| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ich nun auch: ADWARE/BPROTECTOR.EWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.12.2013, 10:59
| #1 |
 |  Ich nun auch: ADWARE/BPROTECTOR.E Bei mir geht nun seit gestern Nacht gg 1 Uhr auch nichts mehr, bzw. Avira verkündet am laufenden Band diese Malware. Beim Löschen derer, wird der PC neu gestartet. Außer Kaspersky/Avira Suchlauf, habe ich bislang noch nichts unternommen, da ich mich auch überhaupt nicht damit auskenne. Hier meine Logfiles: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013 Ran by Marie_2 (administrator) on MARIE-PC on 03-12-2013 10:50:27 Running from C:\Users\Marie_2\Desktop\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation) HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) AppInit_DLLs: C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F4A97446A07CED3D&affID=119357&tsp=4969 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd72&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0FtD0FyB0EtB0F0A0F0ByDtN0D0Tzu0SyDzzyCtN1L2XzutBtFtBtFyEtFzzyDyDtN1L1Czu1L1C1H1B1QyBtB&cr=1382476622&ir= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd72&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0FtD0FyB0EtB0F0A0F0ByDtN0D0Tzu0SyDzzyCtN1L2XzutBtFtBtFyEtFzzyDyDtN1L1Czu1L1C1H1B1QyBtB&cr=1382476622&ir= SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd72&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0FtD0FyB0EtB0F0A0F0ByDtN0D0Tzu0SyDzzyCtN1L2XzutBtFtBtFyEtFzzyDyDtN1L1Czu1L1C1H1B1QyBtB&cr=1382476622&ir= SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd72&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0FtD0FyB0EtB0F0A0F0ByDtN0D0Tzu0SyDzzyCtN1L2XzutBtFtBtFyEtFzzyDyDtN1L1Czu1L1C1H1B1QyBtB&cr=1382476622&ir= SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (Ironsource Israel (2011) LTD) Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Marie_2\AppData\Roaming\Mozilla\Firefox\Profiles\za910qiv.default FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=F4A97446A07CED3D&affID=119357&tsp=4969 FF SearchEngineOrder.1: Delta Search FF SelectedSearchEngine: Delta Search FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F4A97446A07CED3D&affID=119357&tsp=4969 FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com Chrome: ======= CHR HomePage: hxxp://www.google.de/webhp?source=search_app&gws_rd=cr CHR RestoreOnStartup: "hxxp://www.google.de/webhp?source=search_app&gws_rd=cr", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F4A97446A07CED3D&affID=119357&tsp=4969" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Extension: (Google Docs) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0 CHR Extension: (AdBlock) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0 CHR Extension: (Dangerous Websites Blocker) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0 CHR Extension: (Virtual Keyboard) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4794_0 CHR Extension: (Google Wallet) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\Marie_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Marie\AppData\Local\mysearchdial-speeddial.crx CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Marie\AppData\Local\mysearchdial-speeddial.crx ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-03] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623200 2013-12-03] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO) S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [258664 2011-09-21] (Realtek Semiconductor Corp.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-03 10:42 - 2013-12-03 10:42 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-12-03 10:42 - 2013-12-03 10:42 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\Malwarebytes 2013-12-03 10:42 - 2013-12-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-03 10:42 - 2013-12-03 10:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-03 10:42 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-03 10:31 - 2013-12-03 10:31 - 00000000 ____D C:\FRST 2013-12-03 10:23 - 2013-12-03 10:23 - 00300960 _____ C:\Windows\Minidump\120313-22932-01.dmp 2013-12-03 09:51 - 2013-12-03 09:51 - 00296864 _____ C:\Windows\Minidump\120313-19749-01.dmp 2013-12-03 09:50 - 2013-12-03 09:50 - 00000000 ____D C:\39e7832fd8a6d85b5258 2013-12-03 00:23 - 2013-12-03 00:23 - 00262144 _____ C:\Windows\system32\config\elam 2013-12-03 00:18 - 2013-12-03 00:18 - 00001089 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2013-12-03 00:18 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2013-12-03 00:17 - 2013-12-03 10:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-12-03 00:17 - 2013-12-03 10:09 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-12-03 00:17 - 2013-12-03 00:17 - 00000000 ____D C:\Windows\ELAMBKUP 2013-12-03 00:17 - 2013-12-03 00:17 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-12-03 00:17 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2013-12-02 23:52 - 2013-12-02 23:52 - 00280296 _____ C:\Windows\Minidump\120213-14336-01.dmp 2013-12-02 23:46 - 2013-12-02 23:46 - 00280296 _____ C:\Windows\Minidump\120213-16489-01.dmp 2013-12-02 23:29 - 2013-12-02 23:29 - 00280296 _____ C:\Windows\Minidump\120213-18517-01.dmp 2013-12-02 23:16 - 2013-12-03 10:23 - 00000000 ____D C:\Windows\Minidump 2013-12-02 23:16 - 2013-12-03 10:22 - 486674009 _____ C:\Windows\MEMORY.DMP 2013-12-02 23:16 - 2013-12-02 23:16 - 00280352 _____ C:\Windows\Minidump\120213-31044-01.dmp 2013-11-29 19:58 - 2013-11-29 19:58 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec5932ac86ed6 2013-11-21 12:06 - 2013-11-21 12:06 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2013-11-13 20:17 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 20:16 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 20:16 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 20:16 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 20:16 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 20:16 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 20:16 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 20:16 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 20:16 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 20:16 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 20:16 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 20:16 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 20:16 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 20:16 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 20:16 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 20:16 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 20:16 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 20:16 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 20:16 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 20:16 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 20:16 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 20:16 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 20:16 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 20:16 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 20:16 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 20:16 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 20:16 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 20:16 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 20:16 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 20:16 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-12 13:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-12 13:32 - 2013-11-12 13:32 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-12 13:32 - 2013-11-12 13:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-12 13:32 - 2013-11-12 13:32 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-12 13:32 - 2013-11-12 13:32 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-12 13:32 - 2013-11-12 13:32 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-12 13:32 - 2013-11-12 13:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-12 13:32 - 2013-11-12 13:32 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-12 13:32 - 2013-11-12 13:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-12 13:32 - 2013-11-12 13:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-12 13:32 - 2013-11-12 13:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-12 13:32 - 2013-11-12 13:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-12 13:30 - 2013-11-12 13:35 - 00009768 _____ C:\Windows\IE11_main.log 2013-11-11 15:43 - 2013-11-11 15:43 - 00000000 ____D C:\Users\Marie_2\Desktop\KK 2013-11-07 13:44 - 2013-11-12 12:51 - 00000000 ____D C:\Users\Marie_2\Desktop\Mündliche-EZW 2013-11-03 19:42 - 2013-11-24 20:27 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\dvdcss ==================== One Month Modified Files and Folders ======= 2013-12-03 10:42 - 2013-12-03 10:42 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-12-03 10:42 - 2013-12-03 10:42 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\Malwarebytes 2013-12-03 10:42 - 2013-12-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-03 10:42 - 2013-12-03 10:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-03 10:32 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-03 10:32 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-03 10:31 - 2013-12-03 10:31 - 00000000 ____D C:\FRST 2013-12-03 10:24 - 2013-09-17 19:06 - 00000000 ____D C:\Program Files (x86)\Steam 2013-12-03 10:23 - 2013-12-03 10:23 - 00300960 _____ C:\Windows\Minidump\120313-22932-01.dmp 2013-12-03 10:23 - 2013-12-03 00:17 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-12-03 10:23 - 2013-12-02 23:16 - 00000000 ____D C:\Windows\Minidump 2013-12-03 10:23 - 2013-10-10 09:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec5932ac86ed6.job 2013-12-03 10:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-03 10:23 - 2009-07-14 05:51 - 00046353 _____ C:\Windows\setupact.log 2013-12-03 10:22 - 2013-12-02 23:16 - 486674009 _____ C:\Windows\MEMORY.DMP 2013-12-03 10:22 - 2013-08-09 11:08 - 01308847 _____ C:\Windows\WindowsUpdate.log 2013-12-03 10:22 - 2009-07-14 06:08 - 00024570 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-03 10:09 - 2013-12-03 00:17 - 00623200 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-12-03 10:09 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2013-12-03 10:03 - 2013-08-09 11:47 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-03 10:01 - 2013-08-09 19:01 - 00000292 _____ C:\Windows\Tasks\MySearchDial.job 2013-12-03 09:51 - 2013-12-03 09:51 - 00296864 _____ C:\Windows\Minidump\120313-19749-01.dmp 2013-12-03 09:50 - 2013-12-03 09:50 - 00000000 ____D C:\39e7832fd8a6d85b5258 2013-12-03 09:45 - 2013-08-11 11:57 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-12-03 00:30 - 2010-11-21 04:47 - 00330200 _____ C:\Windows\PFRO.log 2013-12-03 00:23 - 2013-12-03 00:23 - 00262144 _____ C:\Windows\system32\config\elam 2013-12-03 00:22 - 2013-08-09 15:38 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-12-03 00:22 - 2013-08-09 15:38 - 00000000 ____D C:\ProgramData\Skype 2013-12-03 00:18 - 2013-12-03 00:18 - 00001089 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2013-12-03 00:17 - 2013-12-03 00:17 - 00000000 ____D C:\Windows\ELAMBKUP 2013-12-03 00:17 - 2013-12-03 00:17 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-12-02 23:52 - 2013-12-02 23:52 - 00280296 _____ C:\Windows\Minidump\120213-14336-01.dmp 2013-12-02 23:46 - 2013-12-02 23:46 - 00280296 _____ C:\Windows\Minidump\120213-16489-01.dmp 2013-12-02 23:29 - 2013-12-02 23:29 - 00280296 _____ C:\Windows\Minidump\120213-18517-01.dmp 2013-12-02 23:16 - 2013-12-02 23:16 - 00280352 _____ C:\Windows\Minidump\120213-31044-01.dmp 2013-12-02 18:48 - 2013-08-09 13:58 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\vlc 2013-11-30 13:50 - 2013-08-09 13:59 - 00000000 ____D C:\Users\Marie_2\AppData\Local\Last.fm 2013-11-30 13:31 - 2011-04-12 08:43 - 00654166 _____ C:\Windows\system32\perfh007.dat 2013-11-30 13:31 - 2011-04-12 08:43 - 00130006 _____ C:\Windows\system32\perfc007.dat 2013-11-30 13:31 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-29 19:58 - 2013-11-29 19:58 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec5932ac86ed6 2013-11-29 19:58 - 2013-08-09 11:47 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-24 20:27 - 2013-11-03 19:42 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\dvdcss 2013-11-23 20:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-11-21 18:48 - 2013-09-13 20:46 - 00000000 ____D C:\ProgramData\BitGuard 2013-11-21 12:06 - 2013-11-21 12:06 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2013-11-17 22:36 - 2013-08-20 23:13 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-11-17 22:16 - 2013-10-17 19:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-17 11:30 - 2013-10-17 19:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-17 00:39 - 2013-08-09 14:29 - 00000000 ___RD C:\Users\Marie_2\Dropbox 2013-11-17 00:39 - 2013-08-09 14:28 - 00000000 ____D C:\Users\Marie_2\AppData\Roaming\Dropbox 2013-11-16 19:53 - 2013-08-09 19:02 - 00000000 ____D C:\Program Files (x86)\JDownloader 2013-11-16 10:46 - 2013-09-17 18:49 - 00000072 _____ C:\Users\Public\LMDebug.log 2013-11-15 19:00 - 2013-08-11 23:05 - 00000000 ____D C:\Users\Marie_2\Desktop\NEW MUSIC ARRIVALS 2013-11-15 16:12 - 2013-08-09 11:47 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-14 10:54 - 2013-08-16 09:19 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-14 10:53 - 2013-08-11 00:02 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 10:49 - 2013-08-09 12:59 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-14 10:43 - 2013-08-11 11:57 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-12 18:28 - 2013-08-09 13:13 - 00001421 _____ C:\Users\Marie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-12 18:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-12 13:35 - 2013-11-12 13:30 - 00009768 _____ C:\Windows\IE11_main.log 2013-11-12 13:32 - 2013-11-12 13:32 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-12 13:32 - 2013-11-12 13:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-12 13:32 - 2013-11-12 13:32 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-12 13:32 - 2013-11-12 13:32 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-12 13:32 - 2013-11-12 13:32 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-12 13:32 - 2013-11-12 13:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-12 13:32 - 2013-11-12 13:32 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-12 13:32 - 2013-11-12 13:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-12 13:32 - 2013-11-12 13:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-12 13:32 - 2013-11-12 13:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-12 13:32 - 2013-11-12 13:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-12 13:32 - 2013-11-12 13:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-12 13:32 - 2013-11-12 13:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-12 12:51 - 2013-11-07 13:44 - 00000000 ____D C:\Users\Marie_2\Desktop\Mündliche-EZW 2013-11-11 22:59 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini 2013-11-11 15:43 - 2013-11-11 15:43 - 00000000 ____D C:\Users\Marie_2\Desktop\KK 2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-07 09:01 - 2013-08-09 13:13 - 00000000 ___RD C:\Users\Marie_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-06 15:21 - 2013-10-17 19:28 - 00000000 ____D C:\Users\Marie_2\AppData\Local\Mozilla Some content of TEMP: ==================== C:\Users\Marie\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe C:\Users\Marie_2\AppData\Local\Temp\avgnt.exe C:\Users\Marie_2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Marie_2\AppData\Local\Temp\setup_fsu_cid.exe C:\Users\Marie_2\AppData\Local\Temp\vlc-2.0.8-win64.exe C:\Users\Marie_2\AppData\Local\Temp\vlc-2.1.1-win64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-23 20:25 ==================== End Of Log ============================ achso irgendwie schmeißt er mir den Additionalteil nicht aus? Help? Danke schonmal! Grüße vom Dau  Achso PS: Hab das im anderen Thema mit selbigem Problem schon gesehen und lasse gerade Malwarebytes drüberlaufen |
Baum-Darstellung