Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme

windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme


Log-Analyse und Auswertung: windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.01.2014, 20:35   #1
trancemoisis
 
windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme - Standard

windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme


mit der insallation von jdownloader hat sich das Programm optimizer pro eingeschlichen nun gibt es immer mehr probleme und ich werde sie nicht los.
Den optimizer pro hab ich gleich nachdem er sich gestartet hatte deinstalliert, als ich Firefox öffnete sah ich das meine Startseite in hxxp://searchresultsguide.com geändert wurde. Es macht auch den anschein als würde er einen download abschliessen. Nachdem ich mit CCleaner mehrmals alles bereinigt, mit TDSSKiller.exe und auch mit malwarebytes(log hab ich leider nicht mehr) öfter geprüft habe, konnte ich bei firefox wider google als startseite angeben. Jetz meldet aber avast :Infektion blockiert URL:hxxp://www.googe.at/
Infektion: url:Mal
ich bin total ratlos und brauche eure hilfe

Defogger lief problemlos und es wurde keine Fehlermeldung herausgegeben.

Hier die defogger_disable.log

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:38 on 15/01/2014 (Thomas)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST bricht aufgrund einer Fehlermeldung wärend des scans ab und gibt mir daher die Addition.txt nicht aus.

Hier die FRST.txt

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 01
Ran by Thomas (administrator) on TRAT00020 on 15-01-2014 14:44:10
Running from C:\Downloads\Sylenth
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DameWare Development LLC) C:\WINDOWS\system32\DWRCS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(DameWare Development) C:\WINDOWS\system32\DWRCST.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CcmExec.exe
(Ableton) C:\New Folder\Live 9 Suite\Program\Ableton Live 9 Suite.exe
() C:\New Folder\Live 9 Suite\Resources\Extensions\Index\Ableton Index.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Runonce: [daemontoolsultra] - [x]
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3192056 2013-11-14] (Disc Soft Ltd)
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk.disabled
ShortcutTarget: WDDMStatus.lnk.disabled -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google Default
FF Homepage: hxxp://www.googe.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GMX MailCheck - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\toolbar@gmx.net.xpi [2013-04-30]
FF Extension: Adblock Plus - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-08]

Chrome: 
=======
CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Magic Actions for YouTube\u2122) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.1_0 [2014-01-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-09-20]
CHR Extension: (Google Drive) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-09-20]
CHR Extension: (YouTube) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-09-20]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2014-01-11]
CHR Extension: (Google Search) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-09-20]
CHR Extension: (AdBlock Premium) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\2.6.4.3_0 [2013-10-26]
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-20]
CHR Extension: (Click&Clean App) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0 [2014-01-11]
CHR Extension: (Gmail) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-09-20]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-01-08]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 CcmExec; C:\WINDOWS\system32\CCM\CcmExec.exe [590712 2007-04-13] (Microsoft Corporation)
S3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [723192 2013-11-14] (Disc Soft Ltd)
R2 DWMRCS; C:\Windows\SYSTEM32\DWRCS.EXE [199168 2006-05-31] (DameWare Development LLC)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-10] (Oracle Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
S3 Pml Driver; C:\WINDOWS\system32\HPHipm09.exe [77824 2003-01-30] (HP)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC)
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)

==================== Drivers (Whitelisted) ====================

R1 Aavmker4; C:\Windows\System32\Drivers\Aavmker4.sys [30808 2011-11-28] (AVAST Software)
R0 abp480n5; C:\Windows\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
R2 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [111320 2011-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
R3 DFE528TX; C:\Windows\System32\DRIVERS\DLKRTL.SYS [45568 2002-06-24] (D-Link Corporation               )
S3 Dot4 HPH09; C:\Windows\System32\DRIVERS\hphid409.sys [50800 2003-01-30] (HP)
S3 Dot4Print HPH09; C:\Windows\System32\DRIVERS\hphipr09.sys [16112 2003-01-30] (HP)
S3 Dot4Storage HPH09; C:\Windows\System32\Drivers\hphs2k09.sys [50211 2003-01-30] (Hewlett-Packard)
S3 Dot4Usb HPH09; C:\Windows\System32\drivers\hphius09.sys [18864 2003-01-30] (HP)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-01-13] (Disc Soft Ltd)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-12] (Malwarebytes Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2002-08-28] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2002-08-28] (Microsoft Corporation)
R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 prepdrvr; C:\WINDOWS\system32\CCM\prepdrv.sys [23416 2007-04-13] (Microsoft Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
U3 catchme; \??\C:\DOCUME~1\Thomas\LOCALS~1\Temp\catchme.sys [x]
S3 idisw2km; system32\DRIVERS\idisw2km.sys [x]
S3 kbstuff; system32\DRIVERS\kbstuff5.sys [x]
U1 RCHelp; 
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 mbr; \??\C:\ComboFix\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 14:39 - 2014-01-15 14:39 - 00000000 ____D C:\FRST
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:42 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00024704 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2014-01-13 22:42 - 2014-01-13 22:42 - 00001652 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Ultra.lnk
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Ultra
2014-01-13 22:40 - 2014-01-13 22:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-13 23:53 - 00025838 _____ C:\WINDOWS\setupapi.log
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-01-13 21:10 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-01-13 21:10 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-01-13 21:09 - 2014-01-13 21:10 - 00000000 ____D C:\Program Files\Dolphin x86
2014-01-13 21:09 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dolphin x86
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 23:22 - 2014-01-12 23:22 - 00015831 _____ C:\ComboFix.txt
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2013-12-12 21:09 - 00000211 _____ C:\Boot.bak
2014-01-12 22:57 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2014-01-12 22:55 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2014-01-12 22:55 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2014-01-12 22:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2014-01-12 22:53 - 2014-01-12 23:22 - 00000000 ____D C:\Qoobox
2014-01-12 22:52 - 2014-01-12 23:15 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:23 - 2014-01-12 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 20:02 - 2014-01-12 22:13 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 16:43 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 16:40 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-12 00:04 - 2014-01-11 22:54 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:54 - 2002-08-28 00:00 - 00000734 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140111-225421.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-12 22:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-12 09:45 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:11 - 2014-01-12 22:39 - 00000000 ____D C:\AdwCleaner
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:03 - 2014-01-10 17:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:03 - 2014-01-10 17:02 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2009-10-24 21:15 - 01332224 _____ (AD © 2009) C:\WINDOWS\system32\SYNSOEMU.DLL
2014-01-08 12:15 - 2014-01-09 12:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:13 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:00 - 2014-01-05 01:40 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:00 - 2014-01-05 01:03 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 17:39 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk

==================== One Month Modified Files and Folders =======

2014-01-15 14:39 - 2014-01-15 14:39 - 00000000 ____D C:\FRST
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-15 14:38 - 2011-09-22 15:30 - 00000000 ____D C:\Documents and Settings\Thomas
2014-01-15 14:20 - 2013-09-20 19:03 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 14:16 - 2007-02-18 20:34 - 02023868 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-15 14:01 - 2013-09-23 17:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-15 10:26 - 2007-02-18 20:47 - 00000466 _____ C:\WINDOWS\SMSCFG.ini
2014-01-14 23:01 - 2007-02-18 20:37 - 00032368 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-14 18:20 - 2013-09-20 19:03 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 06:25 - 2007-02-18 20:37 - 00000000 __SHD C:\Documents and Settings\NetworkService
2014-01-14 05:19 - 2007-02-18 20:41 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-13 23:53 - 2014-01-13 21:10 - 00025838 _____ C:\WINDOWS\setupapi.log
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:25 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:56 - 2007-02-18 21:31 - 00589468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:45 - 2012-01-08 15:45 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-13 22:42 - 2014-01-13 22:42 - 00024704 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2014-01-13 22:42 - 2014-01-13 22:42 - 00001652 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Ultra.lnk
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Ultra
2014-01-13 22:41 - 2014-01-13 22:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2014-01-13 21:09 - 00000000 ____D C:\Program Files\Dolphin x86
2014-01-13 21:10 - 2014-01-13 21:09 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dolphin x86
2014-01-13 21:10 - 2007-02-18 20:34 - 00000000 ____D C:\WINDOWS\system32\DirectX
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 23:22 - 2014-01-12 23:22 - 00015831 _____ C:\ComboFix.txt
2014-01-12 23:22 - 2014-01-12 22:53 - 00000000 ____D C:\Qoobox
2014-01-12 23:22 - 2007-02-18 20:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-12 23:15 - 2014-01-12 22:52 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 23:14 - 2007-02-19 04:28 - 00000246 _____ C:\WINDOWS\system.ini
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2007-02-19 04:28 - 00000327 __RSH C:\boot.ini
2014-01-12 22:49 - 2012-01-08 18:00 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-12 22:49 - 2012-01-08 15:46 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:47 - 2012-01-08 15:46 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 22:42 - 2007-02-19 04:28 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-12 22:41 - 2007-02-18 21:33 - 00000159 ____N C:\WINDOWS\wiadebug.log
2014-01-12 22:41 - 2007-02-18 21:33 - 00000050 ____N C:\WINDOWS\wiaservc.log
2014-01-12 22:39 - 2014-01-11 22:11 - 00000000 ____D C:\AdwCleaner
2014-01-12 22:39 - 2011-09-22 15:30 - 00000178 ___SH C:\Documents and Settings\Thomas\ntuser.ini
2014-01-12 22:32 - 2014-01-12 22:23 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 22:30 - 2013-06-27 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-01-12 22:26 - 2007-05-07 10:54 - 00002501 _____ C:\WINDOWS\system32\LexFiles.ulf
2014-01-12 22:22 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-12 22:13 - 2014-01-12 20:02 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 21:02 - 2007-05-01 19:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 17:12 - 2014-01-12 16:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 17:12 - 2014-01-12 16:40 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 09:45 - 2014-01-11 22:28 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-12 01:12 - 2013-09-20 19:32 - 00000000 ____D C:\Program Files\JDownloader
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-11 22:54 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:06 - 2013-11-15 19:42 - 00000000 ____D C:\Program Files\Sony
2014-01-11 20:58 - 2012-02-29 19:23 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\dvdcss
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:05 - 2013-09-20 19:33 - 00001658 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001602 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001581 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:02 - 2014-01-10 17:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:02 - 2014-01-10 17:03 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2014-01-08 12:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 15:13 - 2013-06-29 18:16 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-08 01:23 - 2013-09-20 19:04 - 00001805 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 14:44 - 2008-04-28 14:21 - 00000000 ____D C:\New Folder
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:40 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:03 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 17:39 - 2014-01-04 00:01 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk
2013-12-18 15:47 - 2007-02-18 20:34 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2013-12-18 15:22 - 2013-03-13 10:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
das adwcleaner log

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.016 - Report created 11/01/2014 at 22:11:34
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Thomas - TRAT00020
# Running from : C:\Downloads\Sylenth\adwcleaner_3.016.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\user.js
File Found : C:\Documents and Settings\Thomas\Desktop\MySearchDial.url
File Found : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Found : C:\Documents and Settings\Thomas\Local Settings\Application Data\mysearchdial-speeddial.crx
Folder Found : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Found : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Folder Found C:\Documents and Settings\Thomas\Application Data\Mysearchdial
Folder Found C:\Documents and Settings\Thomas\My Documents\optimizer pro
Folder Found C:\Program Files\optimizer pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=

-\\ Mozilla Firefox v26.0 (de)

[ File : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\prefs.js ]

Line Found : user_pref("extensions.mysearchdial.aflt", "irmsd0101");
Line Found : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Found : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B");
Line Found : user_pref("extensions.mysearchdial.cr", "1652150050");
Line Found : user_pref("extensions.mysearchdial.dfltLng", "");
Line Found : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Found : user_pref("extensions.mysearchdial.dnsErr", true);
Line Found : user_pref("extensions.mysearchdial.excTlbr", false);
Line Found : user_pref("extensions.mysearchdial.hmpg", true);
Line Found : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutD[...]
Line Found : user_pref("extensions.mysearchdial.id", "002191F42B045B30");
Line Found : user_pref("extensions.mysearchdial.instlDay", "16080");
Line Found : user_pref("extensions.mysearchdial.instlRef", "");
Line Found : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu[...]
Line Found : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Found : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Found : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1C[...]
Line Found : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Line Found : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Line Found : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Found : user_pref("extensions.mysearchdial_i.newTab", false);
Line Found : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Found : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.017:1:25");

-\\ Google Chrome v32.0.1700.72

[ File : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : icon_url
Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [5920 octets] - [11/01/2014 22:11:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5980 octets] ##########
--- --- ---


GMER gibt die Meldung "WARNING!!! GMER has found system modification caused by ROOTKIT activity." aus.

die GMER.txt ist leider irre groß

ich danke euch noch im voraus für eure schnelle hilfe
und hoffe das ich nicht zuviel oder zu wenig gepostet hab

lg trancemoisis
Geändert von trancemoisis (15.01.2014 um 21:11 Uhr)

 

Themen zu windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme
adblock, adobe, antivirus, appdatalow, avast, blockiert, browser, combofix, desktop, explorer, fehlermeldung, firefox, flash player, google, homepage, http://searchresultsguide.com, mozilla, newtab, optimizer pro, preferences, problem, programm, realtek, registry, rootkit, safer networking, software, system, temp, thomas, usb, windows, windows xp, wärend


« Windows 7: Virenschutz lässt sich nicht starten 91af09.msi gefunden | Windows7: NationZoom.com öffnet sich beim Öffnen eines Browsers »


Ähnliche Themen: windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme


  1. Mehrere Probleme, Thunderbird-Couldn't load XPCOM, Windows Updates Fehler Code 80070490, Avira läßt sich nicht mehr starten
    Log-Analyse und Auswertung - 30.11.2014 (23)
  2. Windows7: Adware bspw. VOPackage hat sich auf System eingeschlichen
    Log-Analyse und Auswertung - 12.10.2014 (12)
  3. Mehrere Probleme mit Windows 8.1
    Plagegeister aller Art und deren Bekämpfung - 19.07.2014 (34)
  4. Mehrere Probleme unter Windows XP
    Plagegeister aller Art und deren Bekämpfung - 10.04.2014 (52)
  5. Probleme beim Löschen von Optimizer Pro
    Log-Analyse und Auswertung - 13.03.2014 (3)
  6. Windows 7, mehrere Probleme
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (13)
  7. JDownloader installiert sich nicht - hinterläßt aber Plagegeistert
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (20)
  8. Malware My Disk ,Memory Optimizer,HDD Optimizer auf welchem Weg ins System?
    Plagegeister aller Art und deren Bekämpfung - 25.01.2011 (12)
  9. Mehrere Probleme mit Windows xp home
    Alles rund um Windows - 22.02.2010 (4)
  10. Malware Defense hat sich bei mir eingeschlichen!Bitte helft mir!
    Plagegeister aller Art und deren Bekämpfung - 23.01.2010 (15)
  11. Bösartiger Trojaner hat sich eingeschlichen
    Plagegeister aller Art und deren Bekämpfung - 18.09.2008 (1)
  12. mehrere Sachen bei Windows machen Probleme; deswegen um Analyse gebeten
    Log-Analyse und Auswertung - 30.12.2007 (2)
  13. Hat sich bei mir etwas eingeschlichen?
    Mülltonne - 13.12.2007 (0)
  14. Komischer Benutzername hat sich eingeschlichen.
    Plagegeister aller Art und deren Bekämpfung - 29.08.2006 (3)
  15. Bitte mal schauen. Da hat sich was eingeschlichen..
    Log-Analyse und Auswertung - 28.09.2005 (4)
  16. log Hof das nichts sich eingeschlichen hat
    Log-Analyse und Auswertung - 13.01.2005 (5)
  17. Habe mehrere kleine Probleme...
    Alles rund um Windows - 29.11.2004 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme - mit der insallation von jdownloader hat sich das Programm optimizer pro eingeschlichen nun gibt es immer mehr probleme und ich werde sie nicht los. Den optimizer pro hab ich gleich - windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme...
Archiv
Du betrachtest: windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131