Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
mailware im firefox

mailware im firefox


Plagegeister aller Art und deren Bekämpfung: mailware im firefox

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.02.2014, 01:50   #1
veritas23
 
mailware im firefox - Standard

mailware im firefox


Hallo Forum,

Ich habe folgendes Problem:

Vor ein paar tagen hat das Übel angefangen wie ich ein Video anschauen wollte und ein Fenster aufgegangen ist das mein "player" nicht mehr aktuell sei und ich ihn updaten sollte.
Leider hab ich das auch gemacht und jetz hab ich den Salat. ^^
Jetz öffnen sich immer wieder mal so Fenster mit irgend welchen Werbung usw.
Hätte es auch schon mal mit deinstallieren und wieder installieren versucht hat aber leider nichts gebracht.

hab die Logfiles von Emsisoft Anti Malware und von FRST mal hier reingkopiert. Ich hoffe das passt so.

schon mal vorab danke.

Gruss lui


Code:
ATTFilter
Emsisoft Anti-Malware - Version 8.1
Letztes Update: 04.02.2014 00:00:48
Benutzerkonto: lui-PC\lui

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, F:\, K:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	04.02.2014 00:03:59
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} 	gefunden: Trace.Registry.Application.Win32.WebApp (A)
Key: HKEY_USERS\S-1-5-21-2028207060-3415787862-1104950757-1000\SOFTWARE\SMARTBAR 	gefunden: Trace.Registry.Application.Win32.WTool (A)
C:\Users\lui\AppData\Local\Temp\26b0e51f-fe76-4cf8-8e92-b4c573f8b24a\software\tugs_awesomehp.exe 	gefunden: Application.Win32.InstallAd (A)
C:\Users\lui\AppData\Local\Temp\{1AA329E0-021F-4A6C-86E6-283F81046000}\setup.exe 	gefunden: Application.Win32.OptAd (A)
C:\Users\lui\AppData\Local\Temp\{2B4854EC-FEF9-496F-8ED6-0D5EBDB99BCF}\setup.exe 	gefunden: Application.Win32.OptAd (A)
C:\Users\lui\Downloads\Setup.exe 	gefunden: Gen:Variant.Adware.Graftor.128175 (B)

Gescannt	455281
Gefunden	6

Scan Ende:	04.02.2014 01:17:35
Scan Zeit:	1:13:36

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by lui (administrator) on LUI-PC on 04-02-2014 01:25:37
Running from C:\Users\lui\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(AddGadgets) C:\Users\lui\Desktop\PCMeterV4\PCMeterV0.4.exe
() C:\Windows\DAODx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Fortunitas\updateFortunitas.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(PokerStrategy.com) C:\Users\lui\AppData\Local\Apps\2.0\DZWDE8ZV.QYD\BAJ15QXQ.2T1\poke...app_e892221e2968472d_0002.0000_7fd48b227ddcb1fb\PSC.SideKick.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\Fortunitas\bin\utilFortunitas.exe
(Nullsoft, Inc.) F:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2wizard.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
HKU\S-1-5-21-2028207060-3415787862-1104950757-1000\...\Run: [PokerStrategy.com SideKick] - "C:\Users\lui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
HKU\S-1-5-21-2028207060-3415787862-1104950757-1000\...\MountPoints2: {8cd414d9-49ee-11e3-aa3b-ac220bdcfd07} - J:\SETUP.EXE

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=DE&userid=71e21573-0bbf-e653-5b3f-f5b21b809808&searchtype=ds&q={searchTerms}&installDate=27/01/2014
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3324329&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA3756303-B1D0-466E-A16A-B54F3B16AED5&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB8A90CF26297CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=DE&userid=71e21573-0bbf-e653-5b3f-f5b21b809808&searchtype=ds&q={searchTerms}&installDate=27/01/2014
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390775334&from=tugs&uid=ST2000DM001-1CH164_Z1E5RN3DXXXXZ1E5RN3D&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=DE&userid=71e21573-0bbf-e653-5b3f-f5b21b809808&searchtype=ds&q={searchTerms}&installDate=27/01/2014
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=DE&userid=71e21573-0bbf-e653-5b3f-f5b21b809808&searchtype=ds&q={searchTerms}&installDate=27/01/2014
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll (Feven)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ValueApps - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho.dll (Feven)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\lui\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: ValueApps - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files (x86)\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Fortunitas - {c6f3fc7b-d607-44ec-9caf-2a41d547137f} - C:\Program Files (x86)\Fortunitas\Fortunitasbho.dll (Fortunitas)
BHO-x32: No Name - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\lui\AppData\Roaming\Mozilla\Firefox\Profiles\xs5vor85.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - f:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - f:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Feven 2.5 - C:\Users\lui\AppData\Roaming\Mozilla\Firefox\Profiles\xs5vor85.default\Extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [2014-02-03]
FF StartMenuInternet: FIREFOX.EXE - f:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-07] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-18] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-30] (TuneUp Software)
R2 Update Fortunitas; C:\Program Files (x86)\Fortunitas\updateFortunitas.exe [103200 2014-01-31] ()
R2 Util Fortunitas; C:\Program Files (x86)\Fortunitas\bin\utilFortunitas.exe [103200 2014-01-30] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-26] (Cherished Technololgy LIMITED)
R2 postgresql-8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [x]

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138152 2013-11-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138152 2013-11-26] (SlySoft, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0; \??\C:\Users\lui\AppData\Local\Temp\tmpA35F.tmp [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-04 01:25 - 2014-02-04 01:25 - 00016839 _____ () C:\Users\lui\Downloads\FRST.txt
2014-02-04 01:25 - 2014-02-04 01:25 - 00000000 ____D () C:\Users\lui\Downloads\FRST-OlderVersion
2014-02-03 23:54 - 2014-02-04 01:17 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-03 23:54 - 2014-02-03 23:54 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-03 23:54 - 2014-02-03 23:54 - 00000000 ____D () C:\Users\lui\Documents\Anti-Malware
2014-02-03 23:48 - 2014-02-03 23:54 - 218807208 _____ (Emsisoft GmbH ) C:\Users\lui\Downloads\EmsisoftAntiMalwareSetup_8.1.0.33.exe
2014-02-02 19:34 - 2014-02-02 19:34 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Mozilla
2014-02-02 19:34 - 2014-01-16 21:45 - 00000500 _____ () C:\Users\lui\Documents\indexfile.txt
2014-02-02 19:31 - 2014-02-02 19:31 - 00000819 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-02 19:31 - 2014-02-02 19:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-29 22:51 - 2014-01-29 22:51 - 02037192 _____ () C:\Users\lui\Downloads\geek121.zip
2014-01-29 22:51 - 2014-01-29 22:51 - 02037192 _____ () C:\Users\lui\Downloads\geek121 (2).zip
2014-01-29 22:51 - 2014-01-29 22:51 - 02037192 _____ () C:\Users\lui\Downloads\geek121 (1).zip
2014-01-28 18:07 - 2014-01-28 18:07 - 00062634 _____ () C:\EamClean.log
2014-01-28 00:56 - 2014-01-28 00:56 - 00132384 _____ () C:\Users\lui\Downloads\Addition.txt
2014-01-28 00:15 - 2014-02-04 01:25 - 00000000 ____D () C:\FRST
2014-01-28 00:14 - 2014-02-04 01:25 - 02080256 _____ (Farbar) C:\Users\lui\Downloads\FRST64.exe
2014-01-28 00:04 - 2014-01-28 00:04 - 00000546 _____ () C:\Users\lui\Desktop\Emsisoft Emergency Kit.lnk
2014-01-28 00:04 - 2014-01-28 00:04 - 00000000 ____D () C:\EEK
2014-01-27 23:59 - 2014-01-27 23:59 - 00003364 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-01-27 23:56 - 2014-01-28 00:02 - 189820904 _____ () C:\Users\lui\Downloads\EmsisoftEmergencyKit_4.0.0.13.exe
2014-01-27 23:00 - 2014-02-03 23:54 - 09468104 _____ () C:\blitzerr.txt
2014-01-27 15:44 - 2014-02-04 00:40 - 00000348 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-01-27 15:44 - 2014-01-30 20:22 - 00000000 ____D () C:\Users\lui\AppData\Roaming\newnext.me
2014-01-27 15:44 - 2014-01-28 01:32 - 00000000 ____D () C:\Users\lui\AppData\Local\genienext
2014-01-27 15:44 - 2014-01-27 21:03 - 00000000 ____D () C:\Users\lui\AppData\Local\Mobogenie
2014-01-27 15:44 - 2014-01-27 16:07 - 00000000 ____D () C:\Users\lui\AppData\Local\cache
2014-01-27 15:44 - 2014-01-27 15:44 - 00000000 ____D () C:\Users\lui\.android
2014-01-27 15:44 - 2014-01-27 15:44 - 00000000 _____ () C:\Users\lui\daemonprocess.txt
2014-01-27 15:43 - 2014-01-27 21:03 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-27 15:40 - 2014-02-04 00:45 - 00000926 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-01-27 15:40 - 2014-02-03 15:45 - 00000922 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-01-27 15:40 - 2014-01-27 15:40 - 00003922 _____ () C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2014-01-27 15:40 - 2014-01-27 15:40 - 00003670 _____ () C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Roaming\SaveSense
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Local\SaveSenseLive
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Local\SaveSense
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\ProgramData\SaveSenseLive
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Program Files (x86)\SaveSenseLive
2014-01-27 15:29 - 2014-01-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Fortunitas
2014-01-27 00:48 - 2014-01-27 00:48 - 00000000 ____D () C:\Users\lui\AppData\Roaming\dvdcss
2014-01-27 00:29 - 2014-01-27 00:29 - 00000000 ____D () C:\Users\lui\AppData\Roaming\XBMC
2014-01-27 00:25 - 2014-01-27 00:25 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-01-27 00:23 - 2014-01-27 00:23 - 00000000 ____D () C:\Program Files\Conduit
2014-01-27 00:23 - 2014-01-27 00:23 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-01-27 00:22 - 2014-01-27 00:22 - 00330912 _____ () C:\Users\lui\Downloads\Setup.exe
2014-01-27 00:20 - 2014-01-27 00:22 - 59604731 _____ () C:\Users\lui\Downloads\xbmc-12.3.exe
2014-01-27 00:14 - 2014-01-27 00:14 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-01-27 00:13 - 2014-01-27 00:13 - 04986624 _____ (Canneverbe Limited ) C:\Users\lui\Downloads\cdbxp_setup_4.5.2.4478_minimal.exe
2014-01-27 00:13 - 2014-01-27 00:13 - 00000873 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-27 00:13 - 2014-01-27 00:13 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Canneverbe Limited
2014-01-27 00:08 - 2014-01-31 18:46 - 00000040 ___SH () C:\ProgramData\.zreglib
2014-01-27 00:06 - 2014-01-27 00:06 - 00000805 _____ () C:\Users\Public\Desktop\AnyDVD.lnk
2014-01-27 00:05 - 2014-01-27 00:05 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Opera Software
2014-01-27 00:05 - 2014-01-27 00:05 - 00000000 ____D () C:\Users\lui\AppData\Local\Opera Software
2014-01-27 00:05 - 2014-01-27 00:05 - 00000000 ____D () C:\ProgramData\SlySoft
2014-01-27 00:04 - 2014-01-29 22:50 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-01-27 00:04 - 2014-01-27 00:04 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-01-26 23:55 - 2014-01-26 23:56 - 00000000 ____D () C:\Users\lui\Desktop\anydvd
2014-01-26 23:29 - 2014-02-03 23:34 - 00002218 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-01-26 23:29 - 2014-02-03 23:29 - 00001498 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-01-26 23:29 - 2014-02-03 23:29 - 00001448 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-01-26 23:29 - 2014-02-03 23:29 - 00001326 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-01-26 23:29 - 2014-01-26 23:29 - 00004528 _____ () C:\Windows\System32\Tasks\Feven 2.5-updater
2014-01-26 23:29 - 2014-01-26 23:29 - 00004478 _____ () C:\Windows\System32\Tasks\Feven 2.5-codedownloader
2014-01-26 23:29 - 2014-01-26 23:29 - 00004356 _____ () C:\Windows\System32\Tasks\Feven 2.5-enabler
2014-01-26 23:29 - 2014-01-26 23:29 - 00000000 ____D () C:\ProgramData\WPM
2014-01-26 23:28 - 2014-02-03 23:28 - 00002270 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-01-26 23:28 - 2014-01-26 23:29 - 00000000 ____D () C:\Program Files (x86)\Feven 2.5
2014-01-18 20:25 - 2014-01-18 20:25 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

==================== One Month Modified Files and Folders =======

2014-02-04 01:25 - 2014-02-04 01:25 - 00016839 _____ () C:\Users\lui\Downloads\FRST.txt
2014-02-04 01:25 - 2014-02-04 01:25 - 00000000 ____D () C:\Users\lui\Downloads\FRST-OlderVersion
2014-02-04 01:25 - 2014-01-28 00:15 - 00000000 ____D () C:\FRST
2014-02-04 01:25 - 2014-01-28 00:14 - 02080256 _____ (Farbar) C:\Users\lui\Downloads\FRST64.exe
2014-02-04 01:17 - 2014-02-03 23:54 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-04 01:16 - 2013-11-09 14:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 00:57 - 2013-11-10 14:57 - 00000280 _____ () C:\Windows\Tasks\FoxTab.job
2014-02-04 00:45 - 2014-01-27 15:40 - 00000926 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-02-04 00:40 - 2014-01-27 15:44 - 00000348 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-04 00:36 - 2013-11-10 11:30 - 00000000 ____D () C:\Users\lui\AppData\Local\Deployment
2014-02-03 23:54 - 2014-02-03 23:54 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-03 23:54 - 2014-02-03 23:54 - 00000000 ____D () C:\Users\lui\Documents\Anti-Malware
2014-02-03 23:54 - 2014-02-03 23:48 - 218807208 _____ (Emsisoft GmbH ) C:\Users\lui\Downloads\EmsisoftAntiMalwareSetup_8.1.0.33.exe
2014-02-03 23:54 - 2014-01-27 23:00 - 09468104 _____ () C:\blitzerr.txt
2014-02-03 23:54 - 2013-11-10 14:42 - 00000000 ____D () C:\Users\lui\AppData\Roaming\HoldemManager
2014-02-03 23:34 - 2014-01-26 23:29 - 00002218 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-02-03 23:33 - 2013-11-10 11:28 - 00000000 ____D () C:\Users\lui\AppData\Local\PokerStars.EU
2014-02-03 23:29 - 2014-01-26 23:29 - 00001498 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-02-03 23:29 - 2014-01-26 23:29 - 00001448 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-02-03 23:29 - 2014-01-26 23:29 - 00001326 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-02-03 23:28 - 2014-01-26 23:28 - 00002270 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-02-03 22:32 - 2009-07-14 05:51 - 00051432 _____ () C:\Windows\setupact.log
2014-02-03 15:45 - 2014-01-27 15:40 - 00000922 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-02-03 15:16 - 2013-08-12 12:14 - 00446236 _____ () C:\Windows\WindowsUpdate.log
2014-02-03 14:42 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-03 14:42 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-03 14:36 - 2013-12-01 20:03 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-02-03 14:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-03 14:34 - 2010-11-21 04:47 - 01000450 _____ () C:\Windows\PFRO.log
2014-02-02 19:34 - 2014-02-02 19:34 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Mozilla
2014-02-02 19:31 - 2014-02-02 19:31 - 00000819 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-02 19:31 - 2014-02-02 19:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-02 15:14 - 2013-11-09 14:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-31 20:20 - 2013-11-10 11:12 - 00000000 ____D () C:\Users\lui\AppData\Local\Equilab
2014-01-31 19:19 - 2014-01-27 15:29 - 00000000 ____D () C:\Program Files (x86)\Fortunitas
2014-01-31 18:46 - 2014-01-27 00:08 - 00000040 ___SH () C:\ProgramData\.zreglib
2014-01-30 20:22 - 2014-01-27 15:44 - 00000000 ____D () C:\Users\lui\AppData\Roaming\newnext.me
2014-01-30 00:03 - 2013-11-10 11:15 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Skype
2014-01-29 22:57 - 2013-12-19 14:57 - 00000139 _____ () C:\Users\lui\AppData\Roaming\WB.CFG
2014-01-29 22:57 - 2013-11-09 13:55 - 00000000 ____D () C:\Users\lui\AppData\Local\Mozilla
2014-01-29 22:55 - 2013-11-10 12:16 - 00000000 ____D () C:\Program Files (x86)\PremierOpinion
2014-01-29 22:51 - 2014-01-29 22:51 - 02037192 _____ () C:\Users\lui\Downloads\geek121.zip
2014-01-29 22:51 - 2014-01-29 22:51 - 02037192 _____ () C:\Users\lui\Downloads\geek121 (2).zip
2014-01-29 22:51 - 2014-01-29 22:51 - 02037192 _____ () C:\Users\lui\Downloads\geek121 (1).zip
2014-01-29 22:50 - 2014-01-27 00:04 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-01-28 23:20 - 2013-11-09 14:14 - 00000000 ____D () C:\Users\lui\AppData\Roaming\vlc
2014-01-28 20:26 - 2011-04-12 08:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-01-28 20:26 - 2011-04-12 08:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-01-28 20:26 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-28 18:07 - 2014-01-28 18:07 - 00062634 _____ () C:\EamClean.log
2014-01-28 01:32 - 2014-01-27 15:44 - 00000000 ____D () C:\Users\lui\AppData\Local\genienext
2014-01-28 00:56 - 2014-01-28 00:56 - 00132384 _____ () C:\Users\lui\Downloads\Addition.txt
2014-01-28 00:04 - 2014-01-28 00:04 - 00000546 _____ () C:\Users\lui\Desktop\Emsisoft Emergency Kit.lnk
2014-01-28 00:04 - 2014-01-28 00:04 - 00000000 ____D () C:\EEK
2014-01-28 00:02 - 2014-01-27 23:56 - 189820904 _____ () C:\Users\lui\Downloads\EmsisoftEmergencyKit_4.0.0.13.exe
2014-01-27 23:59 - 2014-01-27 23:59 - 00003364 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-01-27 21:41 - 2013-11-10 12:37 - 00000000 ____D () C:\Windows\AutoKMS
2014-01-27 21:03 - 2014-01-27 15:44 - 00000000 ____D () C:\Users\lui\AppData\Local\Mobogenie
2014-01-27 21:03 - 2014-01-27 15:43 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-27 21:01 - 2013-11-10 14:53 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-01-27 16:07 - 2014-01-27 15:44 - 00000000 ____D () C:\Users\lui\AppData\Local\cache
2014-01-27 15:44 - 2014-01-27 15:44 - 00000000 ____D () C:\Users\lui\.android
2014-01-27 15:44 - 2014-01-27 15:44 - 00000000 _____ () C:\Users\lui\daemonprocess.txt
2014-01-27 15:44 - 2013-08-12 12:38 - 00000000 ____D () C:\Users\lui
2014-01-27 15:40 - 2014-01-27 15:40 - 00003922 _____ () C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2014-01-27 15:40 - 2014-01-27 15:40 - 00003670 _____ () C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Roaming\SaveSense
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Local\SaveSenseLive
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Users\lui\AppData\Local\SaveSense
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\ProgramData\SaveSenseLive
2014-01-27 15:40 - 2014-01-27 15:40 - 00000000 ____D () C:\Program Files (x86)\SaveSenseLive
2014-01-27 15:30 - 2013-11-10 20:14 - 00000000 ____D () C:\Users\lui\AppData\Local\CrashDumps
2014-01-27 15:28 - 2013-11-10 12:37 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-01-27 00:48 - 2014-01-27 00:48 - 00000000 ____D () C:\Users\lui\AppData\Roaming\dvdcss
2014-01-27 00:29 - 2014-01-27 00:29 - 00000000 ____D () C:\Users\lui\AppData\Roaming\XBMC
2014-01-27 00:25 - 2014-01-27 00:25 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-01-27 00:23 - 2014-01-27 00:23 - 00000000 ____D () C:\Program Files\Conduit
2014-01-27 00:23 - 2014-01-27 00:23 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-01-27 00:22 - 2014-01-27 00:22 - 00330912 _____ () C:\Users\lui\Downloads\Setup.exe
2014-01-27 00:22 - 2014-01-27 00:20 - 59604731 _____ () C:\Users\lui\Downloads\xbmc-12.3.exe
2014-01-27 00:14 - 2014-01-27 00:14 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-01-27 00:13 - 2014-01-27 00:13 - 04986624 _____ (Canneverbe Limited ) C:\Users\lui\Downloads\cdbxp_setup_4.5.2.4478_minimal.exe
2014-01-27 00:13 - 2014-01-27 00:13 - 00000873 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-27 00:13 - 2014-01-27 00:13 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Canneverbe Limited
2014-01-27 00:06 - 2014-01-27 00:06 - 00000805 _____ () C:\Users\Public\Desktop\AnyDVD.lnk
2014-01-27 00:05 - 2014-01-27 00:05 - 00000000 ____D () C:\Users\lui\AppData\Roaming\Opera Software
2014-01-27 00:05 - 2014-01-27 00:05 - 00000000 ____D () C:\Users\lui\AppData\Local\Opera Software
2014-01-27 00:05 - 2014-01-27 00:05 - 00000000 ____D () C:\ProgramData\SlySoft
2014-01-27 00:04 - 2014-01-27 00:04 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-01-27 00:00 - 2013-08-12 14:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-26 23:59 - 2013-08-12 14:41 - 00000000 ____D () C:\Users\lui\AppData\Local\Google
2014-01-26 23:56 - 2014-01-26 23:55 - 00000000 ____D () C:\Users\lui\Desktop\anydvd
2014-01-26 23:53 - 2013-11-10 11:31 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-01-26 23:29 - 2014-01-26 23:29 - 00004528 _____ () C:\Windows\System32\Tasks\Feven 2.5-updater
2014-01-26 23:29 - 2014-01-26 23:29 - 00004478 _____ () C:\Windows\System32\Tasks\Feven 2.5-codedownloader
2014-01-26 23:29 - 2014-01-26 23:29 - 00004356 _____ () C:\Windows\System32\Tasks\Feven 2.5-enabler
2014-01-26 23:29 - 2014-01-26 23:29 - 00000000 ____D () C:\ProgramData\WPM
2014-01-26 23:29 - 2014-01-26 23:28 - 00000000 ____D () C:\Program Files (x86)\Feven 2.5
2014-01-22 22:18 - 2013-11-10 11:38 - 00001906 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-01-19 16:04 - 2013-11-10 14:36 - 00000000 ____D () C:\Users\postgres
2014-01-18 20:25 - 2014-01-18 20:25 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-16 21:45 - 2014-02-02 19:34 - 00000500 _____ () C:\Users\lui\Documents\indexfile.txt
2014-01-16 20:39 - 2013-11-09 14:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-16 20:39 - 2013-11-09 14:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-16 20:39 - 2013-11-09 14:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-12 21:00 - 2013-11-10 20:16 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-08 19:59 - 2013-12-29 18:13 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys

Some content of TEMP:
====================
C:\Users\lui\AppData\Local\Temp\BackupSetup.exe
C:\Users\lui\AppData\Local\Temp\dlLogic.exe
C:\Users\lui\AppData\Local\Temp\DownloadManager.exe
C:\Users\lui\AppData\Local\Temp\EnableExtDll.dll
C:\Users\lui\AppData\Local\Temp\geek_x64.exe
C:\Users\lui\AppData\Local\Temp\nsa8DC8.exe
C:\Users\lui\AppData\Local\Temp\nsl2292.exe
C:\Users\lui\AppData\Local\Temp\nsl82DC.exe
C:\Users\lui\AppData\Local\Temp\nsq1E1E.exe
C:\Users\lui\AppData\Local\Temp\nsw7F24.exe
C:\Users\lui\AppData\Local\Temp\RegClean10.exe
C:\Users\lui\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\lui\AppData\Local\Temp\sonarinst.exe
C:\Users\lui\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\lui\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\lui\AppData\Local\Temp\Updater.exe
C:\Users\lui\AppData\Local\Temp\vlc-2.1.1-win64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-30 20:43

==================== End Of Log ============================

Alt 04.02.2014, 01:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mailware im firefox - Standard

mailware im firefox


Zitat:
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
2014-01-27 21:41 - 2013-11-10 12:37 - 00000000 ____D () C:\Windows\AutoKMS
Windows 7 Ultimate? Gewerblich genutzter Rechner?
Aus welcher Quelle stammt dein MS-Office?
__________________

__________________
Alt 04.02.2014, 14:15   #3
veritas23
 
mailware im firefox - Standard

mailware im firefox


ja versteh schon...
__________________
Geändert von veritas23 (04.02.2014 um 14:21 Uhr)

Alt 04.02.2014, 15:42   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mailware im firefox - Standard

mailware im firefox


Was verstehst du genau? Willst du dami sagen, dass weder Windows noch Office bei dir sauber ist? Beides gecrackt?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.02.2014, 22:59   #5
veritas23
 
mailware im firefox - Standard

mailware im firefox


Zitat:
Zitat von cosinus Beitrag anzeigen
Was verstehst du genau? Willst du dami sagen, dass weder Windows noch Office bei dir sauber ist? Beides gecrackt?
hab mich ein wenig in diesem forum eingelesen und mich dazu entschieden diese windows zu holen
hxxp://www.amazon.de/Windows-Professional-Service-Frustfreie-Verpackung/dp/B00BUL5WLU/ref=sr_1_1?ie=UTF8&qid=1391550731&sr=8-1&keywords=win+7+professional+64+bit

und somit hat sich mein problem eh erledigt da ich den pc eh neu aufsetzen muss... aber trotzdem danke finde die beiträge hier sehr interessant


Alt 04.02.2014, 23:16   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mailware im firefox - Standard

mailware im firefox


Windows 7 Professional ist gut, aber brauchst du das unbedingt als Heimanwender?
__________________
--> mailware im firefox

Alt 04.02.2014, 23:25   #7
veritas23
 
mailware im firefox - Standard

mailware im firefox


Zitat:
Zitat von cosinus Beitrag anzeigen
Windows 7 Professional ist gut, aber brauchst du das unbedingt als Heimanwender?
da home ja kein xp mode hat, wen ich da richtig informiert bin und der doch hin und wieder sehr nützlich ist hab ich mich für Professional entschieden.
da es preislich jetz auch nicht mehr so der grosse sprung ist...

Alt 04.02.2014, 23:40   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
mailware im firefox - Standard

mailware im firefox


Ist deine Entscheidung, aber ich ehrlich gesagt hab auf meiner Arbeitskiste mit Win7 Pro noch nie den XP-Modus gebraucht...
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu mailware im firefox
administrator, adobe, application.win32.installad, application.win32.optad, awesomehp, awesomehp entfernen, browser, einstellungen, emsisoft, explorer, festplatte, flash player, malware, mobogenie, mobogenie entfernen, realtek, services.exe, smartbar, software, svchost.exe, temp, traces, winlogon.exe


« Lollipop Virus doch nicht gelöscht? Weitere Viren... | Win7 64bit Malwarebytes 9 Funde von PUP.Optional.OpenCandy / LinkuryInstaller »


Ähnliche Themen: mailware im firefox


  1. Google Mailware unter Firefox?
    Plagegeister aller Art und deren Bekämpfung - 14.08.2015 (6)
  2. Mailware im Browser ,surfen fast unmöglich
    Log-Analyse und Auswertung - 03.08.2015 (15)
  3. ich akann nix mehr downloaden ich weis ds es sich um eine mailware (maulwurf) handelt
    Log-Analyse und Auswertung - 09.11.2014 (3)
  4. Mozilla meldet Dieser Vorgang wurde aufgrund von Einschränkungen abgebrochen, die für diesen Computer gelten, und ne Menge Mailware gefunden
    Log-Analyse und Auswertung - 22.04.2014 (2)
  5. Win7: Mailware durch falsche Java-update-Seite
    Log-Analyse und Auswertung - 06.04.2014 (7)
  6. ilivid und andere mailware am Laptop und bekomm sie nicht mehr weg.
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (7)
  7. Windows 7: Mailware (BKA) Trojaner
    Log-Analyse und Auswertung - 30.10.2013 (13)
  8. Diverse Mailware (BrowserDefender, Babylon, LoadTubes...)
    Log-Analyse und Auswertung - 05.08.2013 (9)
  9. Mit Emisoft anti- Mailware " IM-Worm.win.Scamota.bm" Ursprung Tatal CM/ Pack/Plugins
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (3)
  10. Rechnung.exe Mailware
    Log-Analyse und Auswertung - 17.05.2012 (2)
  11. Mailware findet immer wieder trojaner
    Log-Analyse und Auswertung - 02.03.2012 (19)
  12. Mailware und Explorerkontrolle
    Plagegeister aller Art und deren Bekämpfung - 11.07.2011 (1)
  13. mailware verdacht(problem)
    Plagegeister aller Art und deren Bekämpfung - 25.03.2011 (4)
  14. sshnas.dll nicht gefunden! Mailware Log...was nun?
    Log-Analyse und Auswertung - 22.10.2010 (11)
  15. Pc schaltet von alleine ab, mehrere Trojaner , Mailware?!
    Plagegeister aller Art und deren Bekämpfung - 28.09.2010 (12)
  16. Mailware oder Trojaner
    Log-Analyse und Auswertung - 19.08.2010 (1)
  17. speicherresidenten Trojaner New Mailware!bot
    Plagegeister aller Art und deren Bekämpfung - 28.08.2005 (23)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema mailware im firefox - Hallo Forum, Ich habe folgendes Problem: Vor ein paar tagen hat das Übel angefangen wie ich ein Video anschauen wollte und ein Fenster aufgegangen ist das mein "player" nicht mehr - mailware im firefox...
Archiv
Du betrachtest: mailware im firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129