchronization-{1D9FA663-13B6-4F3B-B5F6-AB69105B23A0} => C:\Windows\system32\msfeedssync.exe [2011-04-07] (Microsoft Corporation)
Task: {DDD24667-5C12-4758-867D-0B63AC2C4247} - System32\Tasks\{FC29B661-6898-4222-840D-D2064925C6AB} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-08-17] (Mozilla Corporation)
Task: {DE3C1C63-4014-4BE9-83FC-FAC45AFC4203} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {EA8CF6AB-3D3D-45E9-856C-00E65405E244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {ED6AD033-6CE9-4D91-AC71-CC89A2149CF1} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - FUJI-PC => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {F0E872E3-EFC4-4C3C-855D-B96158AB32E9} - System32\Tasks\SBWUpdateTask_Time_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {FB5A5461-C602-48C7-8209-557730297EAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\VRRIOXEI.job => C:\Windows\system32\mprddmd.dll

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{B6736736-1C70-4860-9EEA-C617225A5B79}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/21/2013 02:37:50 PM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x7d0, application start time 0xDefaultTabSearch.exe0.

Error: (08/21/2013 02:31:59 PM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: b84
Start Time: 01ce9e649bdc6c92
Termination Time: 0

Error: (08/21/2013 11:54:09 AM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: d18
Start Time: 01ce9e53a4b224d8
Termination Time: 15

Error: (08/20/2013 09:09:20 PM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x2e4, application start time 0xDefaultTabSearch.exe0.

Error: (08/20/2013 00:08:14 PM) (Source: Application Hang) (User: )
Description: The program SpyHunter4.exe version 4.13.6.4253 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 12dc
Start Time: 01ce9d828ae4140b
Termination Time: 46

Error: (08/20/2013 10:10:09 AM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: cdc
Start Time: 01ce9d768719db4b
Termination Time: 506

Error: (08/19/2013 10:25:53 PM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: dd0
Start Time: 01ce9d154f3ebfbf
Termination Time: 15

Error: (08/19/2013 01:42:37 PM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: f00
Start Time: 01ce9cb3e5182781
Termination Time: 93

Error: (08/16/2013 01:43:10 PM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x420, application start time 0xDefaultTabSearch.exe0.

Error: (08/15/2013 01:11:53 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier2\security.cpp78800706e5


System errors:
=============
Error: (08/24/2013 10:07:21 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (08/24/2013 07:14:26 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/24/2013 01:08:00 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/23/2013 05:33:56 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/23/2013 11:49:58 AM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/23/2013 00:17:28 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (08/22/2013 10:37:59 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/22/2013 03:49:35 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/21/2013 10:45:14 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/21/2013 06:00:58 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (03/12/2012 00:35:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-07-02 19:51:23.955
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:51:23.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:51:23.471
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:51:23.237
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:51:23.003
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:51:22.754
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:35:38.327
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:35:37.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:35:37.601
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-02 19:35:37.224
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 1947.51 MB
Available physical RAM: 826.32 MB
Total Pagefile: 4142.04 MB
Available Pagefile: 2756.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.05 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:147.04 GB) (Free:58.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 7AB852FC)
Partition 1: (Not Active) - (Size=2 GB) - (Type=27)
Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS)

==================== End Of Log ============================










UND










FRST.txt:
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-08-2013 01
Ran by FUJI-PC (administrator) on 24-08-2013 23:56:29
Running from C:\Users\FUJI-PC\Desktop\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
() C:\Program Files\DefaultTab\DefaultTabSearch.exe
(EasyBits Software AS) C:\Windows\System32\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ib\olycamdetect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6266880 2008-07-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2008-06-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [x]
HKLM\...\Run: [Olympus ib] - C:\Program Files\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [MDS_Menu] - C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {3a17668a-ec65-11e2-8846-f708c7c1dbde} - D:\LGAutoRun.exe
MountPoints2: {68363262-f366-11df-801c-0019994c5cf7} - E:\SETUP.EXE
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk
ShortcutTarget: OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKCU - DefaultScope {CF169709-6B2E-4993-9022-1723556B7455} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=74195f760000000000000019994c5cf7&q={searchTerms}&r=181
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {090ACE48-8780-41FC-A074-3AA21E0F55E2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^AT&apn_uid=8CF788EA-9F7F-49DE-98E5-79F27595FD77&apn_sauid=77935F4C-30BD-4EE9-AE25-B3DD7FA0AD1E
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=74190019994C5CF7&affID=121562&tt=250613_gr5&tsp=4929
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKCU - {CF169709-6B2E-4993-9022-1723556B7455} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=74195f760000000000000019994c5cf7&q={searchTerms}&r=181
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Blekko Search Bar Helper Object - {BAE35237-8D73-44D0-905C-8A95EA1E7E69} - C:\Program Files\blekko\spamfreesearch\1.8.3.9\bh\spamfreesearch.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU -No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
ShellExecuteHooks:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default
FF Homepage: http://www.trojaner-board.de/140403-...ml#post1139821
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%0A%20if%20(%20%09url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20)%0A%09return%20'PROXY%20proxy.personalitycores.com%3A8000'%3B%0Areturn%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jZipWebSearch.xml
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DefaultTab) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.19_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\FUJI-PC\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\...\Chrome\Extension: [ofaekbahncacnjgelnfjcjoelcglkhkj] - C:\Program Files\blekko\spamfreesearch\1.8.3.9\spamfreesearch.crx

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [328536 2011-08-09] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [572928 2013-02-11] ()
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [165984 2008-06-05] (Intel Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S4 oxpar; C:\Windows\system32\drivers\oxpar.sys [80128 2007-01-24] (OEM)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-05] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [x]
S4 oxser; \SystemRoot\system32\drivers\oxser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 12:19 - 2013-08-21 12:21 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:25 - 2013-08-23 18:00 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\DriverCure
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\ProgramData\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\Common Files\ParetoLogic
2013-08-20 10:17 - 2013-08-20 12:38 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-16 01:04 - 2013-08-24 19:12 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-14 16:51 - 2013-07-25 04:40 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:51 - 2013-07-25 04:32 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:51 - 2013-07-25 04:30 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:51 - 2013-07-25 04:25 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:51 - 2013-07-25 04:24 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:51 - 2013-07-25 04:24 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:51 - 2013-07-25 04:22 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:51 - 2013-07-25 04:22 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:51 - 2013-07-25 04:22 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:57 - 2013-07-17 21:41 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:57 - 2013-07-10 11:47 - 00783360 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:57 - 2013-07-05 06:53 - 00905664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:57 - 2013-06-15 15:22 - 00015872 ____C (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 14:57 - 2013-06-15 13:23 - 00024064 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 14:56 - 2013-07-09 14:10 - 01205168 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:56 - 2013-07-08 06:55 - 03603904 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:56 - 2013-07-08 06:55 - 03551680 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:56 - 2013-07-08 06:20 - 00172544 ____C (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00992768 ____C (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00133120 ____C (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00098304 ____C (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-06 19:52 - 2013-08-14 17:07 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-04 22:53 - 2013-08-18 14:49 - 00000000 ____C C:\END

==================== One Month Modified Files and Folders =======

2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-24 23:52 - 2012-09-10 09:27 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-24 23:52 - 2012-07-30 20:05 - 00000288 ____C C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job
2013-08-24 23:52 - 2010-12-28 01:15 - 00001018 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-24 23:52 - 2010-12-28 01:14 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Skype
2013-08-24 23:52 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-24 23:52 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-24 22:09 - 2009-06-26 03:26 - 01675027 ____C C:\Windows\WindowsUpdate.log
2013-08-24 21:42 - 2013-03-14 22:30 - 00000936 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job
2013-08-24 21:42 - 2013-03-14 22:30 - 00000914 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job
2013-08-24 19:46 - 2006-11-02 13:18 - 00000000 __HDC C:\Windows\tracing
2013-08-24 19:20 - 2009-06-25 19:46 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK
2013-08-24 19:12 - 2013-08-16 01:04 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-24 19:12 - 2011-03-11 12:37 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-24 19:12 - 2010-12-28 01:15 - 00001014 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-24 19:12 - 2006-11-02 15:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-08-24 17:57 - 2006-11-02 15:01 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-24 10:52 - 2013-06-27 19:58 - 00000000 ___DC C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-08-24 10:52 - 2013-03-24 12:35 - 00000000 ___DC C:\ProgramData\boost_interprocess
2013-08-23 18:00 - 2013-08-20 10:25 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-23 12:38 - 2011-11-04 19:12 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\AUTO
2013-08-21 15:36 - 2010-12-28 01:15 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Google
2013-08-21 15:00 - 2010-12-27 21:07 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Mozilla
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 14:35 - 2013-01-09 17:24 - 00000000 ___DC C:\Program Files\A1
2013-08-21 12:21 - 2013-08-21 12:19 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-21 12:05 - 2012-08-16 10:26 - 00692104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 12:05 - 2011-06-25 10:45 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 12:38 - 2013-08-20 10:17 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\DriverCure
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\ProgramData\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\Common Files\ParetoLogic
2013-08-18 18:04 - 2012-07-05 15:20 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK\Pályázatok német területre
2013-08-18 14:54 - 2012-10-06 11:05 - 00000000 ___DC C:\Program Files\Common Files\DivX Shared
2013-08-18 14:54 - 2012-10-06 11:04 - 00000000 ___DC C:\Program Files\DivX
2013-08-18 14:54 - 2012-10-06 11:03 - 00000000 ___DC C:\ProgramData\DivX
2013-08-18 14:49 - 2013-08-04 22:53 - 00000000 ____C C:\END
2013-08-17 16:47 - 2013-03-09 16:42 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\ALBÉRLET_Ligetsor
2013-08-17 12:28 - 2011-01-02 18:56 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-16 14:18 - 2006-11-02 12:33 - 00797126 ____C C:\Windows\system32\PerfStringBackup.INI
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-15 20:25 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\Microsoft.NET
2013-08-14 18:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:07 - 2013-08-06 19:52 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-14 17:03 - 2006-11-02 12:24 - 75778376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 17:00 - 2008-04-30 11:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-04 23:38 - 2009-06-25 19:46 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Adobe
2013-07-25 04:40 - 2013-08-14 16:51 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-25 04:32 - 2013-08-14 16:51 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-25 04:30 - 2013-08-14 16:51 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-25 04:26 - 2013-08-14 16:51 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-25 04:26 - 2013-08-14 16:51 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-25 04:25 - 2013-08-14 16:51 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-25 04:24 - 2013-08-14 16:51 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-25 04:24 - 2013-08-14 16:51 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-25 04:23 - 2013-08-14 16:51 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-25 04:23 - 2013-08-14 16:51 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-25 04:23 - 2013-08-14 16:51 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-25 04:23 - 2013-08-14 16:51 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-25 04:23 - 2013-08-14 16:51 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-25 04:22 - 2013-08-14 16:51 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-25 04:22 - 2013-08-14 16:51 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-25 04:22 - 2013-08-14 16:51 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-24 19:20

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
__________________

Alt 25.08.2013, 10:23   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.08.2013, 14:35   #5
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2013
Ran by FUJI-PC (administrator) on 25-08-2013 12:43:37
Running from C:\Users\FUJI-PC\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
() C:\Program Files\DefaultTab\DefaultTabSearch.exe
(EasyBits Software AS) C:\Windows\System32\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ib\olycamdetect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6266880 2008-07-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2008-06-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [x]
HKLM\...\Run: [Olympus ib] - C:\Program Files\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [MDS_Menu] - C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {3a17668a-ec65-11e2-8846-f708c7c1dbde} - D:\LGAutoRun.exe
MountPoints2: {68363262-f366-11df-801c-0019994c5cf7} - E:\SETUP.EXE
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk
ShortcutTarget: OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKCU - DefaultScope {CF169709-6B2E-4993-9022-1723556B7455} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=74195f760000000000000019994c5cf7&q={searchTerms}&r=181
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {090ACE48-8780-41FC-A074-3AA21E0F55E2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^AT&apn_uid=8CF788EA-9F7F-49DE-98E5-79F27595FD77&apn_sauid=77935F4C-30BD-4EE9-AE25-B3DD7FA0AD1E
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=74190019994C5CF7&affID=121562&tt=250613_gr5&tsp=4929
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKCU - {CF169709-6B2E-4993-9022-1723556B7455} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=74195f760000000000000019994c5cf7&q={searchTerms}&r=181
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Blekko Search Bar Helper Object - {BAE35237-8D73-44D0-905C-8A95EA1E7E69} - C:\Program Files\blekko\spamfreesearch\1.8.3.9\bh\spamfreesearch.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU -No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
ShellExecuteHooks:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default
FF Homepage: http://www.trojaner-board.de/140403-...ml#post1139821
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%0A%20if%20(%20%09url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20)%0A%09return%20'PROXY%20proxy.personalitycores.com%3A8000'%3B%0Areturn%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jZipWebSearch.xml
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DefaultTab) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.19_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\FUJI-PC\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\...\Chrome\Extension: [ofaekbahncacnjgelnfjcjoelcglkhkj] - C:\Program Files\blekko\spamfreesearch\1.8.3.9\spamfreesearch.crx

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [328536 2011-08-09] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [572928 2013-02-11] ()
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [165984 2008-06-05] (Intel Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S4 oxpar; C:\Windows\system32\drivers\oxpar.sys [80128 2007-01-24] (OEM)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-05] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [x]
S4 oxser; \SystemRoot\system32\drivers\oxser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-25 12:20 - 2013-08-25 12:20 - 01070459 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 12:19 - 2013-08-21 12:21 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:25 - 2013-08-23 18:00 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\DriverCure
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\ProgramData\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\Common Files\ParetoLogic
2013-08-20 10:17 - 2013-08-20 12:38 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-16 01:04 - 2013-08-25 10:23 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-14 16:51 - 2013-07-25 04:40 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:51 - 2013-07-25 04:32 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:51 - 2013-07-25 04:30 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:51 - 2013-07-25 04:25 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:51 - 2013-07-25 04:24 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:51 - 2013-07-25 04:24 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:51 - 2013-07-25 04:22 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:51 - 2013-07-25 04:22 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:51 - 2013-07-25 04:22 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:57 - 2013-07-17 21:41 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:57 - 2013-07-10 11:47 - 00783360 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:57 - 2013-07-05 06:53 - 00905664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:57 - 2013-06-15 15:22 - 00015872 ____C (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 14:57 - 2013-06-15 13:23 - 00024064 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 14:56 - 2013-07-09 14:10 - 01205168 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:56 - 2013-07-08 06:55 - 03603904 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:56 - 2013-07-08 06:55 - 03551680 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:56 - 2013-07-08 06:20 - 00172544 ____C (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00992768 ____C (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00133120 ____C (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00098304 ____C (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-06 19:52 - 2013-08-14 17:07 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-04 22:53 - 2013-08-18 14:49 - 00000000 ____C C:\END

==================== One Month Modified Files and Folders =======

2013-08-25 12:42 - 2013-03-14 22:30 - 00000936 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job
2013-08-25 12:42 - 2010-12-28 01:15 - 00001018 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-25 12:42 - 2010-12-28 01:14 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Skype
2013-08-25 12:23 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 12:23 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 12:20 - 2013-08-25 12:20 - 01070459 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-25 12:20 - 2013-03-24 12:35 - 00000000 ___DC C:\ProgramData\boost_interprocess
2013-08-25 12:04 - 2012-09-10 09:27 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 12:00 - 2012-07-30 20:05 - 00000288 ____C C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job
2013-08-25 11:26 - 2006-11-02 13:18 - 00000000 __HDC C:\Windows\tracing
2013-08-25 10:41 - 2010-12-28 01:15 - 00001014 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-25 10:31 - 2009-06-26 03:26 - 01686593 ____C C:\Windows\WindowsUpdate.log
2013-08-25 10:23 - 2013-08-16 01:04 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-25 10:23 - 2011-03-11 12:37 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-25 10:23 - 2006-11-02 15:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-08-25 00:23 - 2006-11-02 15:01 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-24 21:42 - 2013-03-14 22:30 - 00000914 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job
2013-08-24 19:20 - 2009-06-25 19:46 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK
2013-08-24 10:52 - 2013-06-27 19:58 - 00000000 ___DC C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-08-23 18:00 - 2013-08-20 10:25 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-23 12:38 - 2011-11-04 19:12 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\AUTO
2013-08-21 15:36 - 2010-12-28 01:15 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Google
2013-08-21 15:00 - 2010-12-27 21:07 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Mozilla
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 14:35 - 2013-01-09 17:24 - 00000000 ___DC C:\Program Files\A1
2013-08-21 12:21 - 2013-08-21 12:19 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-21 12:05 - 2012-08-16 10:26 - 00692104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 12:05 - 2011-06-25 10:45 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 12:38 - 2013-08-20 10:17 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\DriverCure
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\ProgramData\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\ParetoLogic
2013-08-20 10:24 - 2013-08-20 10:24 - 00000000 ___DC C:\Program Files\Common Files\ParetoLogic
2013-08-18 18:04 - 2012-07-05 15:20 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK\Pályázatok német területre
2013-08-18 14:54 - 2012-10-06 11:05 - 00000000 ___DC C:\Program Files\Common Files\DivX Shared
2013-08-18 14:54 - 2012-10-06 11:04 - 00000000 ___DC C:\Program Files\DivX
2013-08-18 14:54 - 2012-10-06 11:03 - 00000000 ___DC C:\ProgramData\DivX
2013-08-18 14:49 - 2013-08-04 22:53 - 00000000 ____C C:\END
2013-08-17 16:47 - 2013-03-09 16:42 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\ALBÉRLET_Ligetsor
2013-08-17 12:28 - 2011-01-02 18:56 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-16 14:18 - 2006-11-02 12:33 - 00797126 ____C C:\Windows\system32\PerfStringBackup.INI
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-15 20:25 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\Microsoft.NET
2013-08-14 18:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:07 - 2013-08-06 19:52 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-14 17:03 - 2006-11-02 12:24 - 75778376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 17:00 - 2008-04-30 11:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-04 23:38 - 2009-06-25 19:46 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Adobe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-25 10:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-08-2013
Ran by FUJI-PC at 2013-08-25 12:44:13
Running from C:\Users\FUJI-PC\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advanced SystemCare 4 (Version: 4.2.0)
Advertising Center (Version: 0.0.0.1)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk DWF Viewer (Version: 6.5)
Avira Free Antivirus (Version: 13.0.0.3885)
CCleaner (Version: 4.03)
ClipGrab 3.2.1.0
D3DX10 (Version: 15.4.2368.0902)
DivX-Setup (Version: 2.6.1.44)
dm FOTO Paradies + CEWE FOTOBUCH (Version: 5.0.1)
EasyBits GO
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
Farming Simulator 2011 (Version: 1.0)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Google Video Player
HNS SPCea
HNSKY 2.3.0N
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2555)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 26 (Version: 6.0.260)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LG United Mobile Drivers (Version: 3.6.0.0)
Malwarebytes Anti-Malware 1.75.0.1300 verzió (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kísérő (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help-frissítés (KB963678)
Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)
Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help-frissítés (KB963665)
Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MOTORM4X (Version: 1.0.821.1)
Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
neroxml (Version: 1.0.0)
NexStar Observer List
Nokia Connectivity Cable Driver (Version: 7.1.101.0)
Nokia PC Suite (Version: 7.1.62.1)
OLYMPUS Digital Camera Updater (Version: 1.0.1)
Olympus ib (Version: 1.3.2207)
OLYMPUS Viewer 2 (Version: 1.1.1)
OpenAL
PC Connectivity Solution (Version: 12.0.76.0)
PDFCreator (Version: 1.7.0)
Realtek High Definition Audio Driver
RegCure Pro (Version: 3.1.6.0)
RescuePRO 3.5
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.3 (Version: 6.3.107)
swMSM (Version: 12.0.0.1)
SystemDiagnostics (Version: 2.01.0004)
Uninstall 1.0.0.1
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 9.0 ATL (x86) WinSXS MSM (Version: 9.0)
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.0.5 (Version: 1.0.5)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 

==================== Restore Points  =========================

12-07-2013 13:01:39 Windows Update
14-07-2013 21:34:33 Installed LG United Mobile Drivers.
21-07-2013 08:59:05 Eltávolítva: AutoCAD 2007 - Magyar
06-08-2013 17:37:42 Windows Update
14-08-2013 14:49:00 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0A430ED2-218A-4391-AF4E-F7F3A80F9DBA} - System32\Tasks\SBWUpdateTask_Logon_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {13DF6A5E-DE96-4DF7-9F88-18C3EDD2D0EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {1C3C8F8C-FA3F-4375-90E3-F37E420E604A} - System32\Tasks\{875C5C39-9E6B-4421-BA43-AA3775BC6D08} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {27387C70-D7FB-4FC3-873A-05FDFCE0416F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated)
Task: {2BC608CA-C7DB-4129-8C18-0EBFF54BB5F8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E509CDE-6129-4AFD-B247-0CADCFDBD5C5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {40271557-01FC-46CE-BE01-5E223CCEB45E} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {586AEBE5-CC1C-42C7-A615-A17EB2E321C1} - System32\Tasks\HP Photo Creations HPIX DigiPont Messager => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe No File
Task: {5ABB2304-5D3F-4087-A934-CF2402557701} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {64E1D43E-FE4B-4B6B-9DE2-5AE7A139581B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - FUJI-PC => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {75AFF32E-D18B-4A33-B370-6680875E94FC} - System32\Tasks\Microsoft\Windows\RestartManager\{480C4FDE-8403-485c-8458-01A5E6FDA060} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {9C207FA1-7195-4D2C-9586-6B74DD9D80C4} - System32\Tasks\VRRIOXEI => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AA59AA4F-EB9E-4511-9449-39A316036422} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {B108F19D-30C3-448D-9622-48A688E29BC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {D6AC5649-6CF6-4477-9F3B-022FF74D8A12} - System32\Tasks\Microsoft\Windows\RestartManager\{44CAB43A-C2CA-4b9e-BFEF-C7931531D5C0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {DA2A2822-DB26-472F-88BE-CCB3F49F0344} - System32\Tasks\User_Feed_Synchronization-{1D9FA663-13B6-4F3B-B5F6-AB69105B23A0} => C:\Windows\system32\msfeedssync.exe [2011-04-07] (Microsoft Corporation)
Task: {DDD24667-5C12-4758-867D-0B63AC2C4247} - System32\Tasks\{FC29B661-6898-4222-840D-D2064925C6AB} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-08-17] (Mozilla Corporation)
Task: {DE3C1C63-4014-4BE9-83FC-FAC45AFC4203} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {EA8CF6AB-3D3D-45E9-856C-00E65405E244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {F0E872E3-EFC4-4C3C-855D-B96158AB32E9} - System32\Tasks\SBWUpdateTask_Time_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {FB5A5461-C602-48C7-8209-557730297EAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\VRRIOXEI.job => C:\Windows\system32\mprddmd.dll

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{B6736736-1C70-4860-9EEA-C617225A5B79}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/21/2013 02:37:50 PM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x7d0, application start time 0xDefaultTabSearch.exe0.

Error: (08/21/2013 02:31:59 PM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: b84
Start Time: 01ce9e649bdc6c92
Termination Time: 0

Error: (08/21/2013 11:54:09 AM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: d18
Start Time: 01ce9e53a4b224d8
Termination Time: 15

Error: (08/20/2013 09:09:20 PM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x2e4, application start time 0xDefaultTabSearch.exe0.

Error: (08/20/2013 00:08:14 PM) (Source: Application Hang) (User: )
Description: The program SpyHunter4.exe version 4.13.6.4253 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 12dc
Start Time: 01ce9d828ae4140b
Termination Time: 46

Error: (08/20/2013 10:10:09 AM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: cdc
Start Time: 01ce9d768719db4b
Termination Time: 506

Error: (08/19/2013 10:25:53 PM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: dd0
Start Time: 01ce9d154f3ebfbf
Termination Time: 15

Error: (08/19/2013 01:42:37 PM) (Source: Application Hang) (User: )
Description: The program A1Diagnose.exe version 4.4.1.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: f00
Start Time: 01ce9cb3e5182781
Termination Time: 93

Error: (08/16/2013 01:43:10 PM) (Source: Application Error) (User: )
Description: Faulting application DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, faulting module DefaultTabSearch.exe, version 0.0.0.0, time stamp 0x511246e7, exception code 0xc0000005, fault offset 0x00002c60,
process id 0x420, application start time 0xDefaultTabSearch.exe0.

Error: (08/15/2013 01:11:53 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier2\security.cpp78800706e5


System errors:
=============
Error: (08/25/2013 10:25:37 AM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/24/2013 10:07:21 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (08/24/2013 07:14:26 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/24/2013 01:08:00 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/23/2013 05:33:56 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/23/2013 11:49:58 AM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/23/2013 00:17:28 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (08/22/2013 10:37:59 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/22/2013 03:49:35 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc

Error: (08/21/2013 10:45:14 PM) (Source: Service Control Manager) (User: )
Description: MSCamSvc


Microsoft Office Sessions:
=========================
Error: (03/12/2012 00:35:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-07-02 19:51:23.955
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:22.754
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:38.327
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 1947.51 MB
Available physical RAM: 917.86 MB
Total Pagefile: 4140.04 MB
Available Pagefile: 2543.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.12 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:147.04 GB) (Free:58.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 7AB852FC)
Partition 1: (Not Active) - (Size=2 GB) - (Type=27)
Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Adatbázis verzió: v2013.08.25.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
FUJI-PC :: FUJITSU [rendszergazda]

2013.08.25. 13:24:24
mbam-log-2013-08-25 (13-24-24).txt

Vizsgálat típusa: Gyorsvizsgálat
Engedélyezett vizsgálati beállítások: Memória | Indítópult | Rendszerleíró | Rendszerfájlok | Heurisztikus/Extra | Heurisztikus/Shuriken | PUP | PUM
Letiltott vizsgálati beállítások: P2P
Átvizsgált objektumok: 213812
Eltelt idő: 11 perc, 13 másodperc

Fertőzött memóriafolyamatok: 1
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> 1980 -> Törlés újraindításkor.

Fertőzött memória modulok: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> A karanténba helyezés, és a törlés sikerült.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab) -> A karanténba helyezés, és a törlés sikerült.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> A karanténba helyezés, és a törlés sikerült.

Fertőzött Rendszerleíró értékek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró adatelemek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák: 6
C:\Program Files\DefaultTab (PUP.Optional.DefaultTab) -> Törlés újraindításkor.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\B16C9B82D4D144B98297347301DCBE79 (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\C0DC16DAC6184D619E5C8FEA1E129085 (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\FE04C8FF2E3B4C9EBC7EB8EF3E7D4A3F (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\OpenCandy_FE04C8FF2E3B4C9EBC7EB8EF3E7D4A3F (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.

Fertőzött fájlok: 8
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\B16C9B82D4D144B98297347301DCBE79\DeltaTB.exe (PUP.Optional.Babylon.A) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\KastorTubeToMp3\setup_YoutubeToMp3.exe (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\Downloads\pictomio.exe (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Program Files\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab) -> A karanténba helyezés, és a törlés sikerült.
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> Törlés újraindításkor.
C:\Program Files\DefaultTab\uid (PUP.Optional.DefaultTab) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\C0DC16DAC6184D619E5C8FEA1E129085\version51030bc4470a0.exe (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.
C:\Users\FUJI-PC\AppData\Roaming\OpenCandy\FE04C8FF2E3B4C9EBC7EB8EF3E7D4A3F\version51030bc4470a0.exe (PUP.Optional.OpenCandy) -> A karanténba helyezés, és a törlés sikerült.

(befejezés)
         
Code:
ATTFilter
# AdwCleaner v3.001 - Report created 25/08/2013 at 15:13:01
# Updated 24/08/2013 by Xplode
# Operating System : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Username : FUJI-PC - FUJITSU
# Running from : C:\Users\FUJI-PC\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Program Files\registry mechanic
Folder Deleted : C:\Program Files\Common Files\ParetoLogic
Folder Deleted : C:\Users\FUJI-PC\AppData\Local\Conduit
Folder Deleted : C:\Users\FUJI-PC\AppData\Local\PackageAware
Folder Deleted : C:\Users\FUJI-PC\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\FUJI-PC\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\FUJI-PC\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\FUJI-PC\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Conduit
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\ConduitCommon
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\ConduitEngine
Folder Deleted : C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\jetpack
Folder Deleted : C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
File Deleted : C:\END
File Deleted : C:\Windows\system32\conduitEngine.tmp
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\jZipWebSearch.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ofaekbahncacnjgelnfjcjoelcglkhkj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\esrv.spamfreesearchESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.spamfreesearchESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.spamfreesearchappCore
Key Deleted : HKLM\SOFTWARE\Classes\spamfreesearch.spamfreesearchappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED90EC38-E71B-4C05-8FC1-DE46D5E692F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{441DDAAE-EE81-4DFF-B523-11D1A9134C3E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{709CA6FC-5747-4C3C-A4B0-064AC86415ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2C8A5A6-1DFC-4ED1-A4DC-90EEC596AADC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6026FA7-B9E5-4265-B22E-8EC40169C83D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA93826B-8DCE-40C3-9E31-07E449C0A979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED90EC38-E71B-4C05-8FC1-DE46D5E692F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4729755-E1F9-48E4-BD9F-5B4D0202C16A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\blekko
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\blekko
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Mozilla Firefox v23.0.1 (hu)

[ File : C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\prefs.js ]

Line Deleted : user_pref("CT2537338_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1364122783139,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=74195f760000000000000019994c5cf7&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "30");
Line Deleted : user_pref("extensions.delta.cntry", "AT");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "CBD89E36993EEDF625F77331DA4E4C67");
Line Deleted : user_pref("extensions.delta.id", "74195f760000000000000019994c5cf7");
Line Deleted : user_pref("extensions.delta.instlDay", "15886");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.21.515:02:49");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.515:02:49");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121562&tt=250613_gr5&tsp=4929");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.smarterwiki.search_surfcanyon", false);
Line Deleted : user_pref("extensions.softonic_i.aflt", "SD");
Line Deleted : user_pref("extensions.softonic_i.dfltLng", "de");
Line Deleted : user_pref("extensions.softonic_i.excTlbr", false);
Line Deleted : user_pref("extensions.softonic_i.hmpg", true);
Line Deleted : user_pref("extensions.softonic_i.hmpgUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.softonic_i.id", "74195f76000000000000000000000000");
Line Deleted : user_pref("extensions.softonic_i.instlDay", "15393");
Line Deleted : user_pref("extensions.softonic_i.instlRef", "MON00015");
Line Deleted : user_pref("extensions.softonic_i.newTab", true);
Line Deleted : user_pref("extensions.softonic_i.newTabUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.softonic_i.prdct", "softonic");
Line Deleted : user_pref("extensions.softonic_i.prtnrId", "softonic");
Line Deleted : user_pref("extensions.softonic_i.smplGrp", "eng7");
Line Deleted : user_pref("extensions.softonic_i.tlbrId", "de12JANdefault");
Line Deleted : user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
Line Deleted : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.519:16:34");
Line Deleted : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
Line Deleted : user_pref("extensions.spamfreesearch.hmpgUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=74195f760000000000000019994c5cf7");
Line Deleted : user_pref("extensions.spamfreesearch.keyWordUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=74195f760000000000000019994c5cf7&q=");
Line Deleted : user_pref("extensions.spamfreesearch.prtnrId", "blekko");
Line Deleted : user_pref("extensions.spamfreesearch.srchPrvdr", "blekko");
Line Deleted : user_pref("extensions.spamfreesearch.tlbrSrchUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=main&u=74195f760000000000000019994c5cf7&q=");
Line Deleted : user_pref("extensions.wajam.affiliate_id", "5921");
Line Deleted : user_pref("extensions.wajam.firstrun", "false");
Line Deleted : user_pref("extensions.wajam.log_send_info", "false");
Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]
Line Deleted : user_pref("extensions.wajam.no_trace", "false");
Line Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Line Deleted : user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam'[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Line Deleted : user_pref("extensions.wajam.trace_log", "1372613597613 - onFlagInfoReceived - Unique ID saved\n");
Line Deleted : user_pref("extensions.wajam.unique_id", "ECE9AF45F37B7263B78518A4F3CFE963");
Line Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Deleted : user_pref("extensions.wajam.version", "1.26");
Line Deleted : user_pref("extensions.wajam.website_version", "1.00273.0");
Line Deleted : user_pref("searchreset.backup.browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=74190019994C5CF7&affID=121562&tt=250613_gr5&tsp=4929");
Line Deleted : user_pref("smartbar.machineId", "WKAGBSDEM3WS5LK4LFKR/FEWMPOY2Y9SKUAUR1/CWIMOMPMAASHA/+PSEHWI5TBYUR0MNVL7BOL7E9LBIWTHDA");

-\\ Google Chrome v

[ File : C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14621 octets] - [25/08/2013 15:11:41]
AdwCleaner[S0].txt - [14943 octets] - [25/08/2013 15:13:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15004 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows Vista (TM) Business x86
Ran by FUJI-PC on 2013.08.25. at 15:24:37,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\uniblue
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2247187
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2269050
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2537338
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{090ACE48-8780-41FC-A074-3AA21E0F55E2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF169709-6B2E-4993-9022-1723556B7455}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{0788BEC6-36C8-40FB-9645-1570ABB0D330}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{08F672C8-33FA-4034-B45B-C5390245C76F}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{0944E969-60F2-4392-A159-6575548DA21D}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{0AE3CA79-A0E7-451C-BCA6-F72641F21A06}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{1A77FDAF-8625-4B47-AF83-905A4000E1E5}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{4186B042-4B40-48B7-A982-454BB6F4D868}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{43282C57-1094-44F1-AF86-FF6DF8980886}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{44AF3106-F568-4927-88CC-375855E30B78}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{45235943-E9D8-43A8-B8A7-BC3A42DF2AC1}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{47334425-D3BF-4225-9AE8-E50C58FC2C7A}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{4785F271-F4B3-4056-A18B-EC2E06878A74}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{4D8C5D1B-B91D-4B55-BF43-18E059A615AC}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{50B3EC77-9B41-4DCF-8915-90BE48E793FE}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{55D95179-3998-4DE5-A02F-168726939512}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{5E38EA80-9BBD-4877-AC54-AC5307F56437}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{653F3D52-26C8-45F5-8B1E-C2C2060A5D11}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{6C1034E7-5D32-427B-A7E9-2FED0435AB12}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{6D1CA197-9B49-4E18-ABE8-3F61530EF17E}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{6D6F4E08-0899-4C36-B512-9A4EF6AA6E16}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{6E48FD68-449C-4FD7-BE65-936FF69A4C91}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{715CDFD9-EED1-4E64-8AC9-1DF6251EE6F5}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{71D5A9D7-2AFA-4B1A-81D0-DF197C105DB2}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{71F60477-975C-4D9F-91F2-402A9C9C7292}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{782FD19C-2BB1-440B-961B-A351CC5835C0}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{7B359373-5668-45B1-BA79-EF7564DEAC6F}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{7CA1A934-830D-49A4-8CC6-0A3F0F6B0224}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{7E12F629-E870-4977-A581-C7138FED9244}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{8154F5ED-5BC2-482F-8EA6-CEDA4C5C70AA}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{82DB4949-C967-4A50-9A36-DBB81B0BBF08}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{88E79EAC-5667-4D89-88F3-75B85A386EB2}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{8AB93462-9A9F-4818-B97A-8F34C9500517}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{8C5406E2-3FDB-468A-B88F-1BD0BD730131}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{928DCF56-B1F6-4B5E-BB5A-DBDF9532B328}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{9E52BD8A-8FE1-4804-B7A1-8BB2C3CB1D32}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{9E598CDF-FC5C-4876-B2B2-74FC7456BB7E}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{A2102A82-AB96-47AD-A0BB-F42A087F9786}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{A3F65A50-1992-4E38-88B8-25006D992073}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{B0AC7C6C-1543-41EF-8D14-10DBE1187DA0}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{B57FD575-03F2-4E2E-9A42-4CAF363B694D}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{BB516A1B-E0C1-4BB2-B730-8F5D6DCB7189}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{BD5B139C-5730-4E1C-B99D-058A761D2EDE}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{BEA02D4B-28E0-4145-BF76-215F849D67C7}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{C17D21B0-EF67-4D68-8A72-216784EF9290}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{C2081EF2-2570-4793-A0D8-95932C7F8BEA}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{C8414813-4B4F-40F6-8394-1CD574848004}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{CA4C5FDC-A1EC-4582-A63E-D46A26ABE542}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{D03784FE-639B-4E3E-BEC7-D5CBF208611F}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{DB769B92-047A-4745-8FFC-18C92EF4B220}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{DD49CB26-261C-4C5D-B21E-374052946245}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{DDE6DA57-8155-42CA-ACA3-9C9B04AFC347}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{DF1AF7AC-048E-4399-B098-C0CBFE8ABE5C}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{E4D4D2C4-FCFF-405C-B880-D937C458B332}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{EAAEBA32-C4F4-4985-BE2B-6F9F69591B8B}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{EC46068D-F1A9-4A17-A285-7814D0B2A2B2}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{EDEC9A43-7031-463E-A5DC-DD169C3822C5}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{EE0610FC-DE86-46DB-964F-06F20B19B3C2}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{F41FD3CF-A25C-4EF8-94EF-EE02FC4B086D}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{F507FCA6-58FF-4B41-BF93-149A2BFC6BD8}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{F8DAF211-8FE3-428D-8E97-FA072A76AF72}
Successfully deleted: [Empty Folder] C:\Users\FUJI-PC\appdata\local\{FDE76B1E-9FD8-414B-B8B5-E9677D52E90F}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\FUJI-PC\AppData\Roaming\mozilla\firefox\profiles\fv8ilt42.default\prefs.js

user_pref("social.manifest.facebook", "{\"origin\":\"hxxps://www.facebook.com\",\"name\":\"Facebook Messenger\",\"workerURL\":\"hxxps://www.facebook.com/desktop/fbdesktop2/soc
Emptied folder: C:\Users\FUJI-PC\AppData\Roaming\mozilla\firefox\profiles\fv8ilt42.default\minidumps [630 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013.08.25. at 15:27:49,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2013
Ran by FUJI-PC (administrator) on 25-08-2013 15:32:01
Running from C:\Users\FUJI-PC\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(EasyBits Software AS) C:\Windows\System32\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ib\olycamdetect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6266880 2008-07-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2008-06-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [x]
HKLM\...\Run: [Olympus ib] - C:\Program Files\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [MDS_Menu] - C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {3a17668a-ec65-11e2-8846-f708c7c1dbde} - D:\LGAutoRun.exe
MountPoints2: {68363262-f366-11df-801c-0019994c5cf7} - E:\SETUP.EXE
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk
ShortcutTarget: OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
ShellExecuteHooks:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default
FF Homepage: http://www.trojaner-board.de/140403-...ml#post1139821
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%0A%20if%20(%20%09url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20)%0A%09return%20'PROXY%20proxy.personalitycores.com%3A8000'%3B%0Areturn%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [328536 2011-08-09] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [165984 2008-06-05] (Intel Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S4 oxpar; C:\Windows\system32\drivers\oxpar.sys [80128 2007-01-24] (OEM)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-05] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [x]
S4 oxser; \SystemRoot\system32\drivers\oxser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:10 - 2013-08-25 15:13 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2013-08-25 14:37 - 00003888 ____C C:\Windows\PFRO.log
2013-08-25 13:21 - 2013-08-25 13:22 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-25 13:21 - 2013-04-04 14:50 - 00022856 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-25 12:44 - 2013-08-25 12:45 - 00026285 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-25 12:20 - 2013-08-25 12:20 - 01070459 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 12:19 - 2013-08-21 12:21 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:25 - 2013-08-23 18:00 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-20 10:17 - 2013-08-20 12:38 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-16 01:04 - 2013-08-25 15:25 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-14 16:51 - 2013-07-25 04:40 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:51 - 2013-07-25 04:32 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:51 - 2013-07-25 04:30 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:51 - 2013-07-25 04:25 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:51 - 2013-07-25 04:24 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:51 - 2013-07-25 04:24 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:51 - 2013-07-25 04:22 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:51 - 2013-07-25 04:22 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:51 - 2013-07-25 04:22 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:57 - 2013-07-17 21:41 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:57 - 2013-07-10 11:47 - 00783360 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:57 - 2013-07-05 06:53 - 00905664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:57 - 2013-06-15 15:22 - 00015872 ____C (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 14:57 - 2013-06-15 13:23 - 00024064 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 14:56 - 2013-07-09 14:10 - 01205168 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:56 - 2013-07-08 06:55 - 03603904 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:56 - 2013-07-08 06:55 - 03551680 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:56 - 2013-07-08 06:20 - 00172544 ____C (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00992768 ____C (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00133120 ____C (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00098304 ____C (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-06 19:52 - 2013-08-14 17:07 - 00000000 ___DC C:\Windows\system32\MRT

==================== One Month Modified Files and Folders =======

2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:25 - 2013-08-16 01:04 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:19 - 2010-12-28 01:14 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Skype
2013-08-25 15:15 - 2011-03-11 12:37 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-25 15:15 - 2010-12-28 01:15 - 00001014 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-25 15:15 - 2006-11-02 15:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-08-25 15:15 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 15:15 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 15:14 - 2009-06-26 03:26 - 01704512 ____C C:\Windows\WindowsUpdate.log
2013-08-25 15:14 - 2006-11-02 15:01 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 15:13 - 2013-08-25 15:10 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:13 - 2013-04-03 21:37 - 00000000 ___DC C:\ProgramData\Uniblue
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 15:04 - 2012-09-10 09:27 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 15:01 - 2012-07-30 20:05 - 00000288 ____C C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job
2013-08-25 14:41 - 2010-12-28 01:15 - 00001018 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-25 14:37 - 2013-08-25 14:37 - 00003888 ____C C:\Windows\PFRO.log
2013-08-25 14:37 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\L2Schemas
2013-08-25 14:25 - 2013-03-17 18:35 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\KastorTubeToMp3
2013-08-25 13:22 - 2013-08-25 13:21 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-25 12:45 - 2013-08-25 12:44 - 00026285 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-25 12:42 - 2013-03-14 22:30 - 00000936 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job
2013-08-25 12:20 - 2013-08-25 12:20 - 01070459 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-25 11:26 - 2006-11-02 13:18 - 00000000 __HDC C:\Windows\tracing
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-24 21:42 - 2013-03-14 22:30 - 00000914 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job
2013-08-24 19:20 - 2009-06-25 19:46 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK
2013-08-24 10:52 - 2013-06-27 19:58 - 00000000 ___DC C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-08-23 18:00 - 2013-08-20 10:25 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-23 12:38 - 2011-11-04 19:12 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\AUTO
2013-08-21 15:36 - 2010-12-28 01:15 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Google
2013-08-21 15:00 - 2010-12-27 21:07 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Mozilla
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 14:35 - 2013-01-09 17:24 - 00000000 ___DC C:\Program Files\A1
2013-08-21 12:21 - 2013-08-21 12:19 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-21 12:05 - 2012-08-16 10:26 - 00692104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 12:05 - 2011-06-25 10:45 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 12:38 - 2013-08-20 10:17 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-18 18:04 - 2012-07-05 15:20 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK\Pályázatok német területre
2013-08-18 14:54 - 2012-10-06 11:05 - 00000000 ___DC C:\Program Files\Common Files\DivX Shared
2013-08-18 14:54 - 2012-10-06 11:04 - 00000000 ___DC C:\Program Files\DivX
2013-08-18 14:54 - 2012-10-06 11:03 - 00000000 ___DC C:\ProgramData\DivX
2013-08-17 16:47 - 2013-03-09 16:42 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\ALBÉRLET_Ligetsor
2013-08-17 12:28 - 2011-01-02 18:56 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-16 14:18 - 2006-11-02 12:33 - 00797126 ____C C:\Windows\system32\PerfStringBackup.INI
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-15 20:25 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\Microsoft.NET
2013-08-14 18:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:07 - 2013-08-06 19:52 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-14 17:03 - 2006-11-02 12:24 - 75778376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 17:00 - 2008-04-30 11:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-04 23:38 - 2009-06-25 19:46 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Adobe

Files to move or delete:
====================
C:\Users\FUJI-PC\AppData\Local\Temp\Quarantine.exe
C:\Users\FUJI-PC\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\FUJI-PC\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-25 15:23

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 25.08.2013, 15:01   #6
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-08-2013
Ran by FUJI-PC at 2013-08-25 15:33:46
Running from C:\Users\FUJI-PC\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advanced SystemCare 4 (Version: 4.2.0)
Advertising Center (Version: 0.0.0.1)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk DWF Viewer (Version: 6.5)
Avira Free Antivirus (Version: 13.0.0.3885)
CCleaner (Version: 4.03)
ClipGrab 3.2.1.0
D3DX10 (Version: 15.4.2368.0902)
DivX-Setup (Version: 2.6.1.44)
dm FOTO Paradies + CEWE FOTOBUCH (Version: 5.0.1)
EasyBits GO
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
Farming Simulator 2011 (Version: 1.0)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Google Video Player
HNS SPCea
HNSKY 2.3.0N
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2555)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 26 (Version: 6.0.260)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LG United Mobile Drivers (Version: 3.6.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kísérő (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help-frissítés (KB963678)
Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)
Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help-frissítés (KB963665)
Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MOTORM4X (Version: 1.0.821.1)
Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
neroxml (Version: 1.0.0)
NexStar Observer List
Nokia Connectivity Cable Driver (Version: 7.1.101.0)
Nokia PC Suite (Version: 7.1.62.1)
OLYMPUS Digital Camera Updater (Version: 1.0.1)
Olympus ib (Version: 1.3.2207)
OLYMPUS Viewer 2 (Version: 1.1.1)
OpenAL
PC Connectivity Solution (Version: 12.0.76.0)
PDFCreator (Version: 1.7.0)
Realtek High Definition Audio Driver
RegCure Pro (Version: 3.1.6.0)
RescuePRO 3.5
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.3 (Version: 6.3.107)
swMSM (Version: 12.0.0.1)
SystemDiagnostics (Version: 2.01.0004)
Uninstall 1.0.0.1
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 9.0 ATL (x86) WinSXS MSM (Version: 9.0)
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.0.5 (Version: 1.0.5)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 

==================== Restore Points  =========================

12-07-2013 13:01:39 Windows Update
14-07-2013 21:34:33 Installed LG United Mobile Drivers.
21-07-2013 08:59:05 Eltávolítva: AutoCAD 2007 - Magyar
06-08-2013 17:37:42 Windows Update
14-08-2013 14:49:00 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0A430ED2-218A-4391-AF4E-F7F3A80F9DBA} - System32\Tasks\SBWUpdateTask_Logon_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {13DF6A5E-DE96-4DF7-9F88-18C3EDD2D0EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {1C3C8F8C-FA3F-4375-90E3-F37E420E604A} - System32\Tasks\{875C5C39-9E6B-4421-BA43-AA3775BC6D08} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {27387C70-D7FB-4FC3-873A-05FDFCE0416F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated)
Task: {2BC608CA-C7DB-4129-8C18-0EBFF54BB5F8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E509CDE-6129-4AFD-B247-0CADCFDBD5C5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {40271557-01FC-46CE-BE01-5E223CCEB45E} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {4444772F-C5E1-461C-874F-5E6D4A1825D6} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - FUJI-PC => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {586AEBE5-CC1C-42C7-A615-A17EB2E321C1} - System32\Tasks\HP Photo Creations HPIX DigiPont Messager => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe No File
Task: {5ABB2304-5D3F-4087-A934-CF2402557701} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {75AFF32E-D18B-4A33-B370-6680875E94FC} - System32\Tasks\Microsoft\Windows\RestartManager\{480C4FDE-8403-485c-8458-01A5E6FDA060} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {9C207FA1-7195-4D2C-9586-6B74DD9D80C4} - System32\Tasks\VRRIOXEI => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AA59AA4F-EB9E-4511-9449-39A316036422} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {B108F19D-30C3-448D-9622-48A688E29BC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {D6AC5649-6CF6-4477-9F3B-022FF74D8A12} - System32\Tasks\Microsoft\Windows\RestartManager\{44CAB43A-C2CA-4b9e-BFEF-C7931531D5C0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {DA2A2822-DB26-472F-88BE-CCB3F49F0344} - System32\Tasks\User_Feed_Synchronization-{1D9FA663-13B6-4F3B-B5F6-AB69105B23A0} => C:\Windows\system32\msfeedssync.exe [2011-04-07] (Microsoft Corporation)
Task: {DDD24667-5C12-4758-867D-0B63AC2C4247} - System32\Tasks\{FC29B661-6898-4222-840D-D2064925C6AB} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-08-17] (Mozilla Corporation)
Task: {DE3C1C63-4014-4BE9-83FC-FAC45AFC4203} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {EA8CF6AB-3D3D-45E9-856C-00E65405E244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {F0E872E3-EFC4-4C3C-855D-B96158AB32E9} - System32\Tasks\SBWUpdateTask_Time_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {FB5A5461-C602-48C7-8209-557730297EAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\VRRIOXEI.job => C:\Windows\system32\mprddmd.dll

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{B6736736-1C70-4860-9EEA-C617225A5B79}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (03/12/2012 00:35:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-07-02 19:51:23.955
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:22.754
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:38.327
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 58%
Total physical RAM: 1947.51 MB
Available physical RAM: 812.05 MB
Total Pagefile: 4138.04 MB
Available Pagefile: 2804.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.13 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:147.04 GB) (Free:58.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 7AB852FC)
Partition 1: (Not Active) - (Size=2 GB) - (Type=27)
Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Hoffentlich habe ich alles richtig gemacht.

Schönes Wochenende,

MfG
Valeria

Alt 25.08.2013, 19:40   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.08.2013, 23:24   #8
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=73f73821232fa34baa45ea1f2113eb24
# engine=14899
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-25 09:57:40
# local_time=2013-08-25 11:57:40 (+0100, W. Europe Daylight Time)
# country="Hungary"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 97 12874 123238344 5625 0
# compatibility_mode=5892 16776574 100 100 15003421 215000562 0 0
# scanned=169264
# found=0
# cleaned=0
# scan_time=10412
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.72  
 Windows Vista Service Pack 2 x86   
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 CCleaner     
 JavaFX 2.1.0    
 Java(TM) 6 Update 26  
 Java 7 Update 25  
 Adobe Flash Player 	11.8.800.94  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox (23.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 17 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2013
Ran by FUJI-PC (administrator) on 26-08-2013 00:10:18
Running from C:\Users\FUJI-PC\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(EasyBits Software AS) C:\Windows\System32\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\ib\olycamdetect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6266880 2008-07-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2008-06-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [x]
HKLM\...\Run: [Olympus ib] - C:\Program Files\Olympus\ib\olycamdetect.exe [96128 2012-02-02] (OLYMPUS IMAGING CORP.)
HKLM\...\Run: [MDS_Menu] - C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {3a17668a-ec65-11e2-8846-f708c7c1dbde} - D:\LGAutoRun.exe
MountPoints2: {68363262-f366-11df-801c-0019994c5cf7} - E:\SETUP.EXE
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu Siemens Computers\LaunchCenter\LaunchCenter.exe (SSA SoftSolutions GmbH)
Startup: C:\Users\FUJI-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk
ShortcutTarget: OneNote 2007 – Képernyőrész kivágása és gyorsindítás.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
ShellExecuteHooks:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default
FF Homepage: http://www.trojaner-board.de/140403-...ml#post1139821
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%0A%20if%20(%20%09url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20)%0A%09return%20'PROXY%20proxy.personalitycores.com%3A8000'%3B%0Areturn%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fv8ilt42.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\FUJI-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\FUJI-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Desktop) - C:\Users\FUJI-PC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\FUJI-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [328536 2011-08-09] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [165984 2008-06-05] (Intel Corporation)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S4 oxpar; C:\Windows\system32\drivers\oxpar.sys [80128 2007-01-24] (OEM)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-05] (Avira GmbH)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Oxmfuf; \SystemRoot\system32\drivers\oxmfuf.sys [x]
S4 oxser; \SystemRoot\system32\drivers\oxser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-26 00:03 - 2013-08-26 00:03 - 00891115 ____C C:\Users\FUJI-PC\Desktop\SecurityCheck.exe
2013-08-25 20:55 - 2013-08-25 20:55 - 02347384 ____C (ESET) C:\Users\FUJI-PC\Desktop\esetsmartinstaller_enu.exe
2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:10 - 2013-08-25 15:13 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2013-08-25 14:37 - 00003888 ____C C:\Windows\PFRO.log
2013-08-25 13:21 - 2013-08-25 13:22 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-25 13:21 - 2013-04-04 14:50 - 00022856 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-25 12:44 - 2013-08-25 15:34 - 00021666 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-25 12:20 - 2013-08-25 12:20 - 01070459 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 12:19 - 2013-08-21 12:21 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-20 10:25 - 2013-08-25 18:00 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-20 10:17 - 2013-08-20 12:38 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-16 01:04 - 2013-08-25 16:21 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-14 16:51 - 2013-07-25 04:40 - 12334080 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:51 - 2013-07-25 04:32 - 01800704 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:51 - 2013-07-25 04:30 - 09738752 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:51 - 2013-07-25 04:26 - 01104384 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:51 - 2013-07-25 04:25 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:51 - 2013-07-25 04:24 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:51 - 2013-07-25 04:24 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 01796096 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00717824 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00420864 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:51 - 2013-07-25 04:23 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:51 - 2013-07-25 04:22 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:51 - 2013-07-25 04:22 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:51 - 2013-07-25 04:22 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:57 - 2013-07-17 21:41 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:57 - 2013-07-10 11:47 - 00783360 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:57 - 2013-07-05 06:53 - 00905664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:57 - 2013-06-15 15:22 - 00015872 ____C (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 14:57 - 2013-06-15 13:23 - 00024064 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 14:56 - 2013-07-09 14:10 - 01205168 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:56 - 2013-07-08 06:55 - 03603904 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:56 - 2013-07-08 06:55 - 03551680 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:56 - 2013-07-08 06:20 - 00172544 ____C (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00992768 ____C (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00133120 ____C (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:56 - 2013-07-08 06:16 - 00098304 ____C (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-06 19:52 - 2013-08-14 17:07 - 00000000 ___DC C:\Windows\system32\MRT

==================== One Month Modified Files and Folders =======

2013-08-26 00:09 - 2013-08-26 00:09 - 00001159 ____C C:\Users\FUJI-PC\Desktop\checkup.txt
2013-08-26 00:06 - 2010-12-28 01:14 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Skype
2013-08-26 00:03 - 2013-08-26 00:03 - 00891115 ____C C:\Users\FUJI-PC\Desktop\SecurityCheck.exe
2013-08-25 22:21 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 22:21 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 22:04 - 2006-11-02 13:18 - 00000000 __HDC C:\Windows\tracing
2013-08-25 20:55 - 2013-08-25 20:55 - 02347384 ____C (ESET) C:\Users\FUJI-PC\Desktop\esetsmartinstaller_enu.exe
2013-08-25 19:00 - 2012-07-30 20:05 - 00000288 ____C C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job
2013-08-25 18:42 - 2013-03-14 22:30 - 00000936 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job
2013-08-25 18:41 - 2010-12-28 01:15 - 00001018 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-25 18:04 - 2012-09-10 09:27 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 18:00 - 2013-08-20 10:25 - 00000448 ____C C:\Windows\Tasks\ParetoLogic Registration3.job
2013-08-25 17:37 - 2009-06-26 03:26 - 01708596 ____C C:\Windows\WindowsUpdate.log
2013-08-25 16:21 - 2013-08-16 01:04 - 00000316 ____C C:\Windows\Tasks\VRRIOXEI.job
2013-08-25 16:21 - 2011-03-11 12:37 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-25 16:21 - 2010-12-28 01:15 - 00001014 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-25 16:21 - 2006-11-02 15:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-08-25 16:20 - 2006-11-02 15:01 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 15:34 - 2013-08-25 12:44 - 00021666 ____C C:\Users\FUJI-PC\Desktop\Addition.txt
2013-08-25 15:27 - 2013-08-25 15:27 - 00008306 ____C C:\Users\FUJI-PC\Desktop\JRT.txt
2013-08-25 15:24 - 2013-08-25 15:24 - 00000000 ___DC C:\Windows\ERUNT
2013-08-25 15:23 - 2013-08-25 15:23 - 01021434 ____C (Thisisu) C:\Users\FUJI-PC\Desktop\JRT.exe
2013-08-25 15:13 - 2013-08-25 15:10 - 00000000 ___DC C:\AdwCleaner
2013-08-25 15:13 - 2013-04-03 21:37 - 00000000 ___DC C:\ProgramData\Uniblue
2013-08-25 15:10 - 2013-08-25 15:10 - 00994642 ____C C:\Users\FUJI-PC\Desktop\adwcleaner.exe
2013-08-25 14:37 - 2013-08-25 14:37 - 00003888 ____C C:\Windows\PFRO.log
2013-08-25 14:37 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\L2Schemas
2013-08-25 14:25 - 2013-03-17 18:35 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\KastorTubeToMp3
2013-08-25 13:22 - 2013-08-25 13:21 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-08-25 13:21 - 2013-08-25 13:21 - 00000912 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-25 12:20 - 2013-08-25 12:20 - 01070459 ____C (Farbar) C:\Users\FUJI-PC\Desktop\FRST.exe
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 ___DC C:\FRST
2013-08-24 21:42 - 2013-03-14 22:30 - 00000914 ____C C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job
2013-08-24 19:20 - 2009-06-25 19:46 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK
2013-08-24 10:52 - 2013-06-27 19:58 - 00000000 ___DC C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-08-23 12:38 - 2011-11-04 19:12 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\AUTO
2013-08-21 15:36 - 2010-12-28 01:15 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Google
2013-08-21 15:00 - 2010-12-27 21:07 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Roaming\Mozilla
2013-08-21 14:52 - 2013-08-21 14:52 - 00001196 ____C C:\Windows\IE9_main.log
2013-08-21 14:35 - 2013-01-09 17:24 - 00000000 ___DC C:\Program Files\A1
2013-08-21 12:21 - 2013-08-21 12:19 - 00027164 ____C C:\Users\FUJI-PC\Documents_DOKUK\cc_20130821_121905.reg
2013-08-21 12:05 - 2012-08-16 10:26 - 00692104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 12:05 - 2011-06-25 10:45 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 12:38 - 2013-08-20 10:17 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\2013.08.20-án leszedett uj viruskeresok
2013-08-20 12:06 - 2013-08-20 12:06 - 00000000 ___DC C:\TDSSKiller_Quarantine
2013-08-18 18:04 - 2012-07-05 15:20 - 00000000 __RDC C:\Users\FUJI-PC\Documents_DOKUK\Pályázatok német területre
2013-08-18 14:54 - 2012-10-06 11:05 - 00000000 ___DC C:\Program Files\Common Files\DivX Shared
2013-08-18 14:54 - 2012-10-06 11:04 - 00000000 ___DC C:\Program Files\DivX
2013-08-18 14:54 - 2012-10-06 11:03 - 00000000 ___DC C:\ProgramData\DivX
2013-08-17 16:47 - 2013-03-09 16:42 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\ALBÉRLET_Ligetsor
2013-08-17 12:28 - 2011-01-02 18:56 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-16 14:18 - 2006-11-02 12:33 - 00797126 ____C C:\Windows\system32\PerfStringBackup.INI
2013-08-16 01:04 - 2013-08-16 01:04 - 00459776 _RSHC C:\Windows\system32\mprddmd.dll
2013-08-15 20:25 - 2006-11-02 13:18 - 00000000 ___DC C:\Windows\Microsoft.NET
2013-08-14 18:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:07 - 2013-08-06 19:52 - 00000000 ___DC C:\Windows\system32\MRT
2013-08-14 17:03 - 2006-11-02 12:24 - 75778376 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 17:00 - 2008-04-30 11:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-08-09 20:32 - 2013-08-09 20:32 - 00000000 ___DC C:\Users\FUJI-PC\Documents_DOKUK\Google Earth hivatkozás desktopra
2013-08-04 23:38 - 2009-06-25 19:46 - 00000000 ___DC C:\Users\FUJI-PC\AppData\Local\Adobe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-25 16:30

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-08-2013
Ran by FUJI-PC at 2013-08-26 00:10:56
Running from C:\Users\FUJI-PC\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advanced SystemCare 4 (Version: 4.2.0)
Advertising Center (Version: 0.0.0.1)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk DWF Viewer (Version: 6.5)
Avira Free Antivirus (Version: 13.0.0.3885)
CCleaner (Version: 4.03)
ClipGrab 3.2.1.0
D3DX10 (Version: 15.4.2368.0902)
DivX-Setup (Version: 2.6.1.44)
dm FOTO Paradies + CEWE FOTOBUCH (Version: 5.0.1)
EasyBits GO
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
Farming Simulator 2011 (Version: 1.0)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Google Video Player
HNS SPCea
HNSKY 2.3.0N
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2555)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 26 (Version: 6.0.260)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LG United Mobile Drivers (Version: 3.6.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kísérő (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help-frissítés (KB963678)
Microsoft Office Excel MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)
Microsoft Office PowerPoint MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Hungarian) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help-frissítés (KB963665)
Microsoft Office Word MUI (Hungarian) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MOTORM4X (Version: 1.0.821.1)
Mozilla Firefox 23.0.1 (x86 hu) (Version: 23.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
neroxml (Version: 1.0.0)
NexStar Observer List
Nokia Connectivity Cable Driver (Version: 7.1.101.0)
Nokia PC Suite (Version: 7.1.62.1)
OLYMPUS Digital Camera Updater (Version: 1.0.1)
Olympus ib (Version: 1.3.2207)
OLYMPUS Viewer 2 (Version: 1.1.1)
OpenAL
PC Connectivity Solution (Version: 12.0.76.0)
PDFCreator (Version: 1.7.0)
Realtek High Definition Audio Driver
RegCure Pro (Version: 3.1.6.0)
RescuePRO 3.5
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.3 (Version: 6.3.107)
swMSM (Version: 12.0.0.1)
SystemDiagnostics (Version: 2.01.0004)
Uninstall 1.0.0.1
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 9.0 ATL (x86) WinSXS MSM (Version: 9.0)
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.0.5 (Version: 1.0.5)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 

==================== Restore Points  =========================

12-07-2013 13:01:39 Windows Update
14-07-2013 21:34:33 Installed LG United Mobile Drivers.
21-07-2013 08:59:05 Eltávolítva: AutoCAD 2007 - Magyar
06-08-2013 17:37:42 Windows Update
14-08-2013 14:49:00 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0A430ED2-218A-4391-AF4E-F7F3A80F9DBA} - System32\Tasks\SBWUpdateTask_Logon_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {13DF6A5E-DE96-4DF7-9F88-18C3EDD2D0EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {1C3C8F8C-FA3F-4375-90E3-F37E420E604A} - System32\Tasks\{875C5C39-9E6B-4421-BA43-AA3775BC6D08} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {27387C70-D7FB-4FC3-873A-05FDFCE0416F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated)
Task: {2BC608CA-C7DB-4129-8C18-0EBFF54BB5F8} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E509CDE-6129-4AFD-B247-0CADCFDBD5C5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {40271557-01FC-46CE-BE01-5E223CCEB45E} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {586AEBE5-CC1C-42C7-A615-A17EB2E321C1} - System32\Tasks\HP Photo Creations HPIX DigiPont Messager => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe No File
Task: {5ABB2304-5D3F-4087-A934-CF2402557701} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {75AFF32E-D18B-4A33-B370-6680875E94FC} - System32\Tasks\Microsoft\Windows\RestartManager\{480C4FDE-8403-485c-8458-01A5E6FDA060} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {9C207FA1-7195-4D2C-9586-6B74DD9D80C4} - System32\Tasks\VRRIOXEI => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AA59AA4F-EB9E-4511-9449-39A316036422} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {B108F19D-30C3-448D-9622-48A688E29BC0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {CCDFCC81-F3B0-4F2A-9EA7-846F4B967BA4} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - FUJI-PC => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {D6AC5649-6CF6-4477-9F3B-022FF74D8A12} - System32\Tasks\Microsoft\Windows\RestartManager\{44CAB43A-C2CA-4b9e-BFEF-C7931531D5C0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {DA2A2822-DB26-472F-88BE-CCB3F49F0344} - System32\Tasks\User_Feed_Synchronization-{1D9FA663-13B6-4F3B-B5F6-AB69105B23A0} => C:\Windows\system32\msfeedssync.exe [2011-04-07] (Microsoft Corporation)
Task: {DDD24667-5C12-4758-867D-0B63AC2C4247} - System32\Tasks\{FC29B661-6898-4222-840D-D2064925C6AB} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-08-17] (Mozilla Corporation)
Task: {DE3C1C63-4014-4BE9-83FC-FAC45AFC4203} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {EA8CF6AB-3D3D-45E9-856C-00E65405E244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-28] (Google Inc.)
Task: {F0E872E3-EFC4-4C3C-855D-B96158AB32E9} - System32\Tasks\SBWUpdateTask_Time_74195f76-0019994C5CF7 => C:\PROGRA~1\COMMON~1\SpeedBit\SBUpdate\SBUpdate.exe No File
Task: {FB5A5461-C602-48C7-8209-557730297EAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000Core.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-62967900-3608994157-1285643695-1000UA.job => C:\Users\FUJI-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations HPIX DigiPont Messager.job => C:\ProgramData\HP Photo Creations HPIX DigiPont\MessageCheck.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\VRRIOXEI.job => C:\Windows\system32\mprddmd.dll

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{B6736736-1C70-4860-9EEA-C617225A5B79}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2013 11:46:53 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:53 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:51 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:51 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:50 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:50 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:48 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)

Error: (08/25/2013 11:46:48 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\FUJI-PC\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FV8ILT42.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
	A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (03/12/2012 00:35:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-07-02 19:51:23.955
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:23.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:51:22.754
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:38.327
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.601
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-02 19:35:37.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 1947.51 MB
Available physical RAM: 716.14 MB
Total Pagefile: 4140.04 MB
Available Pagefile: 2716.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.05 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:147.04 GB) (Free:57.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 7AB852FC)
Partition 1: (Not Active) - (Size=2 GB) - (Type=27)
Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Ich denke schon, dass ich nicht auf ihavenet.com umgeleitet werde.
Wenn es das war, bedanke ich mich herzlich!

Gute Nacht!
Valeria

Alt 26.08.2013, 08:59   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Noch kurz was checken

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.08.2013, 15:05   #10
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Code:
ATTFilter
Farbar Service Scanner Version: 18-08-2013
Ran by FUJI-PC (administrator) on 26-08-2013 at 15:50:21
Running from "C:\Users\FUJI-PC\Desktop"
Microsoft® Windows Vista™ Business  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.

Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-14 14:57] - [2013-07-05 06:53] - 0905664 ___AC (Microsoft Corporation) D18D53974FD715D50FC76F9FFE1C830D

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-08-14 14:56] - [2013-07-08 06:16] - 0133120 ___AC (Microsoft Corporation) 684C130BBC6DB681BAD4920A4C944AA5

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
         
Hallo schrauber,

Leider hat ihavenet.com sich vor dem FSS-Scan wieder gemeldet, trotz dessen haben wir das FSS-Scan durchlaufen lassen und das Ergebnis eingefügt. Wie soll es weitergehen? Lg, Valeria

Alt 26.08.2013, 18:08   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



In welchem Browser?

Downloade dir bitte Windows Repair (All In One) von hier.
  • Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
  • Klicke auf Step 2 und drücke unter Check Disk auf Do It.

  • Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

  • Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

  • Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
  • Hake Restart System when Finished an.
  • Drücke Start.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.08.2013, 21:36   #12
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Guten Abend,

Man kann überall nur noch die Windows Repair 1.9.15 Version herunterladen, die angegebe frühere Version nicht. Bei Windows Repair 1.9.15 bleib ich stecken, konkreter: ich starte das Start Repairs-Menüpunkt und der 2. Schnitt (von 10) wiederholt sich immer wieder. Was soll ich tun? Woran kann es liegen, bze. gibt es ein anderes, geeignetes Programm für mich?

Vielen Dank und schönen Abend! Mfg, Valeria

Alt 27.08.2013, 10:01   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Wie heisst der Schritt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.08.2013, 15:22   #14
vizoti
 
Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Hallo,

Windows Repair 1.9.15 ist diesmal problemlos durchgelaufen. Es wurde jedoch keine Datei erstellt.

Lg, Valeria

Alt 27.08.2013, 20:17   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Standard

Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.



Hast Du das mit den Kästchen anhaken auch gemacht? Wenn ja bitte frisches FSS und FRST log posten. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.
beseitigen, entferne, entfernen, ihavenet virus, ihavenet.com, ihavenet.com virus, infiziert, infiziert., internet, pup.optional.babylon.a, pup.optional.defaulttab, pup.optional.delta.a, pup.optional.opencandy, service, service pack 2, spyhunter, spyhunter entfernen, vista, vom pc entfernen, woche



Ähnliche Themen: Mit ihavenet.com Virus infiziert, kann es nicht beseitigen.


  1. Windows7: Windows-Sicherheitscenterdienst kann nicht gestartet werden und Google-Suche wurde zu ihavenet umgeleitet
    Log-Analyse und Auswertung - 06.02.2014 (21)
  2. Ihavenet-Virus... bekomme ihn nicht weg
    Plagegeister aller Art und deren Bekämpfung - 29.10.2013 (13)
  3. Windows 7: mit Virus ihavenet infiziert
    Log-Analyse und Auswertung - 01.10.2013 (9)
  4. Laptop infiziert mit ihavenet.com
    Log-Analyse und Auswertung - 02.08.2013 (41)
  5. Ihavenet Virus - wie kann ich ihn loswerden
    Log-Analyse und Auswertung - 31.07.2013 (25)
  6. Netbook ist mit IHAVENET infiziert
    Log-Analyse und Auswertung - 15.07.2013 (23)
  7. mit ihavenet-Virus infiziert - was nun?
    Log-Analyse und Auswertung - 28.12.2012 (22)
  8. Wie Ihavenet-Virus beseitigen?
    Log-Analyse und Auswertung - 15.10.2012 (42)
  9. ihavenet - virus infiziert?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (3)
  10. definitiv aktiver virus lässt sich nicht aufspüren und beseitigen
    Log-Analyse und Auswertung - 10.10.2011 (8)
  11. TR/Crypt.XPACK.Gen2, antivir kann ihn nicht beseitigen...
    Log-Analyse und Auswertung - 24.09.2011 (2)
  12. ClamXav meldet Desinfektion, kann sie aber nicht beseitigen
    Alles rund um Mac OSX & Linux - 02.03.2011 (9)
  13. Virusbefall durch " Backdoor:Win32/Cycbot.B ",kann ihn nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 11.12.2010 (1)
  14. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)
  15. Avira findet TR Vilsel.aejm, kann ihn aber nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (36)
  16. Trojaner eingefangen, Trojan.win32.buzus.dajg, Kaspersky kann es nicht beseitigen
    Log-Analyse und Auswertung - 03.10.2010 (1)
  17. kann esepor.aa nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 06.11.2004 (3)

Zum Thema Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. - Hallo, Wir sind mit ihavenet.com Virus infiziert. Wir haben im Internet gelesen, dass man es nur mit IT-Hilfe vom PC entfernen können. Über unser PC: Windows Vista Business, Service Pack - Mit ihavenet.com Virus infiziert, kann es nicht beseitigen....
Archiv
Du betrachtest: Mit ihavenet.com Virus infiziert, kann es nicht beseitigen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.