| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe auch das Problem: Malwarebytes findet PUP.optional.opencandyWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.09.2013, 22:23
| #1 |
 |  Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Hallo zusammen, ich habe auch das gleich Problem wie einige andere hier im Forum. Malwarebytes findet PUP.optional.opencandy Nur habe ich es schon von Malwarebytes löschen lassen. Die erste Logfile von Malwarebytes zeigt den Fund. Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.08.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Stephan :: STEPHAN-PC [Administrator] 08.09.2013 22:43:33 MBAM-log-2013-09-08 (22-47-20).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 222499 Laufzeit: 3 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 3 C:\Users\Stephan\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Stephan\AppData\Roaming\OpenCandy\1F41E5BB5F2E433CA0B71B468A2F7830 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Stephan\AppData\Roaming\OpenCandy\OpenCandy_98BE05EEC4FF484CBAFC08387A85C411 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. Infizierte Dateien: 4 C:\Users\Stephan\AppData\Roaming\OpenCandy\OpenCandy_98BE05EEC4FF484CBAFC08387A85C411\LatestDLMgr.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Stephan\AppData\Roaming\OpenCandy\1F41E5BB5F2E433CA0B71B468A2F7830\speedupmypcROE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Stephan\AppData\Roaming\OpenCandy\OpenCandy_98BE05EEC4FF484CBAFC08387A85C411\1600.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Stephan\AppData\Roaming\OpenCandy\OpenCandy_98BE05EEC4FF484CBAFC08387A85C411\pcspeedup.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. (Ende) Die zweite Logfile ist nach dem Löschen durch den zweiten Quick-Scann, bei dem nichts mehr gefunden wurde, erstellt worden Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.08.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Stephan :: STEPHAN-PC [Administrator] 08.09.2013 22:51:51 mbam-log-2013-09-08 (22-51-51).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 222278 Laufzeit: 4 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Und dann habe ich hier noch das Scannergebnis von Farbar FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by Stephan (administrator) on STEPHAN-PC on 08-09-2013 23:13:34
Running from C:\Users\Stephan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968 2009-01-27] (Hewlett-Packard Company)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [pdfSaver3] - C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe [380928 2004-09-05] (Tracker Software Products Ltd.)
HKCU\...\Run: [PCSpeedUp] - C:\Program Files (x86)\PC Beschleunigen\PCSpeedUp.lnk [2419 2011-08-15] ()
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {30c1dd70-3cfd-11df-842d-00241d2e188f} - L:\LaunchU3.exe -a
MountPoints2: {33b37072-267b-11e1-9d37-00241d2e188f} - H:\Startme.exe
MountPoints2: {360fdc79-dc44-11e2-97cd-00241d2e188f} - H:\Startme.exe
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl] - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-07] (CyberLink Corp.)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [pdfSaver3] - [x]
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-06-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
URLSearchHook: (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - DefaultScope {F52F6678-F4F7-486b-9DDC-491B03B7F9E6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60342
SearchScopes: HKCU - {7D82E3D0-A793-41D4-9CFA-A7A81C3BA455} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - {F52F6678-F4F7-486b-9DDC-491B03B7F9E6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6180/mcfscan.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225
FireFox:
========
FF ProfilePath: C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default
FF user.js: detected! => C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\user.js
FF SelectedSearchEngine: Google
FF Keyword.URL: chrome://browser-region/locale/region.properties
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flagfox - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: No Name - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Stephan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-06-11] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-08] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-08] (Windows (R) Server 2003 DDK provider)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-31] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S2 SSPORT; C:\Windows\SysWow64\Drivers\SSPORT.sys [11576 2009-02-23] (Samsung Electronics)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 22:49 - 2013-09-08 22:49 - 00002264 _____ C:\Windows\PFRO.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000056 _____ C:\Windows\setupact.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-09-08 22:38 - 2013-09-08 22:39 - 01029490 _____ (Thisisu) C:\Users\Stephan\Downloads\JRT.exe
2013-09-08 22:24 - 2013-09-08 22:24 - 01948988 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2013-09-08 22:22 - 2013-09-08 22:22 - 00891115 _____ C:\Users\Stephan\Downloads\SecurityCheck.exe
2013-09-08 22:19 - 2013-09-08 22:19 - 01037278 _____ C:\Users\Stephan\Downloads\adwcleaner.exe
2013-09-03 22:02 - 2013-09-03 22:03 - 94848152 _____ (MAGIX AG) C:\Users\Stephan\Downloads\magix_web_designer_9_classic_90mb_chip_de.exe
2013-09-01 22:36 - 2013-09-01 22:36 - 00014336 _____ C:\Users\Stephan\Downloads\Versetzungsantrag1.odt
2013-09-01 22:35 - 2013-09-01 22:35 - 00016768 _____ C:\Users\Stephan\Downloads\Versetzungsantrag.odt
2013-08-19 00:56 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 00:56 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 00:56 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 00:56 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 00:56 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 00:56 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-19 00:56 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-19 00:56 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-19 00:56 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-19 00:56 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-19 00:56 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 00:56 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-19 00:50 - 2013-08-19 00:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 00:10 - 2013-08-19 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 23:17 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 23:17 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-18 23:17 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 23:17 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 23:17 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 23:17 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 23:17 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 23:17 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 23:17 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 23:17 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-08 23:13 - 2013-09-08 23:13 - 00000000 ____D C:\FRST
2013-09-08 23:06 - 2011-02-25 17:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-08 22:58 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-08 22:58 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-08 22:56 - 2013-05-05 23:41 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-08 22:56 - 2009-07-14 19:58 - 00656766 _____ C:\Windows\system32\perfh007.dat
2013-09-08 22:56 - 2009-07-14 19:58 - 00131236 _____ C:\Windows\system32\perfc007.dat
2013-09-08 22:56 - 2009-07-14 07:13 - 01506562 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-08 22:55 - 2012-10-15 19:25 - 01607164 _____ C:\Windows\WindowsUpdate.log
2013-09-08 22:50 - 2013-05-05 23:41 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-08 22:50 - 2011-10-10 21:48 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-08 22:50 - 2011-01-06 15:19 - 00000000 ____D C:\Users\Stephan\AppData\Local\LogMeIn Hamachi
2013-09-08 22:50 - 2010-03-10 22:42 - 00000144 _____ C:\service.log
2013-09-08 22:50 - 2010-03-04 21:56 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2013-09-08 22:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-08 22:49 - 2013-09-08 22:49 - 00002264 _____ C:\Windows\PFRO.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000056 _____ C:\Windows\setupact.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-09-08 22:49 - 2010-03-10 22:48 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-09-08 22:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-08 22:47 - 2012-03-29 19:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-08 22:39 - 2013-09-08 22:38 - 01029490 _____ (Thisisu) C:\Users\Stephan\Downloads\JRT.exe
2013-09-08 22:24 - 2013-09-08 22:24 - 01948988 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2013-09-08 22:22 - 2013-09-08 22:22 - 00891115 _____ C:\Users\Stephan\Downloads\SecurityCheck.exe
2013-09-08 22:19 - 2013-09-08 22:19 - 01037278 _____ C:\Users\Stephan\Downloads\adwcleaner.exe
2013-09-08 20:44 - 2010-03-03 23:26 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Winamp
2013-09-08 20:44 - 2010-03-03 22:20 - 00000000 ____D C:\Windows\Panther
2013-09-08 20:43 - 2010-11-28 03:26 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-08 20:43 - 2010-07-22 23:23 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-08 15:25 - 2011-06-06 18:54 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-05 22:41 - 2012-03-29 23:33 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\vlc
2013-09-03 22:03 - 2013-09-03 22:02 - 94848152 _____ (MAGIX AG) C:\Users\Stephan\Downloads\magix_web_designer_9_classic_90mb_chip_de.exe
2013-09-02 18:52 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-01 22:36 - 2013-09-01 22:36 - 00014336 _____ C:\Users\Stephan\Downloads\Versetzungsantrag1.odt
2013-09-01 22:35 - 2013-09-01 22:35 - 00016768 _____ C:\Users\Stephan\Downloads\Versetzungsantrag.odt
2013-08-20 22:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-20 19:47 - 2012-03-29 19:14 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 19:47 - 2012-03-29 19:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 19:47 - 2011-05-19 17:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 19:00 - 2012-04-24 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 00:52 - 2013-08-19 00:50 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 00:52 - 2010-03-09 19:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-19 00:50 - 2010-03-05 16:28 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-19 00:10 - 2013-08-19 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-02 19:43
FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2013 Ran by Stephan at 2013-09-08 23:14:16 Running from C:\Users\Stephan\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) "Wings of Prey" (Unistall) (x32 Version: 1.0.3.2) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) AMD APP SDK Runtime (Version: 10.0.938.1) AMD Catalyst Install Manager (Version: 8.0.881.0) AMD Fuel (Version: 2012.0611.1251.21046) AMD VISION Engine Control Center (x32 Version: 2012.0611.1251.21046) Apple Application Support (x32 Version: 2.3) Apple Software Update (x32 Version: 2.1.3.127) Browser Configuration Utility (x32 Version: 1.1.11.0) CanoScan Toolbox Ver4.9 (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0611.1251.21046) Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046) Catalyst Control Center Localization All (x32 Version: 2012.0611.1251.21046) CCC Help Chinese Standard (x32 Version: 2012.0611.1250.21046) CCC Help Chinese Traditional (x32 Version: 2012.0611.1250.21046) CCC Help Czech (x32 Version: 2012.0611.1250.21046) CCC Help Danish (x32 Version: 2012.0611.1250.21046) CCC Help Dutch (x32 Version: 2012.0611.1250.21046) CCC Help English (x32 Version: 2012.0611.1250.21046) CCC Help Finnish (x32 Version: 2012.0611.1250.21046) CCC Help French (x32 Version: 2012.0611.1250.21046) CCC Help German (x32 Version: 2012.0611.1250.21046) CCC Help Greek (x32 Version: 2012.0611.1250.21046) CCC Help Hungarian (x32 Version: 2012.0611.1250.21046) CCC Help Italian (x32 Version: 2012.0611.1250.21046) CCC Help Japanese (x32 Version: 2012.0611.1250.21046) CCC Help Korean (x32 Version: 2012.0611.1250.21046) CCC Help Norwegian (x32 Version: 2012.0611.1250.21046) CCC Help Polish (x32 Version: 2012.0611.1250.21046) CCC Help Portuguese (x32 Version: 2012.0611.1250.21046) CCC Help Russian (x32 Version: 2012.0611.1250.21046) CCC Help Spanish (x32 Version: 2012.0611.1250.21046) CCC Help Swedish (x32 Version: 2012.0611.1250.21046) CCC Help Thai (x32 Version: 2012.0611.1250.21046) CCC Help Turkish (x32 Version: 2012.0611.1250.21046) ccc-utility64 (Version: 2012.0611.1251.21046) eaner (Version: 4.05) EasySaver B9.0904.1 (x32 Version: 1.00.0000) ElsterFormular (x32 Version: 14.1.20130301) Empire: Total War (x32) ESET Online Scanner v3 (x32) FIFA 09 (x32 Version: 1.0.1.1) FotoQuelle Fotosoftware 4.11.0 (x32 Version: 4.11.0) Free Audio CD Burner version 1.4.7 (x32) Free Audio CD to MP3 Converter version 1.3 (x32) Free Studio version 5.7.7.1031 (x32 Version: 5.7.7.1031) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) HiJackThis (x32 Version: 1.0.0) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 7 (64-bit) (Version: 7.0.70) Java Auto Updater (x32 Version: 2.1.9.5) Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374) Knights Of Honor (x32 Version: 1.00) LG Burning Tools (x32 Version: 8.3.568) LG CyberLink LabelPrint (x32 Version: 2.0.3605) LG CyberLink PowerBackup (x32 Version: 2.5.4511) LG CyberLink PowerDVD 7.0 (x32 Version: 7.0.3409.a) LG CyberLink PowerProducer (x32 Version: 085312a(3.7)_Vista_LG) LG CyberLink YouCam (x32 Version: 1.0.2609) LG ODD Auto Firmware Update (x32 Version: 9.01.1124.01) LG Power Tools (x32 Version: 6.0.2806) LightScribe System Software (x32 Version: 1.18.1.1) LogMeIn Hamachi (x32 Version: 2.1.0.374) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Media Go (x32 Version: 2.0.317) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft IntelliPoint 7.0 (Version: 7.0.260.0) Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) neroxml (x32 Version: 1.0.0) NHL™ 09 (x32 Version: 2.0.1.0) Nokia Connectivity Cable Driver (Version: 7.1.32.64) PC SWOS-Total Pack version V1.34 (x32 Version: V1.34) PDF Blender (x32) PDFCreator (x32 Version: 1.2.0) PDF-XChange 3.0 (x32) PlayStation(R)Network Downloader (x32 Version: 2.07.00849) PlayStation(R)Store (x32 Version: 4.5.15.13232) QuickTime (x32 Version: 7.74.80.86) Realtek Ethernet Controller Driver (x32 Version: 1.00.0008) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5897) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5919) Reign: Conflict of Nations (Nur entfernen) (x32 Version: 1.1) Rise of Flight (x32) Safari (x32 Version: 5.34.57.2) Sid Meier's Civilization IV Colonization (x32 Version: 1.01) SimCity 4 Deluxe (x32) Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305) Sony PC Companion 2.10.165 (x32 Version: 2.10.165) Spybot - Search & Destroy (x32 Version: 1.6.2) Steam (x32 Version: 1.0.0.0) SumatraPDF (x32 Version: 1.9) Supreme Ruler 2020 5.6.2 (x32) The Golden Horde (x32 Version: 1.0.0) Tom Clancy's H.A.W.X. 2 (x32 Version: 1.0.0) Ubisoft Game Launcher (x32 Version: 1.0.0.0) Uninstall 1.0.0.1 (x32) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) VCRedistSetup (x32 Version: 1.0.0) VLC media player 2.0.1 (x32 Version: 2.0.1) War of the Roses (x32) Wartung Samsung ML-191x 252x Series (x32) Winamp (x32 Version: 5.623 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5) Windows Live Call (x32 Version: 14.0.8117.0416) Windows Live Communications Platform (x32 Version: 14.0.8117.416) Windows Live Essentials (x32 Version: 14.0.8117.0416) Windows Live Essentials (x32 Version: 14.0.8117.416) Windows Live Messenger (x32 Version: 14.0.8117.0416) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) Wings of War (x32 Version: 1.00.0000) WinRAR (x32) ==================== Restore Points ========================= 18-08-2013 21:16:31 Windows Update 18-08-2013 22:49:58 Windows Update 23-08-2013 19:39:39 Windows Update 27-08-2013 19:18:02 Windows Update 01-09-2013 20:31:55 Windows Update 07-09-2013 19:15:19 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2011-06-13 14:16 - 00435030 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {0B33E79E-B1D8-40F2-9E29-82D5B930591F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated) Task: {2DA05E07-A56A-4CBE-87D9-40C83BC9F3FA} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {388DF630-433E-4B70-A170-3404C3247F45} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.) Task: {800D3479-51CB-42A8-A0A6-EA58536CB4C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8504CE65-60B3-4EE9-A02D-BF13D91626DB} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation) Task: {8DBCD1FE-0060-4FFB-9AE6-0AF628CC4509} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {EE0EA366-DD26-489C-8022-E5A217DA0469} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation) Task: {F97D49C6-47F1-42E8-BFF6-770C247C83AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-03-03 23:32 - 2010-02-10 19:10 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2011-04-25 00:14 - 2012-02-14 19:37 - 00231824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\shellex.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00189840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\prremote.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00405904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\prloader.dll 2011-04-25 00:14 - 2012-09-03 20:38 - 00169912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\scrchpg.dll 2011-04-25 00:14 - 2013-09-05 21:47 - 01912000 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\params.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00056208 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\pxstub.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 00445120 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\service.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 01767824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\eka_meta.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00270224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\gadget.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00127888 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\nfio.ppl 2011-04-25 00:15 - 2011-04-25 00:15 - 00050064 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\winreg.ppl 2011-04-25 00:15 - 2011-04-25 00:15 - 00049552 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\thpimpl.ppl 2011-04-25 00:13 - 2012-02-14 19:36 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00012688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll 2011-04-25 00:12 - 2012-10-31 23:02 - 00455096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00147856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\DumpWriter.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00019856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CLLDR.DLL 2011-04-25 00:13 - 2011-04-25 00:13 - 00270736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00115088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00021392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00038288 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl 2011-04-25 00:13 - 2013-09-05 21:47 - 00274624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll 2011-04-25 00:13 - 2013-09-05 21:47 - 00979136 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00315792 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll 2011-04-25 00:14 - 2012-05-06 23:40 - 00042896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 01118400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00041360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\propmap.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00021904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\filemap.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00205200 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\tm.ppl 2013-09-07 21:10 - 2013-09-05 21:47 - 01790144 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\bl.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00057744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wmihlpr.ppl 2011-04-25 00:14 - 2013-02-01 19:37 - 00074608 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\vercheck.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00020368 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\regmap.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00184720 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\acassembler.dll 2011-04-25 00:12 - 2012-02-14 19:36 - 00278928 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\am_facade.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00541072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\storage.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00061840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ndetect.ppl 2011-04-25 00:13 - 2012-10-31 23:02 - 00123320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\crpthlpr.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dtreg.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00028560 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\report.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00042384 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\schedule.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00020368 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\timer.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00098704 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\reportdb.ppl 2013-09-07 21:10 - 2013-09-05 21:47 - 01269952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lic.ppl 2011-04-25 21:57 - 2011-04-25 21:57 - 00019416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cbi.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00017296 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hashmd5.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00487824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klifpp.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 00397752 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avs.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00015760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dmap.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\excludemanager.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00151952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ThreatsManager.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qb.ppl 2013-07-29 19:17 - 2013-07-29 19:17 - 00469184 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\avengine.dll.988476f8400a3c2f30987a0ab095a448 2011-04-25 00:13 - 2011-04-25 00:13 - 00102800 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_facade.dll 2013-07-03 19:24 - 2013-07-03 19:24 - 00571712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavbase.kdl.536518bd3aa8eec5802b2e822096404f 2013-07-17 21:37 - 2013-07-17 21:37 - 01632256 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavemu.kdl.33d4094a21b474c84fafe37780a1ac43 2013-06-16 19:04 - 2013-06-16 19:04 - 00273408 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kjim.kdl.01795aedfa570a09106a387e4ef34e1b 2013-02-12 20:08 - 2013-02-12 20:08 - 00151552 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781 2012-03-29 19:23 - 2012-03-29 19:23 - 00178008 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51 2013-06-27 18:38 - 2013-06-27 18:38 - 00436736 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\qscan.kdl.dd55bf01982b299cb867acad1944e6b6 2013-04-01 22:07 - 2013-04-01 22:07 - 00435712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254 2011-04-25 00:12 - 2012-05-06 23:40 - 08331160 _____ (Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avzkrnl.dll 2012-11-21 17:40 - 2012-11-21 17:40 - 00038400 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3 2013-06-27 18:38 - 2013-06-27 18:38 - 00177664 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavsys.kdl.4bd2ce1e2c86bab49c5e56e0c6501110 2011-04-25 00:13 - 2011-04-25 00:13 - 00139664 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ichecker.dll 2011-04-25 00:14 - 2013-02-01 19:37 - 00373616 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\stat.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00725392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\procmon.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00143760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\netwatch.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00283024 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sandbox.ppl 2011-04-25 00:13 - 2012-02-14 19:37 - 00840080 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hips.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00385424 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CKAHUM.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00057744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CKAHComm.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00135568 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahrule.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CKAHStat.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00459152 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\antispam.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00037264 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ahids.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00029072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00168336 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\oas.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ekasyswatch.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00463760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pdm2rt.ppl 2011-04-25 00:14 - 2012-09-03 20:38 - 00565688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpscan.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00053648 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\smtpprtc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00029584 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\volenum.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00151952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\EXTLprtc.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00057744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\packed_io.dll 2011-04-25 00:13 - 2013-02-01 19:37 - 00573448 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpanlz.ppl 2011-04-25 00:14 - 2012-10-31 23:03 - 01311160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\trafmon2.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00070032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pop3prtc.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00246160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ProcessMonitor.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00278928 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ICQprtc.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00098704 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imapprtc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nntpprtc.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00733584 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\urlflt.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00246160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\MSNprtc.dll 2011-04-25 00:14 - 2012-10-31 23:03 - 00553400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\webnetstat.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll 2011-04-15 13:15 - 2013-05-30 10:32 - 00283840 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\uds.dll.80a1fcd7c0dfdce2c316d7830ffafe93 2011-04-25 00:14 - 2011-04-25 00:14 - 00044432 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sfdb.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00410000 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\format_recognizer.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00197008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\JbrPrtc.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00176528 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksnhelper.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00385424 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_client.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00197008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\transport_provider.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CryptoStaticProvider.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00027024 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\uniarc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00031632 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\minizip.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cab.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00028560 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\arj.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00110992 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\rar.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00037776 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lha.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mdb.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00106896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\msoe.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00086416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mailmsg.ppl 2013-06-16 19:05 - 2013-06-16 19:05 - 00435712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\bsshlp2.kdl.904c718bbe32f92d8d0c4c679ec8a7ac 2011-04-25 00:14 - 2011-04-25 00:14 - 00031120 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wdiskio.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00143760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\IRCPrtc.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 01110456 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\aphishex.ppl 2011-04-23 19:15 - 2013-07-30 18:34 - 01015488 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavasyswatch.dll.e4b9effad09c619818171c46eb660532 2011-04-25 00:14 - 2011-04-25 00:14 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\proxydet.ppl 2011-04-25 00:13 - 2013-09-05 21:47 - 01102016 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\Updater.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00135568 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\diffs.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 00307640 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_statistics.dll 2011-04-14 19:19 - 2013-08-18 23:25 - 00140288 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\sys_critical_obj.dll.27fb6ff49d2b04854f223a333b8bf972 2011-04-05 15:16 - 2012-09-11 21:32 - 00374144 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pdm.kdl.be99d2031eb3aa6699eecce74df88b01 2011-04-25 00:13 - 2012-02-14 19:36 - 00070032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\swpragueplugin.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00156048 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\Yhoprtc.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00205200 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FTPprtc.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00197008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\MMPprtc.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00094608 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\appcat.ppl 2011-04-25 00:13 - 2012-10-31 23:02 - 00438712 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\http_protocoller_pipeline.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00405904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\anti_phishing_http_filter.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00242064 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cf_response_provider.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00582032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\localization_manager.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00014736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\buffer.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00019344 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prseqio.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00014736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\unstored.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00029072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\inflate.ppl 2010-10-01 15:17 - 2010-10-01 15:17 - 00132432 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f 2011-04-25 00:14 - 2012-02-14 19:37 - 00205200 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ods.ppl 2010-03-10 22:42 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL 2009-01-27 22:37 - 2009-01-27 22:37 - 02023424 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll 2009-01-27 22:37 - 2009-01-27 22:37 - 07331840 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll 2009-01-27 22:37 - 2009-01-27 22:37 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2004-09-05 18:18 - 2004-09-05 18:18 - 00086016 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\dscrt30.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00417792 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\ixclib30.dll 2004-09-05 18:18 - 2004-09-05 18:18 - 00430080 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xccdx30.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00438272 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\PXCLIB30.DLL 2004-09-05 18:20 - 2004-09-05 18:20 - 00139264 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\fm30base.dll 2004-09-05 18:20 - 2004-09-05 18:20 - 00077824 _____ (Tracker Software) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\Fm30Tiff.dll 2004-09-05 18:20 - 2004-09-05 18:20 - 00008192 _____ () C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\fm30xmf.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00017408 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcloc30.dll 2004-09-05 18:21 - 2004-09-05 18:21 - 00126976 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcpro30.dll 2004-09-05 18:21 - 2004-09-05 18:21 - 00098304 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcpars30.dll 2011-12-14 20:13 - 2013-05-21 08:57 - 00593920 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\NewUI.dll 2011-12-14 20:13 - 2013-02-05 12:49 - 00701952 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\bvrpctln.dll 2011-12-14 20:13 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2011-12-14 20:13 - 2013-06-04 15:41 - 00918528 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\Device.dll 2011-12-14 20:13 - 2013-05-17 10:51 - 00207872 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2011-12-14 20:13 - 2011-04-04 14:14 - 00113664 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\WUNPACLN.dll 2011-12-14 20:13 - 2013-05-30 15:12 - 00990720 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.dll 2011-12-14 20:13 - 2012-12-26 15:44 - 00287744 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PluginManager.dll 2011-12-14 20:13 - 2013-04-23 17:27 - 00342528 _____ (TODO: <Company name>) C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdateTools.dll 2011-12-14 20:13 - 2012-07-11 17:39 - 00329728 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\DownloadManager.dll 2013-02-27 16:24 - 2013-02-27 16:24 - 00912896 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\BackupRestore.dll 2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2011-11-01 19:32 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2013-02-18 15:53 - 2013-02-18 15:53 - 00789504 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\GMailSync.dll 2012-12-17 14:43 - 2012-12-17 14:43 - 00161792 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\MapiThk.DLL 2013-05-27 12:22 - 2013-05-27 12:22 - 00339456 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\CrashDump.dll 2013-02-18 15:48 - 2013-02-18 15:48 - 00881664 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\ContactSetup.dll 2011-12-14 20:13 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2013-03-18 15:46 - 2013-03-18 15:46 - 00606720 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2011-12-14 20:13 - 2013-05-31 12:17 - 00285696 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\Statistics.dll 2011-12-14 20:13 - 2013-01-07 18:05 - 00182784 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\WebServices.dll 2012-05-29 10:50 - 2012-05-29 10:50 - 00326656 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\SyncDataProviders.dll 2013-01-08 17:03 - 2013-01-08 17:03 - 00086016 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll 2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll 2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll 2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll 2011-05-19 10:06 - 2011-05-19 10:06 - 00061440 _____ (BVRP Software) C:\Program Files (x86)\Sony\Sony PC Companion\PBKENGINE.dll 2012-03-06 14:45 - 2012-03-06 14:45 - 00158720 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\SyncData.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll 2010-03-10 22:42 - 2009-07-30 19:15 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll 2011-04-25 00:13 - 2013-09-05 21:47 - 04460736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpgui.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 02154936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\basegui.ppl 2011-04-20 20:56 - 2011-04-20 20:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll 2013-08-19 00:10 - 2013-08-19 00:10 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-07-16 21:47 - 2013-07-16 21:47 - 16166280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/08/2013 03:26:14 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1 ID des fehlerhaften Prozesses: 0x670 Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0 Pfad der fehlerhaften Anwendung: Fuel.Service.exe1 Pfad des fehlerhaften Moduls: Fuel.Service.exe2 Berichtskennung: Fuel.Service.exe3 Error: (09/05/2013 11:35:30 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1 ID des fehlerhaften Prozesses: 0x668 Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0 Pfad der fehlerhaften Anwendung: Fuel.Service.exe1 Pfad des fehlerhaften Moduls: Fuel.Service.exe2 Berichtskennung: Fuel.Service.exe3 Error: (09/05/2013 11:13:46 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error: (09/05/2013 11:12:20 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/05/2013 11:11:43 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/04/2013 11:54:03 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1 ID des fehlerhaften Prozesses: 0x660 Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0 Pfad der fehlerhaften Anwendung: Fuel.Service.exe1 Pfad des fehlerhaften Moduls: Fuel.Service.exe2 Berichtskennung: Fuel.Service.exe3 Error: (09/03/2013 11:30:04 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1 ID des fehlerhaften Prozesses: 0x660 Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0 Pfad der fehlerhaften Anwendung: Fuel.Service.exe1 Pfad des fehlerhaften Moduls: Fuel.Service.exe2 Berichtskennung: Fuel.Service.exe3 Error: (09/03/2013 10:37:53 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/03/2013 10:37:15 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/03/2013 00:03:30 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1 ID des fehlerhaften Prozesses: 0x648 Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0 Pfad der fehlerhaften Anwendung: Fuel.Service.exe1 Pfad des fehlerhaften Moduls: Fuel.Service.exe2 Berichtskennung: Fuel.Service.exe3 System errors: ============= Error: (09/08/2013 10:50:31 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: KLIM6 Error: (09/08/2013 10:50:31 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/08/2013 10:50:31 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SBSD Security Center Service erreicht. Error: (09/08/2013 10:50:00 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/08/2013 10:49:59 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/08/2013 10:49:49 PM) (Source: atikmdag) (User: ) Description: Display is not active Error: (09/08/2013 10:49:49 PM) (Source: atikmdag) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (09/08/2013 10:49:50 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 08.09.2013 um 22:48:04 unerwartet heruntergefahren. Error: (09/08/2013 10:48:50 PM) (Source: Service Control Manager) (User: ) Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/08/2013 08:40:14 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: KLIM6 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 43% Total physical RAM: 4094.49 MB Available physical RAM: 2303.23 MB Total Pagefile: 8187.17 MB Available Pagefile: 6125.77 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.48 GB) (Free:96.77 GB) NTFS Drive d: (Medien) (Fixed) (Total:319.18 GB) (Free:209.57 GB) NTFS Drive f: (Spiele) (Fixed) (Total:231.28 GB) (Free:169.65 GB) NTFS Drive g: (Daten) (Fixed) (Total:234.47 GB) (Free:230.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5BA2755A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=319 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 466 GB) (Disk ID: 7E211E7F) Partition 1: (Not Active) - (Size=234 GB) - (Type=OF Extended) Partition 2: (Active) - (Size=231 GB) - (Type=07 NTFS) ==================== End Of Log ============================ --- --- --- Ich bin mir jetzt unsicher, ob das Problem mir dem Löschen bei Malwarebytes schon behoben ist oder ob noch weitere Schritte notwendig sind. Wenn ich mir hier die Einträge und Eure Hilfelesitung so anschaue wohl schon. Deshalb wäre ich sehr dankbar, wenn mir jemand sagen könnte, was ich noch zu tun habe. Schon jetzt herzlichen DANK!!! Geändert von McSharp (08.09.2013 um 22:44 Uhr) |
|
08.09.2013, 22:47
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Hallo,
__________________Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
08.09.2013, 22:57
| #3 |
| | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Hallo Cosinus,
__________________vielen Dank für Deine Unterstützung. Nur leider kann ich die Programme nicht herunterladen weil folgende Meldung kommt: C:\Users\Stephan\AppData\Local\Temp konnte nicht gespeichert werden, weil Sie die Inhalte dieses Ordners nicht ändern können. Ändern Sie die Ordnereigenschaften und versuchen Sie es nochmals oder versuchen Sie, an einem anderen Ort zu speichern. Woran kann das liegen? Solch eine Meldung habe ich noch nie gehabt. Ich habe jetzt festgestellt, dass der Ordener C:\Users\Stephan schreibgeschützt ist. Ich weiß nicht, ob das vorher auch so war. Jedenfalls lät sich das nicht ändern, weil mit Windows mir mitten im Veränderungsvorgang sagt, dass Administratorenrecht benötigt werden, was ich aber nicht verstehe, da ich eigentlich der Administrator bin. Geändert von McSharp (08.09.2013 um 23:08 Uhr) |
|
08.09.2013, 23:08
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Versuch es via Rechtsklick => Ziel speichern unter
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.09.2013, 23:51
| #5 |
| | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Hallo Cosinus, mit Rechtsklick hat leider nicht funktioniert. Mir ist aber glücklichwerweise aufgefallen, dass ich den AdwCleaner und das Junkware Removal Tool vorhin schon beim Lesen der anderen Beiträge vorsichtshalber heruntergeladen habe. Da hatte das Herunterladen komischerweisen noch funktioniert. Deshalb wurdert es mich, dass es jetzt nicht mehr klappt. Vielleicht liegt es daran, dass ich dieses PUP.optional.opencandy mit Malwarebytes gelöscht habe. Jedenfalls hier das Ergebnis: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 09/09/2013 um 00:18:29
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Stephan - STEPHAN-PC
# Gestartet von : C:\Users\Stephan\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : BCUService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Crawler
Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Stephan\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Stephan\AppData\Local\cre
Ordner Gelöscht : C:\Users\Stephan\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Stephan\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Stephan\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Stephan\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Stephan\Documents\PCSpeedUp
Ordner Gelöscht : C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Conduit
Ordner Gelöscht : C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\ConduitCommon
Ordner Gelöscht : C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
Datei Gelöscht : C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\uTorrentBar_DEAutoUpdateHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\uTorrentBar_DEAutoUpdateHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\uTorrentBar_DEToolbarHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\uTorrentBar_DEToolbarHelper_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\CToolbar
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\prefs.js ]
Zeile gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT2269050.CTID", "CT2269050");
Zeile gelöscht : user_pref("CT2269050.CurrentServerDate", "5-8-2010");
Zeile gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT2269050.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Thu Aug 05 2010 22:32:43 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.FirstServerDate", "5-8-2010");
Zeile gelöscht : user_pref("CT2269050.FirstTime", true);
Zeile gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT2269050.FirstTimeSettingsDone", true);
Zeile gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Zeile gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT2269050.Initialize", true);
Zeile gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 1);
Zeile gelöscht : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Zeile gelöscht : user_pref("CT2269050.InstalledDate", "Thu Aug 05 2010 22:32:43 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.InvalidateCache", false);
Zeile gelöscht : user_pref("CT2269050.IsGrouping", false);
Zeile gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT2269050.IsOpenThankYouPage", false);
Zeile gelöscht : user_pref("CT2269050.IsOpenUninstallPage", false);
Zeile gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Thu Aug 05 2010 22:32:45 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT2269050.LastLogin_2.7.0.14", "Thu Aug 05 2010 22:32:44 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.LatestVersion", "2.1.0.18");
Zeile gelöscht : user_pref("CT2269050.Locale", "en");
Zeile gelöscht : user_pref("CT2269050.LoginCache", 4);
Zeile gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Zeile gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Thu Aug 05 2010 22:32:45 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Zeile gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Zeile gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Zeile gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Zeile gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Zeile gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Zeile gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Zeile gelöscht : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
Zeile gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
Zeile gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 22:32:45 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Zeile gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Thu Aug 05 2010 22:32:43 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1281012119");
Zeile gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Zeile gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 22:32:43 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Zeile gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Zeile gelöscht : user_pref("CT2269050.UserID", "UN39983013757562547");
Zeile gelöscht : user_pref("CT2269050.ValidationData_Toolbar", 0);
Zeile gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Zeile gelöscht : user_pref("CT2269050.WeatherPollDate", "Thu Aug 05 2010 22:32:44 GMT+0200");
Zeile gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Zeile gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Zeile gelöscht : user_pref("CT2269050.clientLogIsEnabled", false);
Zeile gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT2849855..clientLogIsEnabled", true);
Zeile gelöscht : user_pref("CT2849855..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT2849855..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT2849855.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Zeile gelöscht : user_pref("CT2849855.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT2849855.AppTrackingLastCheckTime", "Sun Nov 13 2011 00:58:04 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.BrowserCompStateIsOpen_129640009348738015", true);
Zeile gelöscht : user_pref("CT2849855.CTID", "CT2849855");
Zeile gelöscht : user_pref("CT2849855.CurrentServerDate", "25-11-2011");
Zeile gelöscht : user_pref("CT2849855.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT2849855.DialogsGetterLastCheckTime", "Wed Nov 23 2011 22:57:24 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT2849855.EMailNotifierPollDate", "Sat Nov 26 2011 01:18:01 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedLastCount129349796701375473", 550);
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313974171006416", "Fri Nov 25 2011 22:19:01 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313975698350231", "Fri Nov 25 2011 22:19:01 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313976370850190", "Fri Nov 25 2011 22:19:01 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313976648818968", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313977444757117", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313980389131455", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313980655381977", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313980886163259", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313981234756535", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313983226631720", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedPollDate129313983607725691", "Fri Nov 25 2011 22:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.FeedTTL129313974171006416", 10);
Zeile gelöscht : user_pref("CT2849855.FeedTTL129313977444757117", 15);
Zeile gelöscht : user_pref("CT2849855.FeedTTL129313980655381977", 5);
Zeile gelöscht : user_pref("CT2849855.FeedTTL129313981234756535", 5);
Zeile gelöscht : user_pref("CT2849855.FirstServerDate", "16-2-2011");
Zeile gelöscht : user_pref("CT2849855.FirstTime", true);
Zeile gelöscht : user_pref("CT2849855.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT2849855.FixPageNotFoundErrors", false);
Zeile gelöscht : user_pref("CT2849855.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT2849855.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT2849855.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("CT2849855.HomePageProtectorEnabled", false);
Zeile gelöscht : user_pref("CT2849855.Initialize", true);
Zeile gelöscht : user_pref("CT2849855.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT2849855.InstallationAndCookieDataSentCount", 3);
Zeile gelöscht : user_pref("CT2849855.InstallationType", "UnknownIntegration");
Zeile gelöscht : user_pref("CT2849855.InstalledDate", "Wed Feb 16 2011 20:59:59 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.IsAlertDBUpdated", true);
Zeile gelöscht : user_pref("CT2849855.IsGrouping", false);
Zeile gelöscht : user_pref("CT2849855.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT2849855.IsOpenThankYouPage", true);
Zeile gelöscht : user_pref("CT2849855.IsOpenUninstallPage", false);
Zeile gelöscht : user_pref("CT2849855.LanguagePackLastCheckTime", "Fri Nov 25 2011 23:42:12 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2849855.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT2849855.LastLogin_3.2.5.2", "Thu Apr 21 2011 10:41:53 GMT+0200");
Zeile gelöscht : user_pref("CT2849855.LastLogin_3.3.3.2", "Mon Aug 01 2011 21:01:08 GMT+0200");
Zeile gelöscht : user_pref("CT2849855.LastLogin_3.6.0.10", "Thu Sep 22 2011 21:16:34 GMT+0200");
Zeile gelöscht : user_pref("CT2849855.LastLogin_3.7.0.6", "Tue Nov 08 2011 11:18:41 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.LastLogin_3.8.0.8", "Fri Nov 25 2011 20:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.LatestVersion", "3.8.0.8");
Zeile gelöscht : user_pref("CT2849855.Locale", "de");
Zeile gelöscht : user_pref("CT2849855.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT2849855.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT2849855.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT2849855.MyStuffEnabledAtInstallation", true);
Zeile gelöscht : user_pref("CT2849855.SHRINK_TOOLBAR", 1);
Zeile gelöscht : user_pref("CT2849855.SearchEngineBeforeUnload", "Yahoo");
Zeile gelöscht : user_pref("CT2849855.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT2849855.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&q=");
Zeile gelöscht : user_pref("CT2849855.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2849855.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2849855.SearchInNewTabLastCheckTime", "Fri Nov 25 2011 23:42:12 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2849855.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2849855.SearchProtectorEnabled", false);
Zeile gelöscht : user_pref("CT2849855.SearchProtectorToolbarDisabled", false);
Zeile gelöscht : user_pref("CT2849855.ServiceMapLastCheckTime", "Fri Nov 25 2011 23:42:12 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.SettingsLastCheckTime", "Fri Nov 25 2011 20:19:01 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.SettingsLastUpdate", "1321973040");
Zeile gelöscht : user_pref("CT2849855.ThirdPartyComponentsInterval", 504);
Zeile gelöscht : user_pref("CT2849855.ThirdPartyComponentsLastCheck", "Tue Nov 15 2011 23:23:03 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.ThirdPartyComponentsLastUpdate", "1255348257");
Zeile gelöscht : user_pref("CT2849855.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2849855");
Zeile gelöscht : user_pref("CT2849855.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Zeile gelöscht : user_pref("CT2849855.UserID", "UN51194241377441452");
Zeile gelöscht : user_pref("CT2849855.ValidationData_Search", 2);
Zeile gelöscht : user_pref("CT2849855.ValidationData_Toolbar", 2);
Zeile gelöscht : user_pref("CT2849855.WeatherNetwork", "");
Zeile gelöscht : user_pref("CT2849855.WeatherPollDate", "Sat Nov 26 2011 00:53:00 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.WeatherUnit", "C");
Zeile gelöscht : user_pref("CT2849855.alertChannelId", "1241896");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D474549484C5952594B335E5356432C45333438334A414C546660576364676F6A5E4B766B6E5B445D4B4C504A6259646C787A2[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B525D66716C216E6B587D73675[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462B554A4D4B4749594D33535D4F432C45333439344A414C565B5E6C656E706C7164736D4D786D705D465F4D4E534D645B66705[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e.:2z527", "247E6F727174354379453A3D2A722C757A787D31283323242B4953542E594E513E27402A2B3230453C47323B3C5564606A436E6366533C553F4447445A515C7D7D7E7C6973722173745[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D68506A6F7171742256227679664F6[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A666D7B7C7174726E702174745B2[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e06cg5el8:", "6E6D6F707171746D7276");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473757677777A73787C242F4B49474F42357D5D5C3D");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D705D465F4D524B51645B66732[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A4946484B5F56616F7C217D74747[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D70517E6B60496252505451675[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A7C517C7174614A63525557526[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B6C697A7E21702370765925797[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B4B474B51605762747C2473737[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D705D465F4F4C5451645B66797[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A312833474745445159575B504B504B4D5E545553533A655A5D4A334C3C3B3A3951485367756363677575676B65527D7275624B645453515[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B445D4D4F524F6259647927252[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A435C4D474B4961586379226F742[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68786C717154207477644D66575[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A7273717A786D2256227679664F6[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37502E4F4747315C5154412A4334313738483F4A635F5A6A645E625A4772676A5740594A474D4D5E55607971246E7778257[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D705D465F504F5050645B66212[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A515C77707773202371215925797[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F677578684C65706B54207477644D66575[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C445C535E7B21747C7821745A267[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A52404548564F58315C5154412A4335342F37483F4A68646B645D5E626462616D6971726B6C786A517C7174614A6355544F566[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352C37565949484E4F51525C4E4C55535B54605A5A3E695E614E37503B3D41544B567575656D7367796D6D7C55217578654E675[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B485C535E7E6C6956227679664F6[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D6F517C71547873634C6557566[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215642542D584D503D263F2D2E2E2E443B4635645E6669595C6062686F5C7363716F696467764F7A6F725F48614F50504F665D6[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b-0?3g>d", "3B6E6C6E407442727A717044472076754C7725227A53542A242727252B2A2A5C2C5C2A2A");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b-0?3g@6:5;", "");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b5ba==9cjag", "3A3C6D6D707274757A717674794B4C4C202021507E");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F707171746D746F707174");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b90e@8ff=eg", "393F352F3E");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b9643g3/9e", "6A");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b<:222h64<", "393F352F3E");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b=+03eh8h8j?:", "4443");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9b?b0d:8aj62<h", "6D");
Zeile gelöscht : user_pref("CT2849855.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Zeile gelöscht : user_pref("CT2849855.backendstorage.cb_firstuse0100", "31");
Zeile gelöscht : user_pref("CT2849855.backendstorage.cbfirsttime", "5765642053657020323820323031312032323A32353A353120474D542B30323030");
Zeile gelöscht : user_pref("CT2849855.backendstorage.enableinj", "");
Zeile gelöscht : user_pref("CT2849855.backendstorage.url_history", "687474703A2F2F7777772E737069656C776172656E2D77657273742E64652F696E6465782E7068703F636D643D73686F775F64657461696C732669643D32266C616E673D6465266D69643[...]
Zeile gelöscht : user_pref("CT2849855.backendstorage.url_history_time", "31333139343932333132333636");
Zeile gelöscht : user_pref("CT2849855.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Zeile gelöscht : user_pref("CT2849855.globalFirstTimeInfoLastCheckTime", "Fri Nov 25 2011 20:19:02 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.homepageProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT2849855.initDone", true);
Zeile gelöscht : user_pref("CT2849855.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("CT2849855.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT2849855.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT2849855.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT2849855.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2849855.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT2849855.oldAppsList", "129349796699187955,129349796699500456,1000234,129349796699656708,1000034,129431553514219224,129349796699969211,129349796701375473,129349796701375474,129349796701531[...]
Zeile gelöscht : user_pref("CT2849855.revertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2849855.searchProtectorDialogDelayInSec", 10);
Zeile gelöscht : user_pref("CT2849855.searchProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT2849855.testingCtid", "");
Zeile gelöscht : user_pref("CT2849855.toolbarAppMetaDataLastCheckTime", "Fri Nov 25 2011 23:42:12 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.toolbarContextMenuLastCheckTime", "Tue Nov 22 2011 23:30:06 GMT+0100");
Zeile gelöscht : user_pref("CT2849855.usagesFlag", 2);
Zeile gelöscht : user_pref("CT2851647_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1365714197856,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1241896/1237569/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2849855", "\"1319527335\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de", "oIwsta2spzadhjRgiY1Nhw==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de", "WiZSpHJzJ/uTUKvfHHyj/w==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de", "9H/gICSaMqbmx+Gd+8W4Sg==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de", "eJfMrdrGnhGHiiPiYjgAww==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"8028f138140cc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80ee9485875dcc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2849855", "\"189bc05ed9753368aadfb2b80f08021d\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634386539058500000\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634335443890000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/2011 12:59:49 PM", "634339976460000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2849855&octid=CT2849855", "\"1321973041\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2849855/CT2849855", "\"1311168866\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"07bb177151bafb3279d86644950b67e1\"");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwner", "");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bittorrentbar_de");
Zeile gelöscht : user_pref("CommunityToolbar.IsEngineShown", true);
Zeile gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Zeile gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Stephan\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\q4facy49.default\\conduitCommon\\modules\\3.8.0.8");
Zeile gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Zeile gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/arcade.htm?ctId=CT2849855", "744x663");
Zeile gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_5a2d5b2f", "356x332");
Zeile gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/menu_dlg/pg_dlg.html#pg_ext_msg_key_7ed492e4", "100x93");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2849855");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bittorrentbar_de");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2849855");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,ConduitEngine,CT2849855");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri May 13 2011 19:43:33 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 01 2011 21:01:15 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Zeile gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 01 2011 21:01:07 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Zeile gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userId", "{21e46862-20b7-4122-9ebb-b61841794eba}");
Zeile gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Nov 25 2011 23:42:12 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "fce429a2-6076-464d-9123-2cc3d10b6052");
Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.killedEngine", true);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Nov 20 2011 22:38:05 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Nov 25 2011 23:42:20 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Nov 25 2011 23:42:12 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userId", "7efa64d0-6d5a-49e9-83ea-c839e56dc783");
Zeile gelöscht : user_pref("CommunityToolbar.undefined", "");
Zeile gelöscht : user_pref("extensions.enabledItems", "{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323,{1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2,fdm_ffext@freedownloadmanager.org:1.3.3,{872b5b88-9db5-4310-bdd0-ac18[...]
Zeile gelöscht : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Zeile gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT2851647");
Zeile gelöscht : user_pref("smartbar.machineId", "WPPRU5OKQUN0Z0CK4FHPYT1ODJ8VI5N0KRCIYCF8A4US1T26TI3UJL1QJFNYD0LUPS+QLAC40HX5W6GAS/6+XG");
*************************
AdwCleaner[R0].txt - [38774 octets] - [09/09/2013 00:17:40]
AdwCleaner[S0].txt - [38313 octets] - [09/09/2013 00:18:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [38374 octets] ##########
JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Home Premium x64
Ran by Stephan on 09.09.2013 at 0:28:53,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Stephan\AppData\Roaming\mozilla\firefox\profiles\q4facy49.default\minidumps [30 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.09.2013 at 0:33:58,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Du glaubt es nicht. Nach dem ich das JRT durchgeführt habe, kann ich auch wieder die Programm herunterladen und bekomme diese Meldung nicht mehr angezeigt. Da scheint das JRT ja irgend etwas gelöscht zu haben. Und hier die neuen Ergebnisse von Farbar: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by Stephan (administrator) on STEPHAN-PC on 09-09-2013 00:46:37
Running from C:\Users\Stephan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968 2009-01-27] (Hewlett-Packard Company)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [pdfSaver3] - C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe [380928 2004-09-05] (Tracker Software Products Ltd.)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {30c1dd70-3cfd-11df-842d-00241d2e188f} - L:\LaunchU3.exe -a
MountPoints2: {33b37072-267b-11e1-9d37-00241d2e188f} - H:\Startme.exe
MountPoints2: {360fdc79-dc44-11e2-97cd-00241d2e188f} - H:\Startme.exe
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl] - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-07] (CyberLink Corp.)
HKLM-x32\...\Run: [pdfSaver3] - [x]
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-06-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
URLSearchHook: (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
SearchScopes: HKCU - {7D82E3D0-A793-41D4-9CFA-A7A81C3BA455} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {F52F6678-F4F7-486b-9DDC-491B03B7F9E6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6180/mcfscan.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225
FireFox:
========
FF ProfilePath: C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default
FF SelectedSearchEngine: Google
FF Keyword.URL: chrome://browser-region/locale/region.properties
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flagfox - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: No Name - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-06-11] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-09] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-09] (Windows (R) Server 2003 DDK provider)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-31] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S2 SSPORT; C:\Windows\SysWow64\Drivers\SSPORT.sys [11576 2009-02-23] (Samsung Electronics)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 00:33 - 2013-09-09 00:33 - 00000868 _____ C:\Users\Stephan\Desktop\JRT.txt
2013-09-09 00:28 - 2013-09-09 00:28 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 00:20 - 2013-09-09 00:20 - 00038455 _____ C:\Users\Stephan\Desktop\AdwCleaner[S0].txt
2013-09-09 00:16 - 2013-09-09 00:18 - 00000000 ____D C:\AdwCleaner
2013-09-08 23:20 - 2013-09-08 23:20 - 00053659 _____ C:\Users\Stephan\Desktop\Addition.txt
2013-09-08 23:14 - 2013-09-08 23:14 - 00053659 _____ C:\Users\Stephan\Downloads\Addition.txt
2013-09-08 23:13 - 2013-09-08 23:13 - 00000000 ____D C:\FRST
2013-09-08 22:49 - 2013-09-09 00:19 - 00000112 _____ C:\Windows\setupact.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00002264 _____ C:\Windows\PFRO.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-09-08 22:38 - 2013-09-08 22:39 - 01029490 _____ (Thisisu) C:\Users\Stephan\Desktop\JRT.exe
2013-09-08 22:24 - 2013-09-08 22:24 - 01948988 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2013-09-08 22:22 - 2013-09-08 22:22 - 00891115 _____ C:\Users\Stephan\Downloads\SecurityCheck.exe
2013-09-08 22:19 - 2013-09-08 22:19 - 01037278 _____ C:\Users\Stephan\Desktop\adwcleaner.exe
2013-09-03 22:02 - 2013-09-03 22:03 - 94848152 _____ (MAGIX AG) C:\Users\Stephan\Downloads\magix_web_designer_9_classic_90mb_chip_de.exe
2013-09-01 22:36 - 2013-09-01 22:36 - 00014336 _____ C:\Users\Stephan\Downloads\Versetzungsantrag1.odt
2013-09-01 22:35 - 2013-09-01 22:35 - 00016768 _____ C:\Users\Stephan\Downloads\Versetzungsantrag.odt
2013-08-19 00:56 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 00:56 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 00:56 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 00:56 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 00:56 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 00:56 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-19 00:56 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-19 00:56 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-19 00:56 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-19 00:56 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-19 00:56 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 00:56 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-19 00:50 - 2013-08-19 00:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 00:10 - 2013-08-19 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 23:17 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 23:17 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-18 23:17 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 23:17 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 23:17 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 23:17 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 23:17 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 23:17 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 23:17 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 23:17 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-09 00:44 - 2013-09-09 00:44 - 01948988 _____ (Farbar) C:\Users\Stephan\Desktop\FRST64.exe
2013-09-09 00:33 - 2013-09-09 00:33 - 00000868 _____ C:\Users\Stephan\Desktop\JRT.txt
2013-09-09 00:28 - 2013-09-09 00:28 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 00:28 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 00:28 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 00:24 - 2009-07-14 19:58 - 00656766 _____ C:\Windows\system32\perfh007.dat
2013-09-09 00:24 - 2009-07-14 19:58 - 00131236 _____ C:\Windows\system32\perfc007.dat
2013-09-09 00:24 - 2009-07-14 07:13 - 01506562 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 00:21 - 2011-02-25 17:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-09 00:20 - 2013-09-09 00:20 - 00038455 _____ C:\Users\Stephan\Desktop\AdwCleaner[S0].txt
2013-09-09 00:20 - 2013-05-05 23:41 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-09 00:20 - 2011-01-06 15:19 - 00000000 ____D C:\Users\Stephan\AppData\Local\LogMeIn Hamachi
2013-09-09 00:20 - 2010-03-10 22:42 - 00000144 _____ C:\service.log
2013-09-09 00:20 - 2010-03-04 21:56 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2013-09-09 00:19 - 2013-09-08 22:49 - 00000112 _____ C:\Windows\setupact.log
2013-09-09 00:19 - 2011-10-10 21:48 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-09 00:19 - 2010-03-10 22:48 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-09-09 00:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 00:18 - 2013-09-09 00:16 - 00000000 ____D C:\AdwCleaner
2013-09-09 00:18 - 2012-10-15 19:25 - 01618672 _____ C:\Windows\WindowsUpdate.log
2013-09-08 23:56 - 2013-05-05 23:41 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-08 23:20 - 2013-09-08 23:20 - 00053659 _____ C:\Users\Stephan\Desktop\Addition.txt
2013-09-08 23:14 - 2013-09-08 23:14 - 00053659 _____ C:\Users\Stephan\Downloads\Addition.txt
2013-09-08 23:13 - 2013-09-08 23:13 - 00000000 ____D C:\FRST
2013-09-08 22:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-08 22:49 - 2013-09-08 22:49 - 00002264 _____ C:\Windows\PFRO.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-09-08 22:39 - 2013-09-08 22:38 - 01029490 _____ (Thisisu) C:\Users\Stephan\Desktop\JRT.exe
2013-09-08 22:24 - 2013-09-08 22:24 - 01948988 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2013-09-08 22:22 - 2013-09-08 22:22 - 00891115 _____ C:\Users\Stephan\Downloads\SecurityCheck.exe
2013-09-08 22:19 - 2013-09-08 22:19 - 01037278 _____ C:\Users\Stephan\Desktop\adwcleaner.exe
2013-09-08 20:44 - 2010-03-03 23:26 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Winamp
2013-09-08 20:44 - 2010-03-03 22:20 - 00000000 ____D C:\Windows\Panther
2013-09-08 20:43 - 2010-11-28 03:26 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-08 20:43 - 2010-07-22 23:23 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-08 15:25 - 2011-06-06 18:54 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-05 22:41 - 2012-03-29 23:33 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\vlc
2013-09-03 22:03 - 2013-09-03 22:02 - 94848152 _____ (MAGIX AG) C:\Users\Stephan\Downloads\magix_web_designer_9_classic_90mb_chip_de.exe
2013-09-02 18:52 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-01 22:36 - 2013-09-01 22:36 - 00014336 _____ C:\Users\Stephan\Downloads\Versetzungsantrag1.odt
2013-09-01 22:35 - 2013-09-01 22:35 - 00016768 _____ C:\Users\Stephan\Downloads\Versetzungsantrag.odt
2013-08-20 22:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-20 19:47 - 2012-03-29 19:14 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 19:47 - 2012-03-29 19:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 19:47 - 2011-05-19 17:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 19:00 - 2012-04-24 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 00:52 - 2013-08-19 00:50 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 00:52 - 2010-03-09 19:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-19 00:50 - 2010-03-05 16:28 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-19 00:10 - 2013-08-19 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
Files to move or delete:
====================
C:\Users\Stephan\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-02 19:43
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2013 Ran by Stephan at 2013-09-09 00:50:01 Running from C:\Users\Stephan\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) "Wings of Prey" (Unistall) (x32 Version: 1.0.3.2) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) AMD APP SDK Runtime (Version: 10.0.938.1) AMD Catalyst Install Manager (Version: 8.0.881.0) AMD Fuel (Version: 2012.0611.1251.21046) AMD VISION Engine Control Center (x32 Version: 2012.0611.1251.21046) Apple Application Support (x32 Version: 2.3) Apple Software Update (x32 Version: 2.1.3.127) Browser Configuration Utility (x32 Version: 1.1.11.0) CanoScan Toolbox Ver4.9 (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0611.1251.21046) Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046) Catalyst Control Center Localization All (x32 Version: 2012.0611.1251.21046) CCC Help Chinese Standard (x32 Version: 2012.0611.1250.21046) CCC Help Chinese Traditional (x32 Version: 2012.0611.1250.21046) CCC Help Czech (x32 Version: 2012.0611.1250.21046) CCC Help Danish (x32 Version: 2012.0611.1250.21046) CCC Help Dutch (x32 Version: 2012.0611.1250.21046) CCC Help English (x32 Version: 2012.0611.1250.21046) CCC Help Finnish (x32 Version: 2012.0611.1250.21046) CCC Help French (x32 Version: 2012.0611.1250.21046) CCC Help German (x32 Version: 2012.0611.1250.21046) CCC Help Greek (x32 Version: 2012.0611.1250.21046) CCC Help Hungarian (x32 Version: 2012.0611.1250.21046) CCC Help Italian (x32 Version: 2012.0611.1250.21046) CCC Help Japanese (x32 Version: 2012.0611.1250.21046) CCC Help Korean (x32 Version: 2012.0611.1250.21046) CCC Help Norwegian (x32 Version: 2012.0611.1250.21046) CCC Help Polish (x32 Version: 2012.0611.1250.21046) CCC Help Portuguese (x32 Version: 2012.0611.1250.21046) CCC Help Russian (x32 Version: 2012.0611.1250.21046) CCC Help Spanish (x32 Version: 2012.0611.1250.21046) CCC Help Swedish (x32 Version: 2012.0611.1250.21046) CCC Help Thai (x32 Version: 2012.0611.1250.21046) CCC Help Turkish (x32 Version: 2012.0611.1250.21046) ccc-utility64 (Version: 2012.0611.1251.21046) eaner (Version: 4.05) EasySaver B9.0904.1 (x32 Version: 1.00.0000) ElsterFormular (x32 Version: 14.1.20130301) Empire: Total War (x32) ESET Online Scanner v3 (x32) FIFA 09 (x32 Version: 1.0.1.1) FotoQuelle Fotosoftware 4.11.0 (x32 Version: 4.11.0) Free Audio CD Burner version 1.4.7 (x32) Free Audio CD to MP3 Converter version 1.3 (x32) Free Studio version 5.7.7.1031 (x32 Version: 5.7.7.1031) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) HiJackThis (x32 Version: 1.0.0) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 7 (64-bit) (Version: 7.0.70) Java Auto Updater (x32 Version: 2.1.9.5) Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374) Knights Of Honor (x32 Version: 1.00) LG Burning Tools (x32 Version: 8.3.568) LG CyberLink LabelPrint (x32 Version: 2.0.3605) LG CyberLink PowerBackup (x32 Version: 2.5.4511) LG CyberLink PowerDVD 7.0 (x32 Version: 7.0.3409.a) LG CyberLink PowerProducer (x32 Version: 085312a(3.7)_Vista_LG) LG CyberLink YouCam (x32 Version: 1.0.2609) LG ODD Auto Firmware Update (x32 Version: 9.01.1124.01) LG Power Tools (x32 Version: 6.0.2806) LightScribe System Software (x32 Version: 1.18.1.1) LogMeIn Hamachi (x32 Version: 2.1.0.374) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Media Go (x32 Version: 2.0.317) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft IntelliPoint 7.0 (Version: 7.0.260.0) Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) neroxml (x32 Version: 1.0.0) NHL™ 09 (x32 Version: 2.0.1.0) Nokia Connectivity Cable Driver (Version: 7.1.32.64) PC SWOS-Total Pack version V1.34 (x32 Version: V1.34) PDF Blender (x32) PDFCreator (x32 Version: 1.2.0) PDF-XChange 3.0 (x32) PlayStation(R)Network Downloader (x32 Version: 2.07.00849) PlayStation(R)Store (x32 Version: 4.5.15.13232) QuickTime (x32 Version: 7.74.80.86) Realtek Ethernet Controller Driver (x32 Version: 1.00.0008) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5897) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5919) Reign: Conflict of Nations (Nur entfernen) (x32 Version: 1.1) Rise of Flight (x32) Safari (x32 Version: 5.34.57.2) Sid Meier's Civilization IV Colonization (x32 Version: 1.01) SimCity 4 Deluxe (x32) Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305) Sony PC Companion 2.10.165 (x32 Version: 2.10.165) Spybot - Search & Destroy (x32 Version: 1.6.2) Steam (x32 Version: 1.0.0.0) SumatraPDF (x32 Version: 1.9) Supreme Ruler 2020 5.6.2 (x32) The Golden Horde (x32 Version: 1.0.0) Tom Clancy's H.A.W.X. 2 (x32 Version: 1.0.0) Ubisoft Game Launcher (x32 Version: 1.0.0.0) Uninstall 1.0.0.1 (x32) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) VCRedistSetup (x32 Version: 1.0.0) VLC media player 2.0.1 (x32 Version: 2.0.1) War of the Roses (x32) Wartung Samsung ML-191x 252x Series (x32) Winamp (x32 Version: 5.623 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5) Windows Live Call (x32 Version: 14.0.8117.0416) Windows Live Communications Platform (x32 Version: 14.0.8117.416) Windows Live Essentials (x32 Version: 14.0.8117.0416) Windows Live Essentials (x32 Version: 14.0.8117.416) Windows Live Messenger (x32 Version: 14.0.8117.0416) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) Wings of War (x32 Version: 1.00.0000) WinRAR (x32) ==================== Restore Points ========================= 18-08-2013 21:16:31 Windows Update 18-08-2013 22:49:58 Windows Update 23-08-2013 19:39:39 Windows Update 27-08-2013 19:18:02 Windows Update 01-09-2013 20:31:55 Windows Update 07-09-2013 19:15:19 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2011-06-13 14:16 - 00435030 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {0B33E79E-B1D8-40F2-9E29-82D5B930591F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated) Task: {388DF630-433E-4B70-A170-3404C3247F45} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.) Task: {800D3479-51CB-42A8-A0A6-EA58536CB4C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8504CE65-60B3-4EE9-A02D-BF13D91626DB} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation) Task: {8DBCD1FE-0060-4FFB-9AE6-0AF628CC4509} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {C4AD4BF7-D181-4589-9414-4F87C2D6782F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {EE0EA366-DD26-489C-8022-E5A217DA0469} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation) Task: {F97D49C6-47F1-42E8-BFF6-770C247C83AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-04-25 00:14 - 2012-09-03 20:38 - 00169912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\scrchpg.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00270224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\gadget.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00189840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\prremote.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00405904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\prloader.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00056208 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\pxstub.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 01912000 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\params.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00127888 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\nfio.ppl 2011-04-25 00:15 - 2011-04-25 00:15 - 00050064 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\winreg.ppl 2011-04-25 00:15 - 2011-04-25 00:15 - 00049552 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\thpimpl.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 00445120 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\service.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 01767824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\eka_meta.dll 2010-03-03 23:32 - 2010-02-10 19:10 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2011-04-25 00:14 - 2012-02-14 19:37 - 00231824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\shellex.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00012688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll 2011-04-25 00:12 - 2012-10-31 23:02 - 00455096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00147856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\DumpWriter.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00019856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CLLDR.DLL 2011-04-25 00:13 - 2011-04-25 00:13 - 00270736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00115088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00021392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00038288 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl 2011-04-25 00:13 - 2013-09-05 21:47 - 00274624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll 2011-04-25 00:13 - 2013-09-05 21:47 - 00979136 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00315792 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll 2011-04-25 00:14 - 2012-05-06 23:40 - 00042896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 01118400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00041360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\propmap.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00021904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\filemap.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00205200 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\tm.ppl 2013-09-07 21:10 - 2013-09-05 21:47 - 01790144 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\bl.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00057744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wmihlpr.ppl 2011-04-25 00:14 - 2013-02-01 19:37 - 00074608 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\vercheck.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00020368 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\regmap.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00184720 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\acassembler.dll 2011-04-25 00:12 - 2012-02-14 19:36 - 00278928 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\am_facade.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00541072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\storage.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00061840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ndetect.ppl 2011-04-25 00:13 - 2012-10-31 23:02 - 00123320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\crpthlpr.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dtreg.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00028560 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\report.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00042384 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\schedule.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00020368 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\timer.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00098704 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\reportdb.ppl 2013-09-07 21:10 - 2013-09-05 21:47 - 01269952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lic.ppl 2011-04-25 21:57 - 2011-04-25 21:57 - 00019416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cbi.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00017296 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hashmd5.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00487824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klifpp.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 00397752 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avs.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00015760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\dmap.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\excludemanager.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00151952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ThreatsManager.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qb.ppl 2013-07-29 19:17 - 2013-07-29 19:17 - 00469184 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\avengine.dll.988476f8400a3c2f30987a0ab095a448 2011-04-25 00:13 - 2011-04-25 00:13 - 00102800 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_facade.dll 2013-07-03 19:24 - 2013-07-03 19:24 - 00571712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavbase.kdl.536518bd3aa8eec5802b2e822096404f 2013-07-17 21:37 - 2013-07-17 21:37 - 01632256 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavemu.kdl.33d4094a21b474c84fafe37780a1ac43 2013-06-16 19:04 - 2013-06-16 19:04 - 00273408 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kjim.kdl.01795aedfa570a09106a387e4ef34e1b 2013-02-12 20:08 - 2013-02-12 20:08 - 00151552 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781 2012-03-29 19:23 - 2012-03-29 19:23 - 00178008 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51 2013-06-27 18:38 - 2013-06-27 18:38 - 00436736 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\qscan.kdl.dd55bf01982b299cb867acad1944e6b6 2013-04-01 22:07 - 2013-04-01 22:07 - 00435712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254 2011-04-25 00:12 - 2012-05-06 23:40 - 08331160 _____ (Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avzkrnl.dll 2012-11-21 17:40 - 2012-11-21 17:40 - 00038400 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3 2013-06-27 18:38 - 2013-06-27 18:38 - 00177664 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\kavsys.kdl.4bd2ce1e2c86bab49c5e56e0c6501110 2011-04-25 00:13 - 2011-04-25 00:13 - 00139664 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ichecker.dll 2011-04-25 00:14 - 2013-02-01 19:37 - 00373616 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\stat.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00725392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\procmon.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00283024 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sandbox.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00143760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\netwatch.ppl 2011-04-25 00:13 - 2012-02-14 19:36 - 00459152 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\antispam.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00168336 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\oas.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00029584 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\volenum.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00037264 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ahids.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00385424 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CKAHUM.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00057744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CKAHComm.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00135568 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ckahrule.dll 2011-04-25 00:13 - 2012-02-14 19:37 - 00840080 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\hips.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CKAHStat.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00029072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00463760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pdm2rt.ppl 2011-04-25 00:14 - 2012-09-03 20:38 - 00565688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpscan.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00057744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\packed_io.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00053648 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\smtpprtc.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00151952 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\EXTLprtc.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00070032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pop3prtc.ppl 2011-04-25 00:14 - 2012-10-31 23:03 - 01311160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\trafmon2.ppl 2011-04-25 00:13 - 2013-02-01 19:37 - 00573448 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\httpanlz.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00246160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ProcessMonitor.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00098704 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imapprtc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nntpprtc.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00044432 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\sfdb.ppl 2011-04-25 00:14 - 2012-02-14 19:37 - 00733584 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\urlflt.ppl 2011-04-15 13:15 - 2013-05-30 10:32 - 00283840 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\uds.dll.80a1fcd7c0dfdce2c316d7830ffafe93 2011-04-25 00:14 - 2012-10-31 23:03 - 00553400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\webnetstat.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00410000 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\format_recognizer.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00176528 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksnhelper.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00385424 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_client.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00197008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\transport_provider.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CryptoStaticProvider.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00027024 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\uniarc.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00031632 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\minizip.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cab.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00028560 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\arj.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00110992 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\rar.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00037776 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\lha.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mdb.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00106896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\msoe.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00086416 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mailmsg.ppl 2013-06-16 19:05 - 2013-06-16 19:05 - 00435712 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\bsshlp2.kdl.904c718bbe32f92d8d0c4c679ec8a7ac 2011-04-25 00:14 - 2011-04-25 00:14 - 00031120 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wdiskio.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00078224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\proxydet.ppl 2011-04-25 00:13 - 2013-09-05 21:47 - 01102016 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\Updater.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00135568 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\diffs.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 01110456 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\aphishex.ppl 2011-04-14 19:19 - 2013-08-18 23:25 - 00140288 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\sys_critical_obj.dll.27fb6ff49d2b04854f223a333b8bf972 2011-04-05 15:16 - 2012-09-11 21:32 - 00374144 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\pdm.kdl.be99d2031eb3aa6699eecce74df88b01 2011-04-25 00:13 - 2011-04-25 00:13 - 00094608 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\appcat.ppl 2011-04-25 00:13 - 2012-10-31 23:02 - 00438712 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\http_protocoller_pipeline.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00014736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\buffer.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00019344 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prseqio.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00029072 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\inflate.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00015760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\mdmap.ppl 2011-04-25 00:12 - 2011-04-25 00:12 - 00082320 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ekasyswatch.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00205200 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FTPprtc.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00278928 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ICQprtc.dll 2011-04-23 19:15 - 2013-07-30 18:34 - 01015488 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\klavasyswatch.dll.e4b9effad09c619818171c46eb660532 2011-04-25 00:13 - 2012-10-31 23:02 - 00307640 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ksn_statistics.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00070032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\swpragueplugin.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00246160 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\MSNprtc.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00197008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\JbrPrtc.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00143760 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\IRCPrtc.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00405904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\anti_phishing_http_filter.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00242064 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\cf_response_provider.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00582032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\localization_manager.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00156048 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\Yhoprtc.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00197008 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\MMPprtc.dll 2011-04-25 00:14 - 2012-02-14 19:37 - 00205200 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ods.ppl 2010-10-01 15:17 - 2010-10-01 15:17 - 00132432 _____ (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP12\Bases\Cache\dns_client.dll.69d2b6f54b8d3aae15e8112faac7979f 2009-07-14 01:32 - 2009-07-14 03:15 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll 2011-04-25 00:14 - 2012-02-21 20:01 - 00782736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prupdate.ppl 2010-03-10 22:42 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL 2009-01-27 22:37 - 2009-01-27 22:37 - 02023424 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll 2009-01-27 22:37 - 2009-01-27 22:37 - 07331840 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll 2009-01-27 22:37 - 2009-01-27 22:37 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2004-09-05 18:18 - 2004-09-05 18:18 - 00086016 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\dscrt30.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00417792 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\ixclib30.dll 2004-09-05 18:18 - 2004-09-05 18:18 - 00430080 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xccdx30.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00438272 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\PXCLIB30.DLL 2004-09-05 18:20 - 2004-09-05 18:20 - 00139264 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\fm30base.dll 2004-09-05 18:20 - 2004-09-05 18:20 - 00077824 _____ (Tracker Software) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\Fm30Tiff.dll 2004-09-05 18:20 - 2004-09-05 18:20 - 00008192 _____ () C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\fm30xmf.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00017408 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcloc30.dll 2004-09-05 18:21 - 2004-09-05 18:21 - 00126976 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcpro30.dll 2004-09-05 18:21 - 2004-09-05 18:21 - 00098304 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcpars30.dll 2011-12-14 20:13 - 2013-05-21 08:57 - 00593920 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\NewUI.dll 2011-12-14 20:13 - 2013-02-05 12:49 - 00701952 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\bvrpctln.dll 2011-12-14 20:13 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2011-12-14 20:13 - 2013-06-04 15:41 - 00918528 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\Device.dll 2011-12-14 20:13 - 2013-05-17 10:51 - 00207872 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2011-12-14 20:13 - 2011-04-04 14:14 - 00113664 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\WUNPACLN.dll 2011-12-14 20:13 - 2013-05-30 15:12 - 00990720 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.dll 2011-12-14 20:13 - 2012-12-26 15:44 - 00287744 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PluginManager.dll 2011-12-14 20:13 - 2013-04-23 17:27 - 00342528 _____ (TODO: <Company name>) C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdateTools.dll 2011-12-14 20:13 - 2012-07-11 17:39 - 00329728 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\DownloadManager.dll 2013-02-27 16:24 - 2013-02-27 16:24 - 00912896 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\BackupRestore.dll 2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2011-11-01 19:32 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2013-02-18 15:53 - 2013-02-18 15:53 - 00789504 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\GMailSync.dll 2012-12-17 14:43 - 2012-12-17 14:43 - 00161792 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\MapiThk.DLL 2013-05-27 12:22 - 2013-05-27 12:22 - 00339456 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\CrashDump.dll 2013-02-18 15:48 - 2013-02-18 15:48 - 00881664 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\ContactSetup.dll 2011-12-14 20:13 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2013-03-18 15:46 - 2013-03-18 15:46 - 00606720 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2011-12-14 20:13 - 2013-05-31 12:17 - 00285696 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\Statistics.dll 2011-12-14 20:13 - 2013-01-07 18:05 - 00182784 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\WebServices.dll 2012-05-29 10:50 - 2012-05-29 10:50 - 00326656 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\SyncDataProviders.dll 2013-01-08 17:03 - 2013-01-08 17:03 - 00086016 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll 2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll 2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll 2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll 2011-05-19 10:06 - 2011-05-19 10:06 - 00061440 _____ (BVRP Software) C:\Program Files (x86)\Sony\Sony PC Companion\PBKENGINE.dll 2012-03-06 14:45 - 2012-03-06 14:45 - 00158720 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\SyncData.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll 2011-04-25 00:13 - 2013-09-05 21:47 - 04460736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpgui.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 02154936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\basegui.ppl 2011-04-20 20:56 - 2011-04-20 20:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll 2013-08-19 00:10 - 2013-08-19 00:10 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 4094.49 MB Available physical RAM: 2379.63 MB Total Pagefile: 8187.17 MB Available Pagefile: 6193.13 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.48 GB) (Free:96.69 GB) NTFS Drive d: (Medien) (Fixed) (Total:319.18 GB) (Free:209.57 GB) NTFS Drive f: (Spiele) (Fixed) (Total:231.28 GB) (Free:169.65 GB) NTFS Drive g: (Daten) (Fixed) (Total:234.47 GB) (Free:230.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5BA2755A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=319 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 466 GB) (Disk ID: 7E211E7F) Partition 1: (Not Active) - (Size=234 GB) - (Type=OF Extended) Partition 2: (Active) - (Size=231 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Geändert von McSharp (08.09.2013 um 23:43 Uhr) |
|
09.09.2013, 08:43
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ --> Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy |
|
09.09.2013, 19:50
| #7 |
| | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Hallo Cosinus, schon jetzt vielen Dank für Deine Hilfe!!! Nach dem ich, wie von Dir geschrieben, einen weiteren Quick-Scan mit Malwarebytes gemacht habe, wollte ich den ESET Online-Scanner herunterlade, was nicht funktioniert hat. Ich hatte das gleiche Problem wie gestern Abend. Ich hatte nämlich auch noch einmal probiert den AdwCleaner herunterzuladen und dabei kam eben wieder die Meldung wie gestern: C:\Users\Stephan\AppData\Local\Temp konnte nicht gespeichert werden, weil Sie die Inhalte dieses Ordners nicht ändern können Ich habe auch probiert eine einfach PDF-Datein zu speichern bzw. herunterzuladen. Auch das funktionierte nicht. Es öffnete sich einfach kein Fenster, in dem ich den Ordner zum Speichern wählen konnte. Kann es sein, dass Malwarebytes da etwas ändert? Danach habe ich noch mal den JRT ausgeführt und schon konnte ich wieder alles herunterladen. Das Ergebnis vom Malwarebytes Quick-Scann war jedenfalls folgendes: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.09.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Stephan :: STEPHAN-PC [Administrator] 09.09.2013 18:24:09 mbam-log-2013-09-09 (18-24-09).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 222580 Laufzeit: 3 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Home Premium x64
Ran by Stephan on 09.09.2013 at 18:49:20,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.09.2013 at 18:54:48,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zuvor hatte ich noch den AdwCleaner ausgeführt. Hier das Ergebnis: [CODE] AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 09/09/2013 um 18:39:48
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Stephan - STEPHAN-PC
# Gestartet von : C:\Users\Stephan\Desktop\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [38774 octets] - [09/09/2013 00:17:40]
AdwCleaner[R1].txt - [731 octets] - [09/09/2013 18:39:48]
AdwCleaner[S0].txt - [38455 octets] - [09/09/2013 00:18:29]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [851 octets] ##########
Hier auch noch mal die Ergebnisse von Farbar nach der Durchführung der drei obigen Scanns: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by Stephan (administrator) on STEPHAN-PC on 09-09-2013 18:59:39
Running from C:\Users\Stephan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968 2009-01-27] (Hewlett-Packard Company)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [pdfSaver3] - C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe [380928 2004-09-05] (Tracker Software Products Ltd.)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {30c1dd70-3cfd-11df-842d-00241d2e188f} - L:\LaunchU3.exe -a
MountPoints2: {33b37072-267b-11e1-9d37-00241d2e188f} - H:\Startme.exe
MountPoints2: {360fdc79-dc44-11e2-97cd-00241d2e188f} - H:\Startme.exe
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl] - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-07] (CyberLink Corp.)
HKLM-x32\...\Run: [pdfSaver3] - [x]
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-06-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
URLSearchHook: (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
SearchScopes: HKCU - DefaultScope {F52F6678-F4F7-486b-9DDC-491B03B7F9E6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - {7D82E3D0-A793-41D4-9CFA-A7A81C3BA455} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {F52F6678-F4F7-486b-9DDC-491B03B7F9E6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6180/mcfscan.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225
FireFox:
========
FF ProfilePath: C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default
FF SelectedSearchEngine: Google
FF Keyword.URL: chrome://browser-region/locale/region.properties
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flagfox - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: No Name - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\q4facy49.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-06-11] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-09] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-09] (Windows (R) Server 2003 DDK provider)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-31] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S2 SSPORT; C:\Windows\SysWow64\Drivers\SSPORT.sys [11576 2009-02-23] (Samsung Electronics)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 18:54 - 2013-09-09 18:55 - 00000627 _____ C:\Users\Stephan\Desktop\JRT.txt
2013-09-09 18:44 - 2013-09-09 18:44 - 00000930 _____ C:\Users\Stephan\Desktop\AdwCleaner[R1].txt
2013-09-09 00:28 - 2013-09-09 00:28 - 00000000 ____D C:\Windows\ERUNT
2013-09-09 00:16 - 2013-09-09 18:40 - 00000000 ____D C:\AdwCleaner
2013-09-08 23:13 - 2013-09-08 23:13 - 00000000 ____D C:\FRST
2013-09-08 22:49 - 2013-09-09 18:09 - 00000168 _____ C:\Windows\setupact.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00002264 _____ C:\Windows\PFRO.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-09-08 22:38 - 2013-09-08 22:39 - 01029490 _____ (Thisisu) C:\Users\Stephan\Desktop\JRT.exe
2013-09-08 22:24 - 2013-09-08 22:24 - 01948988 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2013-09-08 22:22 - 2013-09-08 22:22 - 00891115 _____ C:\Users\Stephan\Downloads\SecurityCheck.exe
2013-09-08 22:19 - 2013-09-08 22:19 - 01037278 _____ C:\Users\Stephan\Desktop\adwcleaner.exe
2013-09-03 22:02 - 2013-09-03 22:03 - 94848152 _____ (MAGIX AG) C:\Users\Stephan\Downloads\magix_web_designer_9_classic_90mb_chip_de.exe
2013-09-01 22:36 - 2013-09-01 22:36 - 00014336 _____ C:\Users\Stephan\Downloads\Versetzungsantrag1.odt
2013-09-01 22:35 - 2013-09-01 22:35 - 00016768 _____ C:\Users\Stephan\Downloads\Versetzungsantrag.odt
2013-08-19 00:56 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 00:56 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 00:56 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 00:56 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 00:56 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 00:56 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 00:56 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-19 00:56 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-19 00:56 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-19 00:56 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-19 00:56 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-19 00:56 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-19 00:56 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 00:56 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-19 00:50 - 2013-08-19 00:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 00:10 - 2013-08-19 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 23:17 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-18 23:17 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-18 23:17 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-18 23:17 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-18 23:17 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-18 23:17 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-18 23:17 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-18 23:17 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-18 23:17 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-18 23:17 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-18 23:17 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-18 23:17 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-09 18:58 - 2013-09-09 18:58 - 01949196 _____ (Farbar) C:\Users\Stephan\Desktop\FRST64.exe
2013-09-09 18:56 - 2013-05-05 23:41 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-09 18:55 - 2013-09-09 18:54 - 00000627 _____ C:\Users\Stephan\Desktop\JRT.txt
2013-09-09 18:47 - 2012-03-29 19:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 18:44 - 2013-09-09 18:44 - 00000930 _____ C:\Users\Stephan\Desktop\AdwCleaner[R1].txt
2013-09-09 18:40 - 2013-09-09 00:16 - 00000000 ____D C:\AdwCleaner
2013-09-09 18:26 - 2011-02-25 17:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-09 18:16 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:16 - 2009-07-14 06:45 - 00014608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 18:15 - 2009-07-14 19:58 - 00656766 _____ C:\Windows\system32\perfh007.dat
2013-09-09 18:15 - 2009-07-14 19:58 - 00131236 _____ C:\Windows\system32\perfc007.dat
2013-09-09 18:15 - 2009-07-14 07:13 - 01506562 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 18:13 - 2012-10-15 19:25 - 01641309 _____ C:\Windows\WindowsUpdate.log
2013-09-09 18:09 - 2013-09-08 22:49 - 00000168 _____ C:\Windows\setupact.log
2013-09-09 18:09 - 2013-05-05 23:41 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-09 18:09 - 2011-10-10 21:48 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-09 18:09 - 2011-01-06 15:19 - 00000000 ____D C:\Users\Stephan\AppData\Local\LogMeIn Hamachi
2013-09-09 18:09 - 2010-03-10 22:48 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-09-09 18:09 - 2010-03-10 22:42 - 00000144 _____ C:\service.log
2013-09-09 18:09 - 2010-03-04 21:56 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2013-09-09 18:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-09 18:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-09 00:28 - 2013-09-09 00:28 - 00000000 ____D C:\Windows\ERUNT
2013-09-08 23:13 - 2013-09-08 23:13 - 00000000 ____D C:\FRST
2013-09-08 22:49 - 2013-09-08 22:49 - 00002264 _____ C:\Windows\PFRO.log
2013-09-08 22:49 - 2013-09-08 22:49 - 00000000 _____ C:\Windows\setuperr.log
2013-09-08 22:39 - 2013-09-08 22:38 - 01029490 _____ (Thisisu) C:\Users\Stephan\Desktop\JRT.exe
2013-09-08 22:24 - 2013-09-08 22:24 - 01948988 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2013-09-08 22:22 - 2013-09-08 22:22 - 00891115 _____ C:\Users\Stephan\Downloads\SecurityCheck.exe
2013-09-08 22:19 - 2013-09-08 22:19 - 01037278 _____ C:\Users\Stephan\Desktop\adwcleaner.exe
2013-09-08 20:44 - 2010-03-03 23:26 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Winamp
2013-09-08 20:44 - 2010-03-03 22:20 - 00000000 ____D C:\Windows\Panther
2013-09-08 20:43 - 2010-11-28 03:26 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-08 20:43 - 2010-07-22 23:23 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-09-08 15:25 - 2011-06-06 18:54 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-05 22:41 - 2012-03-29 23:33 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\vlc
2013-09-03 22:03 - 2013-09-03 22:02 - 94848152 _____ (MAGIX AG) C:\Users\Stephan\Downloads\magix_web_designer_9_classic_90mb_chip_de.exe
2013-09-02 18:52 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-01 22:36 - 2013-09-01 22:36 - 00014336 _____ C:\Users\Stephan\Downloads\Versetzungsantrag1.odt
2013-09-01 22:35 - 2013-09-01 22:35 - 00016768 _____ C:\Users\Stephan\Downloads\Versetzungsantrag.odt
2013-08-20 22:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-20 19:47 - 2012-03-29 19:14 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 19:47 - 2012-03-29 19:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 19:47 - 2011-05-19 17:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 19:00 - 2012-04-24 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 00:52 - 2013-08-19 00:50 - 00000000 ____D C:\Windows\system32\MRT
2013-08-19 00:52 - 2010-03-09 19:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-19 00:50 - 2010-03-05 16:28 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-19 00:10 - 2013-08-19 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-02 19:43
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01 Ran by Stephan at 2013-09-09 19:00:01 Running from C:\Users\Stephan\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) "Wings of Prey" (Unistall) (x32 Version: 1.0.3.2) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) AMD APP SDK Runtime (Version: 10.0.938.1) AMD Catalyst Install Manager (Version: 8.0.881.0) AMD Fuel (Version: 2012.0611.1251.21046) AMD VISION Engine Control Center (x32 Version: 2012.0611.1251.21046) Apple Application Support (x32 Version: 2.3) Apple Software Update (x32 Version: 2.1.3.127) Browser Configuration Utility (x32 Version: 1.1.11.0) CanoScan Toolbox Ver4.9 (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0611.1251.21046) Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046) Catalyst Control Center Localization All (x32 Version: 2012.0611.1251.21046) CCC Help Chinese Standard (x32 Version: 2012.0611.1250.21046) CCC Help Chinese Traditional (x32 Version: 2012.0611.1250.21046) CCC Help Czech (x32 Version: 2012.0611.1250.21046) CCC Help Danish (x32 Version: 2012.0611.1250.21046) CCC Help Dutch (x32 Version: 2012.0611.1250.21046) CCC Help English (x32 Version: 2012.0611.1250.21046) CCC Help Finnish (x32 Version: 2012.0611.1250.21046) CCC Help French (x32 Version: 2012.0611.1250.21046) CCC Help German (x32 Version: 2012.0611.1250.21046) CCC Help Greek (x32 Version: 2012.0611.1250.21046) CCC Help Hungarian (x32 Version: 2012.0611.1250.21046) CCC Help Italian (x32 Version: 2012.0611.1250.21046) CCC Help Japanese (x32 Version: 2012.0611.1250.21046) CCC Help Korean (x32 Version: 2012.0611.1250.21046) CCC Help Norwegian (x32 Version: 2012.0611.1250.21046) CCC Help Polish (x32 Version: 2012.0611.1250.21046) CCC Help Portuguese (x32 Version: 2012.0611.1250.21046) CCC Help Russian (x32 Version: 2012.0611.1250.21046) CCC Help Spanish (x32 Version: 2012.0611.1250.21046) CCC Help Swedish (x32 Version: 2012.0611.1250.21046) CCC Help Thai (x32 Version: 2012.0611.1250.21046) CCC Help Turkish (x32 Version: 2012.0611.1250.21046) ccc-utility64 (Version: 2012.0611.1251.21046) eaner (Version: 4.05) EasySaver B9.0904.1 (x32 Version: 1.00.0000) ElsterFormular (x32 Version: 14.1.20130301) Empire: Total War (x32) ESET Online Scanner v3 (x32) FIFA 09 (x32 Version: 1.0.1.1) FotoQuelle Fotosoftware 4.11.0 (x32 Version: 4.11.0) Free Audio CD Burner version 1.4.7 (x32) Free Audio CD to MP3 Converter version 1.3 (x32) Free Studio version 5.7.7.1031 (x32 Version: 5.7.7.1031) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) HiJackThis (x32 Version: 1.0.0) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 7 (64-bit) (Version: 7.0.70) Java Auto Updater (x32 Version: 2.1.9.5) Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374) Knights Of Honor (x32 Version: 1.00) LG Burning Tools (x32 Version: 8.3.568) LG CyberLink LabelPrint (x32 Version: 2.0.3605) LG CyberLink PowerBackup (x32 Version: 2.5.4511) LG CyberLink PowerDVD 7.0 (x32 Version: 7.0.3409.a) LG CyberLink PowerProducer (x32 Version: 085312a(3.7)_Vista_LG) LG CyberLink YouCam (x32 Version: 1.0.2609) LG ODD Auto Firmware Update (x32 Version: 9.01.1124.01) LG Power Tools (x32 Version: 6.0.2806) LightScribe System Software (x32 Version: 1.18.1.1) LogMeIn Hamachi (x32 Version: 2.1.0.374) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Media Go (x32 Version: 2.0.317) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft IntelliPoint 7.0 (Version: 7.0.260.0) Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) neroxml (x32 Version: 1.0.0) NHL™ 09 (x32 Version: 2.0.1.0) Nokia Connectivity Cable Driver (Version: 7.1.32.64) PC SWOS-Total Pack version V1.34 (x32 Version: V1.34) PDF Blender (x32) PDFCreator (x32 Version: 1.2.0) PDF-XChange 3.0 (x32) PlayStation(R)Network Downloader (x32 Version: 2.07.00849) PlayStation(R)Store (x32 Version: 4.5.15.13232) QuickTime (x32 Version: 7.74.80.86) Realtek Ethernet Controller Driver (x32 Version: 1.00.0008) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5897) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5919) Reign: Conflict of Nations (Nur entfernen) (x32 Version: 1.1) Rise of Flight (x32) Safari (x32 Version: 5.34.57.2) Sid Meier's Civilization IV Colonization (x32 Version: 1.01) SimCity 4 Deluxe (x32) Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305) Sony PC Companion 2.10.165 (x32 Version: 2.10.165) Spybot - Search & Destroy (x32 Version: 1.6.2) Steam (x32 Version: 1.0.0.0) SumatraPDF (x32 Version: 1.9) Supreme Ruler 2020 5.6.2 (x32) The Golden Horde (x32 Version: 1.0.0) Tom Clancy's H.A.W.X. 2 (x32 Version: 1.0.0) Ubisoft Game Launcher (x32 Version: 1.0.0.0) Uninstall 1.0.0.1 (x32) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) VCRedistSetup (x32 Version: 1.0.0) VLC media player 2.0.1 (x32 Version: 2.0.1) War of the Roses (x32) Wartung Samsung ML-191x 252x Series (x32) Winamp (x32 Version: 5.623 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5) Windows Live Call (x32 Version: 14.0.8117.0416) Windows Live Communications Platform (x32 Version: 14.0.8117.416) Windows Live Essentials (x32 Version: 14.0.8117.0416) Windows Live Essentials (x32 Version: 14.0.8117.416) Windows Live Messenger (x32 Version: 14.0.8117.0416) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) Wings of War (x32 Version: 1.00.0000) WinRAR (x32) ==================== Restore Points ========================= 18-08-2013 21:16:31 Windows Update 18-08-2013 22:49:58 Windows Update 23-08-2013 19:39:39 Windows Update 27-08-2013 19:18:02 Windows Update 01-09-2013 20:31:55 Windows Update 07-09-2013 19:15:19 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2011-06-13 14:16 - 00435030 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {0B33E79E-B1D8-40F2-9E29-82D5B930591F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated) Task: {388DF630-433E-4B70-A170-3404C3247F45} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.) Task: {800D3479-51CB-42A8-A0A6-EA58536CB4C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8504CE65-60B3-4EE9-A02D-BF13D91626DB} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation) Task: {8DBCD1FE-0060-4FFB-9AE6-0AF628CC4509} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {EE0EA366-DD26-489C-8022-E5A217DA0469} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation) Task: {F2CE3DE0-76AA-480D-B8ED-89A4A64D36E2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {F97D49C6-47F1-42E8-BFF6-770C247C83AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-04-25 00:14 - 2012-09-03 20:38 - 00169912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\scrchpg.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00189840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\prremote.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00405904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\prloader.dll 2011-04-25 00:14 - 2013-09-05 21:47 - 01912000 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\params.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00056208 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\pxstub.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 00445120 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\service.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 01767824 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\eka_meta.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00270224 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\gadget.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00127888 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\nfio.ppl 2011-04-25 00:15 - 2011-04-25 00:15 - 00050064 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\winreg.ppl 2011-04-25 00:15 - 2011-04-25 00:15 - 00049552 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\thpimpl.ppl 2009-01-27 22:37 - 2009-01-27 22:37 - 02023424 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll 2009-01-27 22:37 - 2009-01-27 22:37 - 07331840 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll 2009-01-27 22:37 - 2009-01-27 22:37 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2004-09-05 18:18 - 2004-09-05 18:18 - 00086016 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\dscrt30.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00417792 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\ixclib30.dll 2004-09-05 18:18 - 2004-09-05 18:18 - 00430080 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xccdx30.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00438272 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\PXCLIB30.DLL 2004-09-05 18:20 - 2004-09-05 18:20 - 00139264 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\fm30base.dll 2004-09-05 18:20 - 2004-09-05 18:20 - 00077824 _____ (Tracker Software) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\Fm30Tiff.dll 2004-09-05 18:20 - 2004-09-05 18:20 - 00008192 _____ () C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\fm30xmf.dll 2004-09-05 18:19 - 2004-09-05 18:19 - 00017408 _____ (Tracker Software Products Ltd.) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcloc30.dll 2004-09-05 18:21 - 2004-09-05 18:21 - 00126976 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcpro30.dll 2004-09-05 18:21 - 2004-09-05 18:21 - 00098304 _____ (Tracker Software Products) C:\Program Files (x86)\Tracker Software\PDF-XChange 3\pdfSaver\xcpars30.dll 2011-12-14 20:13 - 2013-05-21 08:57 - 00593920 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\NewUI.dll 2011-12-14 20:13 - 2013-02-05 12:49 - 00701952 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\bvrpctln.dll 2011-12-14 20:13 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2011-12-14 20:13 - 2013-06-04 15:41 - 00918528 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\Device.dll 2011-12-14 20:13 - 2013-05-17 10:51 - 00207872 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2011-12-14 20:13 - 2011-04-04 14:14 - 00113664 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\WUNPACLN.dll 2011-12-14 20:13 - 2013-05-30 15:12 - 00990720 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.dll 2011-12-14 20:13 - 2012-12-26 15:44 - 00287744 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PluginManager.dll 2011-12-14 20:13 - 2013-04-23 17:27 - 00342528 _____ (TODO: <Company name>) C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdateTools.dll 2011-12-14 20:13 - 2012-07-11 17:39 - 00329728 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\DownloadManager.dll 2013-02-27 16:24 - 2013-02-27 16:24 - 00912896 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\BackupRestore.dll 2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2011-11-01 19:32 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2013-02-18 15:53 - 2013-02-18 15:53 - 00789504 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\GMailSync.dll 2012-12-17 14:43 - 2012-12-17 14:43 - 00161792 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\MapiThk.DLL 2013-05-27 12:22 - 2013-05-27 12:22 - 00339456 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\CrashDump.dll 2013-02-18 15:48 - 2013-02-18 15:48 - 00881664 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\ContactSetup.dll 2011-12-14 20:13 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2013-03-18 15:46 - 2013-03-18 15:46 - 00606720 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2011-12-14 20:13 - 2013-05-31 12:17 - 00285696 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\Statistics.dll 2011-12-14 20:13 - 2013-01-07 18:05 - 00182784 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\WebServices.dll 2012-05-29 10:50 - 2012-05-29 10:50 - 00326656 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\SyncDataProviders.dll 2013-01-08 17:03 - 2013-01-08 17:03 - 00086016 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll 2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll 2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll 2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll 2011-05-19 10:06 - 2011-05-19 10:06 - 00061440 _____ (BVRP Software) C:\Program Files (x86)\Sony\Sony PC Companion\PBKENGINE.dll 2012-03-06 14:45 - 2012-03-06 14:45 - 00158720 _____ (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\SyncData.dll 2011-04-25 00:13 - 2012-09-03 20:38 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00147856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prremote.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00270736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\prloader.dll 2011-04-25 00:13 - 2012-02-14 19:36 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00012688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpinit.dll 2011-04-25 00:12 - 2012-10-31 23:02 - 00455096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpmain.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fssync.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\DumpWriter.dll 2011-04-25 00:12 - 2011-04-25 00:12 - 00019856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\CLLDR.DLL 2011-04-25 00:14 - 2011-04-25 00:14 - 00115088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\nfio.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00021392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\fsdrvplg.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00038288 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\winreg.ppl 2011-04-25 00:13 - 2013-09-05 21:47 - 00274624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\service.dll 2011-04-25 00:13 - 2013-09-05 21:47 - 00979136 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\eka_meta.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00315792 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\esmgr.dll 2011-04-25 00:14 - 2012-05-06 23:40 - 00042896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\pxstub.ppl 2011-04-25 00:14 - 2013-09-05 21:47 - 01118400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\params.ppl 2011-04-25 00:13 - 2013-09-05 21:47 - 04460736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avpgui.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll 2011-04-25 00:13 - 2012-10-31 23:02 - 02154936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\basegui.ppl 2011-04-25 00:14 - 2011-04-25 00:14 - 00041360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\thpimpl.ppl 2011-04-25 00:13 - 2011-04-25 00:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\memmon.dll 2011-04-25 00:13 - 2011-04-25 00:13 - 00582032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\localization_manager.dll 2011-04-20 20:56 - 2011-04-20 20:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll 2011-04-25 00:14 - 2011-04-25 00:14 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\propmap.ppl 2013-08-19 00:10 - 2013-08-19 00:10 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 43% Total physical RAM: 4094.49 MB Available physical RAM: 2329.1 MB Total Pagefile: 8187.17 MB Available Pagefile: 6184.2 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.48 GB) (Free:96.48 GB) NTFS Drive d: (Medien) (Fixed) (Total:319.18 GB) (Free:209.57 GB) NTFS Drive f: (Spiele) (Fixed) (Total:231.28 GB) (Free:169.65 GB) NTFS Drive g: (Daten) (Fixed) (Total:234.47 GB) (Free:230.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5BA2755A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=319 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 466 GB) (Disk ID: 7E211E7F) Partition 1: (Not Active) - (Size=234 GB) - (Type=OF Extended) Partition 2: (Active) - (Size=231 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Und zum Schluss das Ergbnis des ESET Onlin-Scans: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ec9f68b48c41fe4880fe28c24fdfdbc6
# engine=14322
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-08 08:16:15
# local_time=2013-07-08 10:16:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1285 16777213 100 98 13464 69962487 0 0
# compatibility_mode=5893 16776573 100 94 10843 124944425 0 0
# scanned=246272
# found=0
# cleaned=0
# scan_time=5871
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ec9f68b48c41fe4880fe28c24fdfdbc6
# engine=15064
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-09 06:22:33
# local_time=2013-09-09 08:22:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1285 16777213 100 98 8001 75398865 0 0
# compatibility_mode=5893 16776573 100 94 71405 130380803 0 0
# scanned=249374
# found=0
# cleaned=0
# scan_time=4775
  Geändert von McSharp (09.09.2013 um 20:06 Uhr) |
|
09.09.2013, 20:42
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Mach mal nen Fix mit FRST, das sollte hoffentlich den Fehler mit TEMP beheben: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Unlock: C:\Users\Stephan\AppData\Local\Temp
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.09.2013, 21:02
| #9 |
| | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Hallo Cosinus, hier der Inhalt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-09-2013 01
Ran by Stephan at 2013-09-09 22:01:28 Run:1
Running from C:\Users\Stephan\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Unlock: C:\Users\Stephan\AppData\Local\Temp
*****************
"C:\Users\Stephan\AppData\Local\Temp" => File/Directory unlocked successfully.
==== End of Fixlog ====
|
|
09.09.2013, 21:30
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Tempfehler weg? Download usw klappen wieder?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.09.2013, 21:45
| #11 |
| | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Ja, es klappt wieder alles. Aber was war der Fehler, kann man das sagen? Sieht denn auch sonst auch alles i.O. aus? |
|
09.09.2013, 21:55
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Wenn ich das richtig gesehen habe ist das ein Bug in einen "unserer" Tools, wird wohl adwCleaner gewesen sein. Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.09.2013, 22:10
| #13 |
| | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Erst einmal herzlichen Dank für Deine tolle und vor allem schnelle Hilfe sowie für die weiteren Ratschläge!!! Echt SUPER!!! Eure Arbeit kann man nicht oft genug loben!!!Ansonsten sieht mein System okay aus, ich habe keine weiteren Problem. Komisch wie man sich so was einfängt. Ich hatte gedacht, dass mein System mit dem Kaspersky gut gesichert ist. Auch sonst denke ich, dass ich mich recht vorischtig im Internet bewege. Ab und an mach ich dann halt auch mal einen Scan mit Malwarebytes und da kam halt das bei raus. |
|
09.09.2013, 22:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Helfen kann dir dabei delfix: Die Reihenfolge ist hier entscheidend.
Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Habe auch das Problem: Malwarebytes findet PUP.optional.opencandy |
| andere, branding, candy, dankbar, einträge, ergebnis, erstell, erstellt, farbar, farbar recovery scan tool, gefunde, hallo zusammen, herzlichen, herzlichen dank, logfile, löschen, malwarebytes, nichts, notwendig, plug-in, problem, pup.optional.opencandy, richtlinie, safer networking, schritte, tracker, träge, unsicher, zusammen |
Linear-Darstellung
